Usually, the thieves are in the ‘business’ of stealing credit card data from several unsuspecting victims. So they will first add your stolen card data to their reserves. Then, they will sell your card number to cyber-criminals on websites that have been set-up to process such transactions. The buyer may immediately start using your data at online retailers or resell the data to another party. Cyber-criminals have also been known to print fake cards with stolen data for use in brick and mortar stores. Many a time, the intention is to purchase goods in bulk that they can resell for cash.
Not every stolen credit card is worth the same price!
Some credit cards are more valuable to cyber-criminals than others. For starters, the card must be active, allowing them to make transactions from the get-go. If card thieves sell the card along with the victim’s address, and more information can be affixed to it such as date of birth, Social Security Number, etc, the card is deemed more valuable.
Sometimes, the thieves are also familiar with the victim’s purchasing behavior. This information is useful for cyber-criminals who can then impersonate the victim and mimic his/her buying behavior to increase the chances that a fraudulent charge may go unnoticed by the victim or financial institution.
What measures can you take to prevent credit card theft?
Most people realize that their data has been stolen only after their bank intimates them about fraudulent activity with their card. What if cyber-criminals have already created fake cards with your data and shopped like there’s no tomorrow?
There is no guarantee that you will not fall victim to credit card theft even with safety mechanisms in place. What matters is that you spring into action immediately to prevent rampant misuse of your card data. To do that, you need to catch fraudulent charges as soon as they occur, and the only way to do it is to stay on top of your bank and card statements. Check your credit reports frequently to identify unfamiliar accounts and have them closed down.
If you are a business owner who gathers credit card information from customers, going beyond Payment Card Compliance to secure customers’ credit and debt card data can help you more effectively address the risk of data breach.
Wireless is a simple way that attackers use to get into networks. Make sure that the computer privileges on your network and passwords are deployed to resist attacks. An example of poor security would be an exposed server that doesn’t require a password for entry, allowing easy access to the backend where files containing credit card numbers are housed. Similarly, remote access to your business network must not contain a side door leading potential hackers to credit card data.
Teach your employees to recognize and avoid suspicious email. In particular, cyber-criminals use phishing scams to gain access to a company’s network or personally identifiable information. Phishing scams can be identified by watching out for spelling mistakes and threats like ‘act now or your account will be disabled’ in emails asking for credit card details and confidential information. Employees must also be instructed not to open suspicious links. For instance, if the link is for a financial website but upon hovering upon it, it shows a different domain, then a phishing scam can be confirmed.
