Credit Card Security On The Road

[JanAndBill]

I make it a point to be very careful with my credit cards. Very seldom do they leave my sight, unfortunately last month in Florida we were at a restaurant, and I allowed the server to take my card. This week I was alerted to a change being made to my email address. When I called the card company, I learned that someone had just called in on the phone, changed my email address, changed my billing address, and requested a new card be sent to the fake address. I know it happened at this place, because the fake address turned out to be only a couple of miles away from the restaurant. The card company explained that they apparently had photographed the front and back of the card, giving them enough information to phone in and request the change. Luckily I was able to stop it before it went anywhere, but still they had to close out that card and reissue a new one, which will be sent to my correct billing address in 4 to 6 days. Had we been on the road, with only one card it would have been a real hassle. I learned that a simple fix to prevent this is to establish a password on your account that is required before "any" phone in changes can proceed, something that I strongly advise anyone who uses credit cards do.

 

[pegmikef]

My rule is the same except mine NEVER leaves me. I will go to the cashier before I give the card to a wait person. I really prefer to pay cash if it is not real expensive (>$50).

 

[Birchwood]

One thing you have to remember is you are not responsible for any charge THAT DOES NOT HAVE YOUR SIGNATURE! Companies that charge you with no signature are at risk of the customer that reports an illicit charge.

 

[JanAndBill]

One thing you have to remember is you are not responsible for any charge THAT DOES NOT HAVE YOUR SIGNATURE! Companies that charge you with no signature are at risk of the customer that reports an illicit charge.

This paticular card offers $0 liability for fraudulent charges, so the money is not the issue. The real issue is that it "could" have put us in a real bind if we were on the road and didn't have a backup card, not to mention the hassel of filing a police report, and dealing with having the charges removed.

 

[Lynn1130]

I hope that the card company opened a fraud investigation. If not you should ask that they do.

 

[porthole]

One thing you have to remember is you are not responsible for any charge THAT DOES NOT HAVE YOUR SIGNATURE! Companies that charge you with no signature are at risk of the customer that reports an illicit charge.

Everyone should read all that fine print you received with your card.

Federal law covers fraud on CREDIT CARDS. There are distinct limits to the "no signature" thing, especially with debit cards.

This paticular card offers $0 liability for fraudulent charges, so the money is not the issue. The real issue is that it "could" have put us in a real bind if we were on the road and didn't have a backup card, not to mention the hassel of filing a police report, and dealing with having the charges removed.

A police report really does nothing, other then an effort on your part to prove you are not part of the fraud.

I hope that the card company opened a fraud investigation. If not you should ask that they do.

Card companies have thresholds for investigations and the odds are slim that they will open a fraud case and investigate and prosecute.

I can tell you Wells Fargo will not.

We just went through our third account hack since last May. I thought about posting here for all to see some of the trials and tribulations that affected us and how you are not quite protected the way you think you are.

If there is interest I will post up.

 

[JanAndBill]

I guess the thing that shocked me most was how someone could simply call and make changes to my account. Since there was no money lost it is doubtful that they will even investigate unless they discover a pattern. It was a wake up call for me.

 

[Mrsfish]

I have worked for a variety of financial institutions (3 banks, 4 investment firms) over the last 35 years and I have NEVER heard of anyone doing an address change/email change/order new card without doing a security check on the person calling in. Almost sounds like there's an insider somewhere. Highly possible that someone may have lost their job at the bank/credit card company and rightly so.

 

[Lynn1130]

Can you say AMEX? I have found that fraud has no "threshold" with them. Fraud, and especially this type of fraud, is something different than someone stealing your card and charging $150 on it. The fact that they were able to make those changes says that there is more to this than card theft.

 

[Hippy]

I believe any credit card is vulnerable. We went on vacation couple of years ago to Islas Mujeres via Cancun.
Paid cash for everything with exception, American Express card for a gulf cart rental for couple of hours.
A Month later while on business in San Francisco, I received a phone call from American Express fraud department verifying If I made numerous purchases at Sams Club totaling $35,000 the day prior in Cancun, Mexico. I responded definitely not. It was a month ago I was there and Iv'e been In San Francisco for a week.
I was asked to check my billing for discrepancies and let them know.
I can't believe they allowed four transactions in one day totaling $35,00 at Sams Club. Don't remember exact dollars broken down but one transaction was $15,000 early morning. The other was early afternoon for $10,000 and so on.
American Express took care of it and re issued another card. A year later, another state, I got hit again. They took care of everything.
I won't leave home without American Express.

 

[JanAndBill]

[QUOTE: Lynn1130;345655]Can you say AMEX? I have found that fraud has no "threshold" with them. Fraud, and especially this type of fraud, is something different than someone stealing your card and charging $150 on it. The fact that they were able to make those changes says that there is more to this than card theft.[/QUOTE]

This has been bothering me as well. I'm not real clear on how they got the billing address on the card, something they would have needed to make the changes. The only place that had the billing address is the RV park we stayed at, but it's a good 30 miles away from the address.

 

[porthole]

You all realize what "zero-liability" really refers to is, right?

Zero liability to the bank issuing the card. In the end of any fraud incident, either the consumer loses or the vendor that completed the transaction loses. The bank does not. Banks potentially make money with the incident, especially with debit cards. The funds are withdrawn from your account by the bank, the transaction is blocked or reversed at the vendor and the bank has the funds in limbo during the duration of the investigation.

Who knows how many millions of dollars every day is being invested while the fraud is investigated?

