A recent report on credit card fraud brings with it both some good news and some bad.

Shall we start with the good news? According to Javelin Strategy & Research, credit card scams have dropped over the past two or three years. In fact, these scams declined by a whopping 1.7 billion dollars between 2016 to 2018. 2019 looks even brighter.

But here is the bad news. Even with that steep drop in the number of reported incidents over those two years, 2018 still brought with it $6.4 billion in fraudulent activity.

So, with a fraud problem this widespread, stopping perpetrators from victimizing you might feel like trying to collect raindrops with a tennis racket.

But we can’t do away with credit cards because of the benefits and convenience collecting credit payment brings to consumers.

However, the old adage tells us that knowledge equates to power. And, in this case, that’s particularly true. For only if you spot credit card scams early can you stop it in its tracks. And, if you become a fraud victim despite your best efforts, you must also know how to resolve it swiftly.

Learn how to spot the 10 most frequent types of credit card fraud and how to spot them.

1 - Stolen or Lost Credit Card Fraud

One of the most pervasive card scams is the use of lost or stolen credit card data.

As the name implies, this is how it goes down. Your card is stolen from your possession, or you inadvertently drop it out of your wallet. The scammer selects his or her favorite merchandise from online merchants and enters the card data as their own (they will even have that CCV number handy!).

By the time you or the merchant are aware of the theft, they have already walked off with the goods.

If it’s a rarely used card, you might not be alerted to this until you receive your monthly statement. That’s unless your credit card company grows suspicious and calls or sends you a verification text.

Report your card as missing to your card company the moment that you notice you have misplaced or lost it.

2 - Account Takeover

A form of credit card fraud that’s on the rise is Account Takeover.

In fact, as holograms and embedded chips make it more challenging for traditional card fraud methods to work well, this scam is on the rise, according to the Javelin findings.

This crime most often starts with lax online card security.

A hacker obtains the cardholder’s data. Then, they act as though they are the real account holder and reach out to the card company. They gain their sympathy by reporting that they’ve lost their card and would like a new home. Then, they charm the agent into updating their address info.

Thus, that replacement card is mailed out to the scammer instead of the real account holder. All that’s left for the scam artist to do is activate the card and begin shopping online.

The real cardholder will not know this has occurred until they try to use their legitimate card—which the fraudster reported as stolen or lost! If this happens to you…

Place an immediate card to your credit card company to repair the situation.

3 - Going Phishing

Phishing is a severe cybercrime that happens even to those who are on the watch for it!

Phishing starts when perpetrators cast their “bait”—legitimate-looking emails to unsuspecting cardholders.

These criminals pretend they are a company’s warranty department (using a well-known brand), a bank, or the credit card company themselves. Their goal is to lure the unsuspecting consumer into taking that bait and then reeling them in.

So, a consumer who purchased an Apple Watch might think they are updating their warranty registration. However, they are really sharing their personal demographic data with nefarious criminals who will use that data to commit credit card scams.

Phishing emails look legit, at least initially. However, carefully check to make sure that all looks correct on the landing page to which the email will direct you. If the logo looks a bit off or the language is poorly written, you are at risk.

Instead of updating that data online…

Call the company’s customer service line, and speak with them to find out if they sent you the request.

The time it takes to make that personal phone call can protect you from id theft.

4 - Fraudulent Card Applications

Phishing segues well into the next scam—fraudulent applications.

In this scenario, the fraudster perpetrates identity theft against a person with good credit and uses his or her birth date (DOB) and social security number to sign up for a new account. However, they change one crucial bit of data—the mailing address.

So, they have the new account signed up to send to their own address, receive the card, activate it, and begin a spending spree.

But this is very damaging to the “real” person. Because he or she is unaware of the existence of this card, it could be months before they realize it has been issued to an impostor. Unfortunately, victims often learn of this fraud only when they apply for credit—and get denied due to the unpaid bill.

Be sure to pull your credit reports at least once per year, or apply for credit monitoring service to alert you to this scam.

5 - Mail Intercept Fraud

You know your credit card expiration date is imminent. And, you should be getting your card in the mail any day now. But the card never makes it to you. Why?

Because of Mail Intercept Fraud. This fraud is so widespread that it carries two other names—Never Received Issue or Mail Non-Receipt Fraud.

