Editorís note: This is the first in a series on fraud and scams.Few things put a damper on holiday shopping like having a credit card number stolen. Like millions of Americans, Falcon resident Jane Smith (real name changed to avoid any further identity issues) placed an online order this past December. Less than an hour later, a credit card company representative called to alert Smith and her husband, James, that their card number was being used in another state.They later learned their card number had been compromised before Smith placed her order for Christmas gifts. The card was used in three different states over several days for purchases totaling more than $1,200. ìYou canít print how I really felt,î James Smith said. ìTo me, it almost feels like youíre undressed. You feel exposed and violated.îNearly 10 percent of Americans have been victims of credit card fraud, according to government statistics compiled by Statisticbrain.com in 2014. Another 7 percent have faced ATM or debit card fraud. Data breaches at large companies such as Target, Home Depot and Staples have commandeered headlines in recent years; leaving many to wonder whether the convenience of credit and debit cards is worth the risk to bank accounts and credit scores.A big headacheCornell University Law School defines credit card fraud†as ìa form of identity theft that involves an unauthorized taking of anotherís credit card information for the purpose of charging purchases to the account or removing funds from it.îThe Smiths define credit card fraud as ìone big headache.î Since their credit card company took immediate action to close the account, two of Jane Smithís three online purchases that day were declined. However, having to reorder merchandise was the least of the Smithsí worries. They had to sort out legitimate and unauthorized charges, and complete affidavits. Smith said, ìThe forms were very simple. Just check yes or no.î However, it takes plenty of time to get it straightened out, she said. The Smiths also notified credit monitoring firms, and continue to closely watch their statements.The Federal Trade Commission states that federal laws offer some protection to victims of credit and debit card theft. Under the Fair Credit Billing Act, a cardholder cannot be held liable for fraudulent transactions after reporting a credit card as lost or stolen; total liability is limited to $50. In the case of a stolen credit card number, where the card itself hasnít been lost or stolen, the cardholder is not liable for any unauthorized purchases.Liability for lost or stolen ATM and debit cards is different. The Electronic Fund Transfer Act limits liability to $0 if the ATM/debit cardholder reports a lost or stolen card before unauthorized transactions are made. That liability increases to $50 if loss or theft is reported within two business days, and it jumps to $500 if reported after more than two business days but less than 60 calendar days after the statement is sent. If loss or theft is reported more than 60 calendar days after the statement is sent, the account owner could lose all funds in the account ó plus money in the accounts linked to it. If unauthorized transactions are made but the card isnít lost, the account holder faces no liability as long as the illicit use is reported within 60 calendar days of the statement being sent.A growing problemAccording to a Statisticbrain.com report, the median amount for credit card fraud is $399 (based on statistics compiled from U.S. government sources). However, small amounts quickly add up. The Business Insider reported that payment card fraud in the U.S. totaled more than $7 billion in 2013, with data breaches at major retailers resulting in about $500 million of that amount. Globally, fraud losses were estimated at $14 billion.Credit and debit card fraud is growing. The Identity Theft Resource Center reported a record high 783 U.S. data breaches in 2014, an increase of 27.5 percent from 2013. While not all data breaches result in identity theft or financial crimes, the ITRC noted that ìthe fact that information is consistently being compromised increases the odds that individuals will have to deal with the fall out [sic].îThe ITRC began tracking breaches involving Social Security numbers and credit/debit card information in 2010. Since then, exposure of SS numbers has declined, but credit and debit card compromises increased in 2013 and 2014. Statisticbrain.com ranked Colorado second for states with the highest rates of credit card fraud; Nevada placed first.A modern ìwhodunitîThe Smiths were puzzled about how someone could steal their credit card number. They had never lost their card, used it only at reputable stores or for occasional travel expenses; and diligently shredded statements and receipts. But credit card numbers are compromised in a number of different ways.Data thieves use techniques, ranging from ìold schoolî to high-tech, to collect information. Some thieves root through trash or steal from mailboxes, looking for financial and personal information. Others snag payment card information by attaching ìskimmingî devices to card readers installed on gas pumps, ATMs or vending machines. Hackers infiltrate computer networks of companies, retailers, government organizations and private users to directly access financial information, or they plant malware to capture the data they want.Often, this information is then sold over the Internet on underground marketplaces. In a Nov. 14, 2014, blog post, former Washington Post reporter Brian Krebs described the process. ìCard data stolen from main street retailers Ö is sold to crooks who encode the numbers onto new plastic and go shopping for high-priced electronics and gift cards at big box stores,î he wrote. ìOther shops sell mainly stolen card numbers, expiration dates and card security codes that can only be used to shop at online retailers.îIt starts smallThe first few illicit charges the Smiths reviewed ranged from $2.50 to $35. James Smith said he couldnít believe that someone would go through the trouble to steal a credit card only to use it for relatively small purchases, but this is often an intentional ploy by the crooks.In an Oct. 20, 2014, article for U.S. News & World Report, industry analyst Matt Schulz said that fraudsters make small purchases with stolen credit cards to ensure their validity. He wrote, ìBy keeping the purchase small, theyíre often able to accomplish their goal without setting off any alarms with the victimized cardholder.îAllís well that ends well ó this timeJames Smith said he was pleased with the way the credit card company handled their case. The compromised card was cancelled ìon the spotî and a new one issued. A company representative said the incident would not affect their credit rating, Also, the company will conduct an in-house investigation, along with providing information to the federal agency. Much to their relief, the Smiths were not liable for any portion of the fraudulent charges.ìIt (stolen card number) was a slap in the face, but it turned out OK for us,î Smith said, adding that he hopes it never happens again.
