Identity Theft Security
Identity theft (or fraud) is a concept that has been tossed around for decades with the term first coined and used in 1964. Over the last few years, however, cases of identity theft have really accelerated throughout the advanced development of financial technology — particularly mobile banking/credit card management and increased capabilities for online payment processing.
Even fairly recently, the number of total reported identity theft cases has exponentially grown. For example, 2014 had 332,545 reported cases which grew to over 1.3 million by 2020. Some of the most notable subsets of that data pool is the frequency of two specific types of fraud which can impact financial security of individuals and businesses — credit card and banking fraud.
Credit card fraud is the unauthorized-use of someone’s credit card by another person. It makes up around 28% of all identity theft cases with just over 393,000 cases reported in 2020 — with 30-39 year olds having the most instances. Banking fraud, on the other hand, makes up about 6.3% of all identity theft cases and takes place when someone tries to (or successfully) take funds from an account directly or by pretending to represent the bank.
There’s also the idea of debit card fraud which sort of lies in between these two because funds would be directly taken from a bank account but use card information similar to that of credit card theft. Here we’ll go over how credit card and banking fraud occur and the best ways to protect yourself.
How Credit Card and Banking Fraud Occur
Credit card and banking fraud can occur within both the physical and cyber space. In the most direct methods, fraudsters could steal your physical credit or debit cards, look over your shoulder while making a purchase at a store, or even steal your mail which could contain card or bank account information.
There’s also the telecommunication method where a scammer will call you pretending to be an official of a bank or credit card institution, or even act as a representative for a fake prize giveaway. During that call, they’ll tell you they need your financial information to confirm something or to wire over your prize money. Once the victims disclose the information, the scammer has the ability to make purchases with it.
The online space is where we become most vulnerable due to the sophistication in the techniques being used. Making an online purchase from a sketchy or non-legitimate merchant is one way criminals can acquire financial information. Additionally, direct hacking into someone’s computer can let the person view all of your data stored on their — including pre-saved credit card or debit card information on certain websites.
There’s then the most common online method for committing credit card and bank fraud — phishing. The scammer will create a legitimate-looking email pretending to be a company you shop from or your bank with urgent statements to “update account information” or “take advantage of this special offer.” Once the victim clicks the link, they’re taken to a spoofed page to input their card or bank account info to be routed directly to the criminal.
There are numerous ways to avoid becoming a victim of these types of fraud. It’s important to utilize protective controls to avoid fraud, detective measures to discover if it occurred, and reactive solutions to mitigate and reduce the impacts of the theft. Here are some of the best practices to protect yourself and your business:
Awareness is your best protection mechanism to fraud and theft. Understand the idea of call scams and what they might sound like, especially if it’s an offer that’s too good to be true. Also educate yourself on what a phishing email would look like. For example, phishing emails generally have some consistent attributes:
- Generic greeting → “Hello valued banking customer”
- Urgent request → “Please update your account information”
- Call to action link → “Click here to update your information” or “Click here to collect your prize”
- Obscure sender address → firstname.lastname@example.org
When in doubt, either call the company or bank directly to confirm the request or access your online account for your credit card or bank to see if there’s any notifications. Also, never disclose your information over the phone unless you were the one who placed the call to the merchant or financial institution and know for sure that it is in fact them.
Enable Multi-Factor Authentication
Specifically for online and mobile banking or credit card management, make sure multi-factor authentication (MFA) is enabled to access those accounts. Even in the event that a scammer was able to acquire your username and password, they would still need to break through another layer of security such as a one-time pin to have full access to the system and the data stored in it.
Utilize Fraud Protection
Both businesses and individuals can take advantage of the (mostly free) fraud protection services a bank and credit card company offer. This lets you approve or reject certain purchases from being finalized — particularly if there’s a certain value threshold hit such as any amount over $1,000.
There’s also identity security products such as Lifelock and IDnotify which track personal and financial data being used throughout the world. Anytime a potentially fraudulent activity is detected, the user is notified and receives help remediating the incident.
Identity Theft, Business Crime, and Cyber Insurance
Businesses and nonprofits can purchase business crime insurance either with their business owners policy (BOP), commercial package policy (CPP), or standalone to repay costs of theft to the business. Additionally, cyber insurance is highly recommended to indemnify costs of credit monitoring and payments to a credit card company or bank if the financial data of others they store is compromised during a cyber incident.
For individuals, identity theft insurance is a relatively new financial product that can be purchased from major carriers such as Allstate, State Farm, or Liberty Mutual. Insured’s have the option to buy it on its own or add it to their homeowners policy. While specifics will vary by carrier, this coverage generally repays costs of credit reporting, lost wages associated with a fraud incident, mailing documents, legal fees, and credit monitoring.
Prioritize Using Credit Cards
Simple purchasing 101 is to only use debit cards for withdrawing cash. Any payments done online or in-person should be with a credit card as your liability associated with credit card fraud is 0%. So if someone spent $15,000 with your credit card, you are liable for $0 of that and will be fully reimbursed. Most banks, however, will not pay you back for any debit card charges.
Continuously Monitor Your Accounts
As part of detecting credit card and bank fraud, enable transaction alerts that will notify you anytime a large or random transaction takes place. You can also manually review your credit card and banking statements daily either online or in your mobile application.
Ensure Only Secure Online Transactions
If you’re making an online purchase, avoid eCommerce merchants that do not have the “https” in their website as that indicates the site is not secure and your backend data is not encrypted. Also avoid merchants with poor reviews or transaction history — even on reputable marketplace sites such as Amazon or eBay.
Protect Your Identity with Ascension Global Technology
Contact us today to speak to an expert and learn how you can protect yourself from credit card, debit card, or banking fraud as well as other threats to your identity. Be sure to also check in on our blog for updates on today’s cybersecurity news and content on constructing your organization’s cybersecurity program.