*Editorial Note: The content of this article is based on the author’s opinions and recommendations alone. It has not been previewed, commissioned or otherwise endorsed by any credit card issuer. This site may be compensated through a credit card issuer partnership.
This article was last updated Jan 29, 2018. Terms and conditions may have changed. For the most accurate information, please consult the issuer website.
An estimated 33 million Americans may have experienced some sort of card-related fraud last year, according to data from a survey by CompareCards, a subsidiary of LendingTree.
- Fraud is widespread. Out of 1,047 credit card fraud victims surveyed in January, some 15 percent of respondents said that they were victimized by fraudulent activity in the past 12 months. Based on the latest data of the number of Americans with either a debit or credit card in the U.S., that translates to 33 million Americans potentially victimized by card fraud last year.
- Even if the card is in your wallet, you can be a victim of fraud. Sixty-nine percent of the victims surveyed said that someone tried to make an online purchase with their account information, even though they had the card in their possession when they first discovered the fraud.
- You can’t rely on your bank to catch fraud first. Just under half (47%) of victims said their bank or credit card issuer alerted them to the fraudulent activity first. Even so, a significant share of fraud victims (37%) said they detected the fraud first by reviewing their account statement.
- Debit card users are at the greatest risk for fraud. Throughout our survey, we found that debit and credit card holders were victimized and inconvenienced at roughly equal rates, but using a debit card may increase your liability if you become a card fraud victim.
We’re often the first to find out
If you aren’t reviewing your bank statements routinely for unfamiliar charges, it might be time to start. Although the majority of fraud victims said they were alerted to a card breach by their card issuer or credit monitoring service, that’s not always the case.
More than one-third (37%) of the card victims in our survey first learned about the potential fraud themselves by reviewing their account statements. A mere 10 percent found out from a monitoring service.
Card fraud can continue for months undetected, so vigilance is essential. Often, fraudsters will test stolen accounts with smaller purchases. If those transactions go undetected, that’s a signal to them that the account is ripe to be used for larger fraudulent purchases later.
Card-not-present fraud was the most common type reported
EMV chip technology – that’s the silver wafer embedded in your physical debit and credit cards — is now in about two-thirds of credit cards in the U.S. And according to recent data from the Federal Reserve, chip cards has significantly reduced counterfeit card fraud. But by making card counterfeiting more difficult, it appears financial criminals are merely shifting fraudulent activity to areas where card counterfeiting isn’t necessary — by collecting card details they can use to spend without a physical card.
According to our survey, the vast majority of fraud occurred even though the cardholder had possession of the card the entire time. More than two-thirds (69%) of respondents said they had the actual card when the fraud occurred. Most, if not all, of these types of fraud are what are known in the card industry as Card-Not-Present (CNP) frauds.
CNP fraud occurs (as the name suggests) when the fraudster tries to make a purchase with your account information on the card instead of the card itself. By pairing the account holder’s name and address with the card’s account number, expiration date and three-digit (sometimes four-digit) verification or security code, criminals have enough information to make fraudulent purchases online or over the phone.
Criminals can use a number of tactics to obtain card data, like compromised internet connections, or “skimming” (surreptitious readers on a ATM, gas pump or other devices read the data off of the magnetic stripe of your card). As for the other piece of the puzzle, one can simply point to the Equifax data breach last year that exposed identity-related information of millions of consumers, or any of the dozens of data breaches that have occurred in recent years
A relief for some, costly for others
Not everyone affected by card fraud was scarred by the experience. But if they were, it often affected them in a number of ways.
Some 29% of respondents claimed that credit card fraud ultimately caused them some sort of adversity, either in terms of time wasted, money spent or other inconveniences. Of that group, 48% of those who experienced card fraud said they suffered some sort of financial loss, while another 23% claimed the event caused them to be declined for credit.
Closer to home, 7 percent of those adversely affected missed work or school attending to the matter, and 13 percent said they had to resort to borrowing from friends or family.
After the storm: How to handle credit card fraud
Responding to credit card fraud can be tricky after the obvious steps are taken — you call your bank, get the charges reversed and … then what?
One of the most certain ways to prevent fraudsters from opening new credit in your name is to initiate a credit freeze. And, yet, we found that even after the fraud occurred, many victims didn’t put a freeze on their credit reports. Only 39 percent of victims said that they placed a fraud alert with one or more of the three credit reporting bureaus.
Another way to protect yourself is to place a fraud alert on your credit account after fraud has occurred or if you suspect fraud may occur in the future. A fraud alert is a free service provided by the major credit bureaus. By placing an alert, businesses must try to verify your identity before extending any new credit. You only need to contact one of the three credit bureaus; the one you contact will inform the others of the fraud alert status, which will then apply to each credit reporting agency.
A credit freeze, however, is a more potent tool against credit card fraud, as it prevents anyone from accessing your credit report to open an account(your account can still be accessed for other purposes, such as checking your credit history). It also prevents you from opening any new credit accounts — and any account that requires a credit check, such as a mortgage or even cellphone application — until you unfreeze it. By placing a credit freeze on your report, you can prevent fraudsters from creating even more havoc with your credit information by opening new accounts in your name without your knowledge.
We’d recommend doing most of your shopping, especially online, with a credit card instead of a debit card. Under the Fair Credit Billing Act, your maximum liability for fraudulent use of a credit card is $50, and many issuers offer zero-liability as a card benefit. But that protection doesn’t extend to debit cards, which are covered by a different statute (the Electronic Funds Transfer Act). If someone uses your debit card before you report it lost or stolen, your liability depends on how quickly you report it. If you don’t report within 60 days, you have no protection. Also, if someone hacks into your debit card, he or she could drain the liquid cash you have stashed in your checking account, leaving you cash poor for days potentially.