I used to work for a Hi Tech company that has a product that conducts financial transactions and guarantees a 99.99% success rate. How do they do it? Through many layers of security and ingenuity. While thinking about the lengths this company scales to provide an excellent product, I was thinking about the security of my own credit cards. I'm guessing that most of you carry at least one credit card and a debit card. My bank has strongly urged me to use my debit card only as a credit card -- mainly because the protection offered through credit cards is much more solid than debit cards directly tied to a checking account.
While working at that company, we used to spend time researching types of attacks and fraud that was leveraged against supposedly secure networks and databases. Look on the Internet and it is easy to find headlines such as, "Email error disclosed 3,000 contractors' pay rates to 800 contractors working for Royal Bank of Scotland" and "Log-in credentials and personal information for 20,000 people acquired by hacker and exposed online." So we know there are people out there that want to steal your credit information. What are some of the ways that they do it?
One way I will call the switcheroo. MSN describes this with a toy store scenario. Sally, Simon and Bud walk into a toy store. Sally and Simon roam the aisles, while Bud waits in line to check out. When Bud is at the register, Simon comes running up to the clerk, screaming that his wife has fainted. As Sally and Simon distract the sales clerk, Bud switches the credit card reader at the register with a modified one of his own. For the next week or so, the salesclerk unwittingly collects credit card data on the modified reader until the trio returns, takes back the modified reader and restores the original terminal.
Another situation can occur at a restaurant or basically any situation where you give your credit card to an employee and they take it out of sight. At the end of your yummy meal at Bill's Diner, you give your waitress your credit card to pay the bill. She takes your card to a back room and runs it through the restaurants register and then she pulls a small golf ball sized device from her apron and runs your card through it too. This device is known as a skimmer. It can store information from many credit cards.
You have probably seen this next scam in the headlines of national news. A person goes to a gas station and places a special kind of skimmer either over a credit card reader on a gas pump, or they open up the pump with a special key and replace the reader with a skimmer. Lots of gas stations now have seals placed on the front of pumps to give some since of security if they are not broken, however, these seals do not prevent the over the existing credit card reader skimmer. The skimmer then communicates with a nearby laptop using Bluetooth.
The last two forms of thievery include hacking and phishing. If you are like me, you at one time had a manager who loved to fill your email in box with all kinds of get rich quick schemes, photo essays and do this or else your will receive an Inca Dinosaur curse. With the hacker, they try to get you to install malware on your computer by compromising a popular website. When you visit that website, a small program is installed on your computer. This program can capture keystrokes or search your hard drive for sensitive information. Particularity are public computers in libraries and Internet cafes.
Phishing is similar to hacking except the small program is sent to you via email. "Look at this adorable picture of kittens," says one e-mail. Or they talk about looking at the weekly performance report. Regardless, don't click on that attachment! Once you are infected, you will not know. These programs hide and only relay information to the "home base." So all you need to do is make an online purchase, give your credit card number, and the number also gets sent to our devious hacker.
So what can you do to minimize or prevent these kinds of things from happening to you? Quoting from Janna Herron on MSN.com:
- Set up mobile alerts for your phone if your financial institution provides the feature. That way, you can be aware of unusual activity as quickly as possible.
- Regularly monitor your accounts online, so you can identify fraudulent transactions faster.
- Avoid public computers. Don't log on to your email if your bank corresponds with you there. It might be wise to set up a separate email account just for your finances and checking it from safe locations only.
- Avoid doing business with unfamiliar online vendors. Stick to established merchants and websites.
- If your information has been compromised, notify your financial institutions and local law enforcement, which will contact the Secret Service if necessary. Also make sure you notify any of the three major credit card reporting agencies, Experian, Equifax and TransUnion, to setup a fraud alert on your credit reports.
According to the government and financial institutions, every minute, 20 people are subjected to identity and credit card theft. In 2009, they reported that more than 11 million people nationwide were victims of credit and debit card scams that resulted in unauthorized charges of $54 billion.
I have had my credit card company call me up on a few occasions when they thought a purchase looked fraudulent. Thankfully they were not, but it is nice to have a bank looking out for you. Also, one time our Bank contacted my wife and said they were going to send her a new card since her current one had been compromised. We both didn't know what had happened, but were glad to be covered.
Til next time,
Bill
No comments:
Post a Comment