In this case, the thief gains card numbers by picking them out of the mail before the cardholder receives it—often by grabbing it right out of the mailbox while the consumer is away at work.

Cardholders will often realize their card is expired, call the issuer, and learn that charges are stacking up! So, the moral of this sad story is to…

Be vigilant around the time when you are expecting new cards to be mailed out to you.

If you don’t see them a couple of weeks in advance of the expiry date, call your issuing bank to find out when they were mailed.

6 - Card Not Present Fraud

Card Not Present Fraud, also called email order fraud or telephone order fraud, represents a declining but still damaging segment of credit card scams.

With this credit card theft, the scammer obtains a card number illegally, including the CCV number on the back.

Then, they identify small businesses or merchants which don’t offer secure ordering platforms. They specifically target those merchants who accept phone-in, email, or even mail orders. Because they are neither physically present or in a safe online payment form environment, they slip through the cracks.

The merchant takes them at their word, the card goes through, and they mail out the goodies to the fraudster.

On occasion, an astute bankcard company may notice activity happening in unusual locations and alert the cardholder or shut down all transactions.

However, most frequently, the cardholder becomes aware of the issue only after receiving the monthly statement. As with the other cases, a call to the issuing bank will cancel out the card. And, a quick check of a credit report is also in order!

7 - Fraud Conducted by Data Breaches

While EMV (Chip) technology aids with preventing fraud, another type of fraud that is on the upswing is stealing credit card data in data breaches.

Those who commit credit card fraud are adaptable creatures. When technology stifles their methods, they find new ways to steal.

A data breach occurs when customer information is stolen from a merchant’s database. Of course, this information can include credit card data as well as the name, address, and other personally identifiable information.

While fewer thieves have the keen skills to pull off hacking, those that are successful at it inflict widespread damage, gaining access to thousands of records at one time.

This type of theft does not happen solely to online merchants. If you use your card at a hotel, doctor’s office, or to pay utility bills, the card data must be stored securely. However, if the merchant has lax standards, you are exposed to the risk.

If you are a victim of a data breach, you will receive a letter from the company whose data was stolen…once they are aware. However, a careful check of your monthly statement may alert you earlier so you can take action.

Let’s be honest. Few of us inquire about how credit card data is stored before we swipe. But perhaps we should!

8 - Fake Credit Cards

This type of fraud—forgery— still occurs; fortunately, it’s on the decline. Once prevalent in brick-and-mortar stores, holograms and EMV technology have slowed this down tremendously.

However, forgery does still happen. And, that’s because there are still merchants out there who have failed to upgrade to the chip reading equipment—four years past the mandated time. And, because only some cards use holograms, the lack of consistency leaves store employees confused about which cards are the real deal.

That creates a loophole for the bad guys.

There are skilled forgers out there who manufacture fake credit cards that look very real. They prey on merchants who have failed to embrace EMV technology. They use the card in these establishments and run a transaction on a card that’s not linked to a real account. These transactions seem to be authentic and approve—at least initially.

The credit card company eventually declines the transaction when it does not match up to a valid account holder. By then, the thief has strolled off with the purchases, leaving the merchant holding the bag.

As a merchant, notify the authorities if this happens. And, move forward in investing in that long-past-due chip card reader for your POS.

9 - Altered Cards

Another way thieves can defraud merchants and consumers is by using altered credit cards. First off, the thief obtains the data of a legitimate cardholder.

Then, they alter the numbers on a “bad” card to match those on a real account. Finally, they rub a neodymium magnet on the chip and magnetic strip to scramble or erase the card’s original data.

They shop with the card. Of course, the chip reader cannot decipher the information, and the transaction fails. The fraudster then uses their wit and personality to “befriend” the merchant and convince them to (break their policy) and to enter the data manually.

Again, this underscores the importance of checking your monthly statement and monitoring your credit. These situations still can…and, do…happen.

10 - Skimming

Skimming is a crime that takes a lot of effort, but it happens often.

A fraudster equips the card swiper of an ATM or gas station pump with a small device that steals all the user’s card data. And, they set up a tiny camera nearby to capture PINs as users input that information.

This scam works for both credit and debit cards, placing both a credit account and the consumer’s banking data at risk. So, those using debit cards often find their accounts drained of every penny.

