ADVERTISEMENT

As online fraud spikes, here’s how to safeguard your accounts

By

As online fraud spikes, here’s how to safeguard your accounts HYWARDS/iStock/Getty Images Plus/Getty Images

 

As online fraud spikes, here’s how to safeguard your accounts HYWARDS/iStock/Getty Images Plus/Getty Images

 

They’re the red flags of fraud. An email from your card issuer checking to make sure you booked a stay at a resort in Mexico. A text confirming that you intended to buy another big screen TV. Bogus recurring charges showing up on your card statements.  

As merchants continue to switch to chip-card readers to reduce credit card fraud in stores, thieves are increasingly turning online to conduct their crimes. Their old go-to crime – creating new cards with stolen card numbers – is in decline, since chip cards can’t be cloned. That makes online retail stores the easiest target, and that’s where the crooks are going.

Online fraud, known in the industry as card-not-present fraud, is spiking. It has gone from $3.2 billion in 2015 to an estimated $4 billion in 2016, according to a study by Aite Group and iovation released in May 2016. By the end of 2020, card-not-present fraud is projected to cost retailers and financial institutions $7.2 billion in the U.S.

Since the switch to hard-to-clone chip cards began in 2015, online fraud attacks are up 26 percent in the U.S., according to a study by Forter, an e-commerce fraud prevention company. According to an Experian study, e-commerce fraud attack rates in 2016 are at least 15 percent higher than 2015’s total.  

“We’re only seeing the beginning,” says Bill Zielke, chief marketing officer at Forter. 

In the U.K., where chip-and-PIN technology was adopted in 2003, online fraud climbed from 26 percent of all fraud in 2002 to 63 percent of all fraud in 2012, says Loc Nguyen, chief marketing officer at data security company Feedzai. 

“Maybe we’re on the same trajectory,” Nguyen says. 

E-commerce criminals likely will have even more opportunities to cash in on fraud this holiday shopping season because a higher percentage of American consumers are expected to do their Christmas shopping online. 

Online sales are expected to increase more than 17 percent in 2016, according to an eMarketer report. Holiday e-commerce sales, defined as November and December sales, are forecast to jump to $94.71 billion, representing 10.7 percent of total holiday sales. 

As we start to see merchants close the EMV gap, the fraudsters will need to find potentially new places to play. That will increase the card-not-present fraud.

‐ Ryan Wilk,
NuData Security

“As we start to see merchants close the EMV gap, the fraudsters will need to find potentially new places to play,” says Ryan Wilk, director of customer success at NuData Security. “That will increase the card-not-present fraud.” 

Despite the increased fraud risk, 29 percent of consumers say they take no action to protect their personal and financial data, a Kaspersky Lab 2015 study found. Why? They’re counting on merchant websites being sufficiently protected. 

Experts say that’s like leaving your front door unlocked and your garage door open because you figure your Neighborhood Watch program will catch intruders. 

If you’re in that 29 percent, there are easy things you can do to reduce the chances of online card account fraud. Just complete one of these nine actions each week until you check off all of them. 

1. Protect all your devices with passwords.
Use a passcode lock on your smartphone and other devices, the American Bankers Association (ABA) advises. This will make it more difficult for thieves to access your information if your device is lost or stolen. 

Only 58 percent of people password protect all their devices, and 16 percent don’t protect any devices with passwords, according to Kaspersky Lab. 

2. Don’t use your birthday or pet’s name as a password.
Most passwords are poorly constructed and resemble basic PINs, according to a Salted Hash study of more than 126,000 passwords compromised during phishing attacks in 2016.

Use a combination of letters and numbers for your passwords and change them periodically, the ABA suggests.

3. Use unique, strong passwords on each website.
If a fraudster gains access to one site, at least he won’t be able to hack the rest of your online accounts, Wilk says. 

4. Store passwords securely in specialized software.
Only 7 percent of consumers stored passwords in specialized security software, and 48 percent save passwords on notepads, sticky notes or even on the device itself, according to Kaspersky Lab.

Bad idea, ConnectSafely.org says. Instead, the site’s tips for creating strong secure passwords suggests, “If you must write it down, hide the note somewhere where no one can find it.” 

5. Use online banking alerts to protect yourself.
Monitor your financial accounts regularly for fraudulent transactions, the ABA says. 

Sign up for text or email alerts from your bank for certain types of transactions, such as online purchases or transactions of more than $500. And act quickly if you get a fraud alert from your credit card issuer or bank. 

6. Monitor your credit report.
Order a free copy of your credit report every four months from one of the three credit reporting agencies at annualcreditreport.com

If you see something suspicious, such as an account you don’t remember opening, file a dispute with the credit bureau. 

7. Verify that a site is secure before making a payment.
Don’t give out your credit card number online unless the site is secure and reputable, the FBI advises in its tips to avoid credit card fraud. One way to do this is to only use sites that have an ‘s’ (for secure) after http. 

We’re only seeing the beginning.

— Bill Zielke,
  Forter

Also, when shopping online, the FBI recommends using your credit card (not your debit card), whenever possible. With credit cards, you don’t risk your bank account being emptied out and can dispute the charges if something goes wrong.

8. Implement strong privacy settings on social media.
That makes it harder for hackers to guess your passwords and security questions. Only 39 percent take that step, according to Kaspersky Lab. Thirteen percent take no action at all. 

StaySafeOnline.org’s guide to safe social networking advises being cautious about how much personal information you provide on Facebook, Twitter, Snapchat and such. 

“The more information you post, the easier it may be for a hacker or someone else to use that information to steal your identity, access your data or commit other crimes,” the site says. 

9. Don’t shop or check your accounts on public Wi-Fi.
What if you must use public Wi-Fi? Stay out of sensitive accounts and make sure your anti-virus software is up to date, according to Tech.co’s 6 important ways to prevent public Wi-Fi attacks

With updated anti-malware and anti-virus software, you’ll be in the minority – only 20 percent of consumers keep that software current, according to Kaspersky Lab. 

If you’ve checked off all these steps, security experts say you’ve closed and locked your doors, added a security system and maybe even a barking dog. 

See related: 10 warning signs of identity theft, New technologies, analytics to battle online fraud, Millennials most likely to fall prey to scams

Published: November 7, 2016


Join the discussion
We encourage an active and insightful conversation among our users. Please help us keep our community civil and respectful. For your safety, do not disclose confidential or personal information such as bank account numbers or social security numbers. Anything you post may be disclosed, published, transmitted or reused.

If you are commenting using a Facebook account, your profile information may be displayed with your comment depending on your privacy settings. By leaving the 'Post to Facebook' box selected, your comment will be published to your Facebook profile in addition to the space below.

The editorial content on CreditCards.com is not sponsored by any bank or credit card issuer. The journalists in the editorial department are separate from the company's business operations. The comments posted below are not provided, reviewed or approved by any company mentioned in our editorial content. Additionally, any companies mentioned in the content do not assume responsibility to ensure that all posts and/or questions are answered.




Follow Us


Updated: 12-03-2016


Weekly newsletter
Get the latest news, advice, articles and tips delivered to your inbox. It's FREE.


ADVERTISEMENT