How criminals steal your credit card information

The banking industry’s loss due to credit card fraud in SA stood at over R450 million in 2014, according to the South African Banking Risk Information Centre – a 23% increase compared to 2013.

Card fraud once again made headlines in early 2015, when the Payments Association of South Africa reported a sharp rise in bank card fraud at fast food outlets – which was a result of server malware capturing the magnetic stripe data on cards and sending it to a criminal syndicate.

Various forms of credit card fraud take place in South Africa, including card cloning fraud – where a card is copied and the owner’s details captured – and owners unwittingly giving card or banking information to criminals online.

Two methods of executing these attacks are:

• Physical card cloning, done using a skimming device
• Credit card details being captured or garnered online

Here’s what to watch out for, and what to do to keep your credit card safe.

Card skimming

A danger zone for credit card skimming is at a merchant point-of-sale – typically a card machine a waiter or store attendant will bring when it comes time to pay the bill.

Waiters, cashiers, and retail outlet employees are often provided with handheld skimming devices or compromised card machines by card cloning syndicates.

From 2005 to 2014, a total of 1,377 handheld skimming devices were recovered by either the SAPS or bank investigators in SA.

A perpetrator will use the the skimming device to copy your card information and your PIN when you make a payment, capturing what they need to fraudulently use your credit card.

Merchant Point Card Skimming

Tips for keeping your credit card safe

• Never let your credit card out of your sight when making payments.
• If possible, insert the card into the point-of-sale device yourself.
• If you cannot insert your chip card with your thumb pointed at the device and have your thumb remain fully on your card, tell the operator you believe the terminal has been tampered with. Do not enter your PIN and remove your card.

Online credit card risks

Using your credit card online – for example, when banking or shopping online – can also pose a danger.

Kaspersky Lab states that online banking and shopping sites can be infected by fraudsters, and that around 5,000 compromised websites are detected daily.

Besides compromised websites, phishing emails with malicious links are also a threat to your credit card’s security, while certain computer viruses and malware are able to track your online activity and capture sensitive card information.

Public Wi-Fi hotspots – like the free Wi-Fi connection at a restaurant – are also a danger, as fraudsters with access to the connection could redirect you to a malicious website.

Credit card details stolen

Tips for keeping your card information safe online

• Do not send emails that contain personal information, such as your card number and expiry date, and never click on a link in an email that asks you to confirm or update credit card details – even if it appears to be from your bank.
• Protect your computer by installing, and updating, antivirus software.
• Install a spam blocker on your PC. This will help block phishing emails.
• When shopping online, only place orders with your card on a secure website. Look for sites whose web address begins with “https:”

More security news

Watch out for this DStv email scam

Hacker Batman may be out there, watching over your ADSL router