Using your credit card is a convenient way to pay for the things you need. Fraudsters know this and have many ways to steal your payment information.

You can, however, fight fraud. Now is a good time to refresh your knowledge of credit card scams. Knowing how to spot fraud attempts will protect your payment information and your credit.

Here are a few things to remember when protecting your payment information.

While this article focuses on credit card fraud, the information shared can also apply to other card-based forms of payment. Many checking accounts now come with a debit card, which functions like its credit-based relative.

What Scammers Try To Steal From You

Scammers want two things from you when orchestrating a card scam. The first is your money, and the second is your information.

Money is an obvious thing to steal. Since most transactions in our society require money, fraudsters would want as much as possible to serve their ends.

Information is another matter. It’s a means that serves multiple ends. A fraudster can use your personal information, such as your name, contact and payment information, and social security number, for many things. This information can be used to:

• Open more cards, loans, or accounts in your name
• Order items using your credit or checking account
• Establish a persona for committing more scams
  

Another thing to remember is that identity theft rarely involves one bad actor. Nowadays, fraud is a wide-scale industry. Your information can be sold to other entities on underground markets to serve the interests of other thieves.

Now that we know the purpose of credit scams let’s review some of the different ways these scams occur.

Phishing Attempts

One of the most common ways scammers try to get credit card information is through phishing. It’s a cybersecurity threat where a scammer will try to get you to believe they are someone else. The two primary vectors of a phishing attempt are:

• Email: A fraudster will send you a message claiming to be from a familiar organization or entity. The message tries to get you to act, such as downloading an attachment or following a link to a spoofed website.

   

• Fake Webpages: Normally paired with the email, this webpage mimics a legitimate website's appearance. This page may prompt you to enter sensitive information, such as account login credentials or payment information.
  

Phishing over the Internet tries to gather information through official-looking forms or malicious software downloaded through email attachments.

The first way to spot a phishing attempt is to read the email message carefully. If it contains many spelling or formatting errors, then chances are it isn’t a legitimate message. Other giveaways include the spellings of email addresses and in-text links that lead to URLs that appear as legitimate web addresses.

The content of these emails might trick you into thinking that one of your accounts has been charged and your input is required to verify an order. Or, they might try to get you to view an attachment (which will install spyware on your computer).

If you end up on a suspected spoofed website, check its URL in your browser's address bar. You know you’re somewhere strange if the URL isn’t the one a legitimate business would use (compare something like “Amazon.com” to something like “Amazin.com”).

Also, check for a Security Certificate. If the page doesn’t have one, is expired, or is issued to an organization you don’t know, you are probably on a website trying to steal your information.

Phone Scams Are Still Alive and Well

Do you remember our talks about smishing scams? These forms of fraud are still prevalent, especially as texting and SMS have become the preferred forms of communication.

Smishing scams use texting or a social media platform’s messaging service to try and get you to surrender your personal or payment information. A thief may text claiming they are someone else and that your action is required. They may want you to respond or click on a link they provide. A link might take you to a website described in our phishing section, where they will try to take your card information.

It’s becoming increasingly common for fraudsters to call their victims after they respond to a text. When this happens, victims speak with a real person who may use pushy tactics to get them to act on the spot. They may try to rush a victim into surrendering payment or contact information.

The best way to avoid smishing scams is to avoid responding to texts from people you don’t know. If someone claims to be from your credit card servicer or financial institution, contact your servicer instead.

Verifying senders is crucial because scammers use advanced technology to make their scams more believable. A fraudster can create fake accounts to pose as longtime friends or legitimate businesses.

Technologies like generative AI make it easier for thieves to write more believable messages. They can even create photos skimmed from social media to appear as acquaintances. Verify a sender’s identity before engaging with a stray message whenever possible.

Beware of Credit Card Skimmers

You may be familiar with point-of-service (POS) terminals. They’re the little kiosks by cash registers that allow you to slide your credit or debit card to pay for things. Even with the proliferation of online ordering, credit card skimmers are still a prevalent threat.

Card skimmers are electronic devices that “record” card information when they are used. They are typically attached to an actual POS terminal, which copies information entered into the system.

When a skimmer records card information, a thief can download the details to create a spoofed credit card and make transactions from a victim’s account.

Skimming devices take several forms. They can either be a shell device placed directly over a legitimate terminal or a more inconspicuous device hardwired and hidden within the POS terminal.

You can quickly check for shell-type skimmers by giving the edges of a POS terminal a quick tug. If something budges easier than it should, you may be dealing with a compromised terminal. Inform the establishment's management immediately if you suspect their equipment has been compromised.

Hardwired or hidden skimmers are, unfortunately, more challenging to spot. You will often not know if you’ve been skimmed unless your statements update with charges you don’t remember. Call your card issuer immediately to report fraudulent charges and request a new card.

Alternatively, use these other methods to minimize the risk of card skimming:

• Add your card to a digital wallet on your smartphone
• Enable notifications on your credit card activity
• Use a mobile banking app to check account activity
• Use tap-to-pay on your card
• Pay in cash—it still works!
  

Dealing with credit card fraud can be challenging. Adopting a proactive approach to securing your information will increase your chances of preventing identity theft.

Remember: First Florida representatives will never contact you to ask for your personal or banking information. Visit our SAFE page to learn more about preventing fraud.