 

[Ray LeTourneau]

Several years ago we were hacked with our Chase BP Visa. I check my accounts frequently and noticed a charge for a Pizza Hut in Chicago for $25. I immediately called Chase while the charge was still "Pending". I had to wait till the charge actually hit my account before reporting it. I asked at that time why it just couldn't be turned down at that point. I didn't really understand why they can't but they don't do it that way. While this dialog was going on, several other charges were taking place. A $600 Apple I store purchase and a $350 Commonwealth Edison bill payment.

Once the charges actually appeared on my account I called and reported the fraudulent activity. We never had to pay anything and it took a few weeks to get the new cards because they were sent to our home address and we had to wait for the mail to be forwarded. I also did some of my own investigating and was able to get the transaction numbers from my Chase account on line and I called the apple store in Chicago to try and find out how this happened. I was told the buyer had to have the card and ID to pick up the purchase. This leads me to believe it's one of those large fraud rings actually making fake credit cards.

We never use credit or debit cards in restaurants so the only way I figure this could have happened was at a BP fuel stop where I had to leave my card at the fuel desk while fueling up on the way to the Heartland Rally. Since then, I only pay in advance for what I think I'll need. Lesson learned.

 

[scottyb]

I believe any credit card is vulnerable. We went on vacation couple of years ago to Islas Mujeres via Cancun.
Paid cash for everything with exception, American Express card for a gulf cart rental for couple of hours.
A Month later while on business in San Francisco, I received a phone call from American Express fraud department verifying If I made numerous purchases at Sams Club totaling $35,000 the day prior in Cancun, Mexico. I responded definitely not. It was a month ago I was there and Iv'e been In San Francisco for a week.
I was asked to check my billing for discrepancies and let them know.
I can't believe they allowed four transactions in one day totaling $35,00 at Sams Club. Don't remember exact dollars broken down but one transaction was $15,000 early morning. The other was early afternoon for $10,000 and so on.
American Express took care of it and re issued another card. A year later, another state, I got hit again. They took care of everything.
I won't leave home without American Express.

Same thing happened to me in Playa del Carmen. Rented a Jeep. After we got home, another rental went through from Isla Mujeres. We were in Austin using the card on the same day, so it was a no-brainer.

On the other extreme; I was in Bonaire in the Dutch Antilles and my card was declined for a small purchase. The Fraud protection I had signed up for after the Mexico issue had stopped the purchase. It was the only card we had with us and we used to not like carrying a lot of cash abroad. It was quiet an ordeal contacting them. That was when we learned to alert your card service where and how long you intend to travel. It's gotten almost impossible to use traveler's checks and now most credit cards charge a 3% foreign transaction fee. Going on a dive trip to the BVI's next month and not sure how I am going to handle it. The good thing is we will be on a live-aboard dive boat and everything is paid up front except for incidentals. The 3% FT really burns me so we will probably take cash since we shouldn't need much.

 

[NWILSON]

BIG thing is not to use debit cards. Those charges come directly from your attached account. Recovery can be more difficult!
My Master Card was cloned in St Marteen a couple months ago. Why they allowed $13K in charges on an account with a $7K limit is beyond me. My liability was zero and we had new cards the morning after the fraud was reported.

 

[wdk450]

[QUOTE: Lynn1130;345655]Can you say AMEX? I have found that fraud has no "threshold" with them. Fraud, and especially this type of fraud, is something different than someone stealing your card and charging $150 on it. The fact that they were able to make those changes says that there is more to this than card theft.

This has been bothering me as well. I'm not real clear on how they got the billing address on the card, something they would have needed to make the changes. The only place that had the billing address is the RV park we stayed at, but it's a good 30 miles away from the address.[/QUOTE]

I just have a guess. Try a Google search on your name -see if your address or phone number comes up. See if you can do a search on your phone number to get your address (sometimes you have to pay a few bucks to get this info).

This whole genteel service of having your waiter take your credit card away has to change in this day and age. With wireless networks, tablet data devices, plug-in mini card readers, and wireless networks, the restaurants could easily outfit their servers each with a point of sale device, and run your card at your table, in your view.

BTW, a Drudge Report headline this morning said that anyone coming to Sochi for the Olympics is having their internet immediately hacked when they use it.

 

[Toy1Ton]

I always wright check for ID in the signature part on the back of my cards

 

[Ray LeTourneau]

I always wright check for ID in the signature part on the back of my cards

Ditto! It's on both credit and debit cards.

 

[JohnDar]

I absolutely refuse to have a debit card. Fortunately, my credit union ATM card is not one. I always have it and two credit cards when we travel.

 

[porthole]

I always wright check for ID in the signature part on the back of my cards

I have been doing that for at least 10 years - doesn't matter. Modern fraud is not just the "steal your info at the back of the restaurant" anymore.
How many transaction do you do a month where the card is never even looked at, e.g. POS terminals at stores, fuel stations etc.

I am going to make my long winded post of our recent experience in a separate thread, including some very interesting tidbits about the Target hack..

But in a nut shell:
Don't use debit cards for anything other then a withdrawal or deposit at a Bank ATM (even those locations have issues) - you have limited protection.

Do use credit cards if you have too use plastic, federal laws offer you much greater protection.
Do set up alerts on your cards, I never used them before, now I have alerts for everything. I now get gas station alerts before the attendant gets the nozzle in the tank.
Have your bank block all international charges. For me the exchange rates were an issue after my claim was settled.

Check you daily limits. In the 20 years or so of using debit cards, my daily limit had slowly risen to $10,000 (didn't realize that it had).
But realize - that daily limit is POS only, online - no limit other then you checking account, or in my case potentially the overdraft account tied to my checking.

All the hype about the new bio credit cards coming out will offer some protection. But in Europe, although the "chipped" cards reduced many fraud transactions, it was offset by the increase in internet and online fraud.