So how does someone commit credit card fraud without the actual card? Someone stole my husbands number and made several fraudulent charges brick and mortar type stores -not online.
My husband still has his card -so how did it happen? Does anyone know?
My husband has had his card number stolen before and they have used it at gas stations and such. I think they just encode a card with the information.
We have our card stolen every few months. Our bank catches it every single time and shuts the account down. The last time this happened was last week, before that about 2 months ago, before that about 5 months, etc.
Somehow the thief gets the number and creates a false card. Don’t know how they get it, perhaps from using the card online or at a restaurant. Really not sure. Anyone with some skills and the right machinery can forge a card.Our bank, when they notice that the card is doing odd things they decline and then text or call us. Last week the bank stopped the transaction when the card was used simultaneously in 3 different cities in different parts of CA! Each time the user attempted to charge an even $25. Once the bank stopped the transaction when someone tried to purchase $5000 worth of Apple products in an Apple store. Once, someone attempted to make purchases in Maine while we were in CA. The list goes on.
I asked the person at the bank last week about how the number got out. She said it could be just about anyway, online purchases, restaurant visits, who knows! This is an ongoing problem and it is getting worse. Make sure your card has a good fraud alert system and that the company is willing to remove all charges that you don’t make.
Thanks
I tried to google it and I just got fraud protection services.
I didn’t know they could do that
This is one reason cards are migrating from the magnetic strip on the back to the chip.
I see -thanks.
You probably won’t find out where the card information was stolen from. It could be from a merchant or a bank.
Thanks -sigh.
Same thing happened to us . . . someone spent almost $400 at a 7-Eleven. Like, what all could you buy at 7-Eleven that would total up to $400? They make fake cards.
We got a chip card.
The CC company did take off the charges and they called and sent a text. The thieves tried to buy 450 dollars worth of groceries at one time. I wonder if they had kept using the card for small purchases if would have worked for them.
You’ll never know where they got it from. But surely you know that it’s the numbers on the card, not the actual card, that matter. The actual physical card is of little relevance, especially if you are phoning in something or ordering something off a website.
What could you buy at 7 - 11 that would total $400? You could fill up an SUV with gas and that might cost you close to $100. You could also buy cigarettes - that would add up pretty quickly.
Maybe Lottery tickets?
I was confused because they weren’t phoning it in it was all in-store purchases - but now I understand how they did it. I didn’t know it was so easy to make a fake card.
This is why they are going to the security chip, it uses a very different mechanism and will be a lot harder to hack and forge (though I am sure someone eventually will). someday they will probably use biometric identification in store scanners, though I don’t know what they will do online, how that would work…actually, the current merchant code if stores actually checked that would help, most of the time the scammers who get the credit card numbers don’t have the merchant code, so it would be a lot harder for them to buy anything, if they scanned the card and it worked, but the merchant code had to be entered then as a check, likely it would fail. The other way is to have a challenge code sent to a mobile phone on file, unless the scammers can change the main account, that would work (known as 2 factor authentication). Most scammers steal the card number/account information and create a fake card, but they likely don’t have access to the actual account, so they can’t redirectt he challenge code to their own phone.
@LKnomad , the frequency of your cc number being stolen seems unusually high. I would suspect some place that you are commonly using it.
One time somebody was using a fraudulant physical card with my information on it (at of all places a six flags amusement park - they had also charged an amtrak ticket earlier in the day) - Discover and the merchant caught them in the act. Not sure what happened on that end - on my end I got a new card and of course no charges were kept on my account.
I seem to be bad luck with all of the card number thefts, had shopped at target when they were hit, shopped at Micheals when they were hit, shopped at Home depot when they were hit, shopped at Sheraton when they were recently hit, seems like in the last 18 months or so I have gotten 3 new Discover cards due to these number thefts.
Can someone clarify for me, please:
The new chip is supposed to make it more difficult for people to create duplicate physical cards, correct?
But, if one’s number is stolen, the bad guys can still shop online with your card, right??
The number can be stolen and a fake card then printed. The thieves who steal thousands of numbers are pretty sophisticated–if you have 20000 numbers and 20000 fake cards, you can sell those for some amount–and if some of those don’t work when tried at gas stations (the easiest place to try a fake card because most are barely attended these days), it’s a win.
Card not present (web or phone) purchases require the card number, expiration date, and (usually) the verification code (the 3 digit one printed on the back). In theory, the last of these is not supposed to be stored in any merchant system. However, since it is visible on the back of the card, and needs to be entered into a web site or other place when the purchase is made, there are still ways it can be stolen along with the other card information (e.g. if your computer is cracked and a keystroke logger is installed).
It is also generated from the card number and expiration date using an encryption key at the card issuer; if this encryption key is compromised, then thieves can regenerate the verification codes for cloned cards from that issuer.
https://en.wikipedia.org/wiki/Card_security_code
Also, a cloned card can still be used at vendors which do not have chip card readers, such as gasoline pumps, even if the original card had a chip in it (if you swipe a chip card, it is supposed to tell you to use the chip reader, but this obviously does not apply to swipe only card readers).
Thanks. In other words, the addition of the chip isn’t going to help too much, at least for several years.
One thing that I like about my AmEx card is that it sends me an email when I use it online, to tell me that a charge was made to it without the card being present. It’s a very good safeguard.