Be on the lookout for pin pads and card swipers that don’t look quite right. Are they thicker than they should be? If you are in doubt, conduct your business inside the establishment and alert their management. Banks, especially, are quick to check this out and will be glad to help.

Otherwise, you might not realize you’re skimmed until you get an overdraft alert text message from your bank or your credit card company.

What Makes Your Bankcard Company Notice Fraudulent Activity?

Sometimes, issuing banks will notice attempts at credit card theft earlier than the victim. In these cases, they will alert the cardholder by text message or phone call to let them know. It’s not foolproof, but the bankcard companies do their best to remain vigilant.

So, just what activities will prompt the bank to sit up and take notice?

How Can Consumers Protect Themselves?

Now that you know how deep the roots of this crime run, let’s look at some tips to prevent becoming the victim of credit card fraud.

RFID-blocking Tip for Credit Card Fraud
Those RFID-blocking wallet and handbag really come in handy.

What Can You Do to Protect the Cardholders Who Shop With Your Small Business?

So, now that you have thought about what could happen to you as a consumer. Let’s shift gears. How can you, the business owner, protect the cardholders who purchase your goods or services?

Here are some safety rules you can implement to ensure card integrity.

Train your employees

Ensure that your employees know your credit card acceptance guidelines. Better yet, put the policy in writing and have them sign off on a statement that they understand the consequences of not following protocol.

Here is some more information on safe credit card handling at your business.

Invest in EMV readers

Accepting credit cards is a crucial, and very necessary, part of doing business.

If you’ve been holding off on EMV readers due to the cost, please reconsider. Not having chip reading technology could cost you more in liability if there is an incident at your establishment.

Politely decline telephone or email payments

Still taking phone and email payments? Spend the time to close this open loophole by transitioning to an online payment method. Even if you’re not an e-commerce site, you should ask customers to enter their own data.

Unfortunately, phone payments and email orders leave you open to more than just credit card thieves. It also exposes you to employees who could be tempted—and which also leaves you holding the bag for their actions.

If your business is truly so small that you still resist this idea, you should at least invoice them via a payment app like PayPal to minimize your risk..

Upgrade to multi-factor authentication

If you do a high volume of online sales, ask customers to set up accounts with you. Then, make multi-factor authentication mandatory. This means that the user would log in with a password, then receive a secret code via text or an app to access their account.

It adds an extra layer of protection that can stop fraud dead in its tracks.

MFA for Credit Card Fraud Protection
Level up your online account protection with MFA.

Report suspicious activity

If you are a brick-and-mortar business, be wary of anything that looks off-base. If a card appears altered or is unreadable, you should see a red flag. Or, if a customer is very interested in looking over another person’s shoulder as they input their PIN, politely interrupt the transaction.

Report fraud or attempts at fraud. Perpetrators of these activities often target many people, and you could be saving people a lot of headaches!

Keep your payment form secure

You must protect customer data by keeping your payment form—and all other forms—secure.

Think that’s hard to do? Not when you trust EmailMeForm.

We are security-focused and PCI-certified. This achievement means that we exceed the minimum standards as set forth by the Payment Card Industry. Plus, we passed an independent audit. For you, this means that your data is secure.

Additionally, we protect collected credit card data through Vault. This storage location requires multi-factor authentication—it’s the safest place to store your payment form data!

Final Thoughts on Credit Card Fraud

As a consumer and a business owner, you should remain vigilant about credit card security. While you want to be easy to do business with, your customers will not fault you for implementing stricter card handling policies. Indeed, they will probably appreciate it!

Credit card fraud is a global problem. But you can stop yourself from falling victim personally—and as a business owner—by knowing the types of fraud and evading them.

One way to fight credit card fraud is collecting cc details according to PCI security standards through Vault.

types of credit card fraud CTA

Author Deborah Tayloe

Deborah Tayloe

Deborah is a blogger and freelancer who often writes for EmailMeForm. When she’s not blogging, you’ll probably find Deborah working on DIY projects around her home in North Carolina.

Malware, and spyware, and ransomware. Oh, my!

Online Safety Tips for Every Small Business Owner

Top 12 Customer Favorite EmailMeForm Integrations To Minimize Your Workload

An employment application is a critical document

How to Build an Online Job Hiring Process for Your Small Business

Don’t let data thieves steal the cookies out of your jar

How to Prevent a Data Breach When Collecting Sensitive Data



More blog posts