If you open up your credit card statement and see a transaction you don't recognize, it's easy to start panicking. "Someone used my credit card online," you think to yourself. "What should I do?"
Among the mix of emotions and racing thoughts, it might occur to you that there's the potential to track down the fraudster and turn them over to the authorities.
Unfortunately, the reality is that credit card fraudsters are rarely caught. The good news, though, is that your liability is limited by federal law if you report the unauthorized transaction in a timely manner.
When you first realize that someone used your credit card online, it's natural to want to find out who they are and where they are.
The reality is, though, that there really isn't any way you can track someone who uses your card online. These types of transactions are known as remote or card-not-present (CNP) fraud. This means that the card wasn't physically present during the purchase since the fraudster used your card online rather than in a physical location. There likely aren't any witnesses or security camera footage that catch the thief in the act.
Financial institutions have a process they go through when investigating credit card fraud.
They might take some of the following steps during the investigation:
Even though there really isn't any way you can track the credit card fraudster on your own, it can be useful to understand the steps that authorities might take.
Of course, you will want to contact your bank or credit card issuer right away when you realize someone used your credit card online. They will cancel the card so no one can make any more unauthorized charges and send you a new card with a new number.
If large amounts of money are involved in the fraud, the procedure will be slightly different. Bank investigators or law enforcement will take on the case if it surpasses a certain limit.
Here are the ways that the authorities can track card-not-present fraud:
Depending on the size and scope of the fraudulent activity, your credit card company might assign a team of investigators to the case.
They will begin by looking at the IP address and the transaction timestamp. This is the first step because they need to verify whether you are correct in your claim that fraud has occurred. The credit card issuer needs to rule out the possibility of friendly fraud or unintentional fraud.
Some examples of these phenomena include:
If it becomes clear that fraud has, indeed, occurred, investigators will start to dig deeper. They'll look into the IP address to try to find out where the fraudster is. If it's found that the customer orders services or goods in a different state or country than the IP address, geolocation data can be used to try and figure out exactly where they are.
Financial institutions like banks and credit card companies are able to extract geolocation data using specific software. This helps them gain information about the internet service provider (ISP), time zone, and location of the person who used your card without authorization.
Credit card information thieves will often take a number of steps to cover their tracks. This means that efforts to find out more about the individual's physical location might help locate the fraudsters.
Investigators will try to look for additional information if their other efforts at location tracking aren't successful.
For instance, they might find that the fraudster appears to have used your card online several different times. This can offer the opportunity to spot buying patterns that can be used by criminal profilers to try and identify them.
They also might do the following:
Though all of this might sound pretty promising, the truth is that credit card fraudsters are very rarely caught.
It's pretty disappointing to realize that credit card fraud investigations rarely result in finding the fraudster. Not only does it seem deeply unjust that they get away with using your card scot-free, but you're also likely worried that you're on the hook for the cost of what they bought.
On the one hand, the liability of credit card fraud victims is generally limited under federal law to $50. Credit cardholders, in most cases, are protected in the following ways according to the Fair Credit Billing Act:
Beyond that, many credit card issuers offer zero-liability credit card protection. This means that charges that are reported by consumers or that are detected by credit card companies as fraudulent will be removed from their accounts. When they are removed, this means that the cardholder isn't liable for the charges.
Even though you can technically be liable for $50, most card issuers won't make you cover that cost if you report it in a timely manner.
Debit cards and credit cards work in different ways. With credit cards, you're extended a line of credit by the credit card issuer, and you have to repay what you use. Debit cards are directly linked to a bank account, and when you use the card the money is withdrawn from your account.
This means that the same protections you will enjoy using a credit card aren't the same as those you'll receive using a debit card.
If someone steals your debit card information and makes a purchase online, you might be liable for some of the cost. According to the Electronic Fund Transfer Act (EFTA), how quickly you report the theft will inform your user liability:
Luckily, there are a number of steps you can take to keep yourself safe from credit card fraud both online and in-person.
E-commerce has completely changed what it means to be a consumer in recent years. You can easily compare prices, don't have to fight for parking spots, and don't even have to change out of your pajamas to buy pretty much anything you could need from the comfort of your home.
At the same time, though, it's important to recognize that there are risks associated with shopping online. One vital thing to always remember is that entering personal or financial information into an unsecured or inauthentic website can leave you vulnerable to credit card fraud.
For this reason, it's essential that you always check to make sure a website is secure and authentic before you go through the steps of making a purchase. Here are two things to look for when verifying the security of a website:
Of course, on top of making sure the site is secure, you want to make sure it's legitimate. Site security doesn't do you any good if the owners of the site have set it up for fraudulent purchases. Do your due diligence before buying anything online-- research the company, look at reviews, and generally stay on your toes.
Public Wi-Fi allows us to stay connected while we're on the go. However, it's easy to assume that everything we do online is private, no matter what network we're connected to. The truth is people have their information compromised while using public Wi-Fi more often than you might think.
According to a study conducted by Forbes Advisor, 40% of participants had their information compromised while they were connected to public Wi-Fi networks. Interestingly, the two places where people were most likely to have their information compromised were using public Wi-Fi networks at airports and restaurants.
If you're out at the coffee shop and you remember that you want to transfer money between bank accounts, it's likely best to wait until you get home and can connect to a secure network. The same goes for using public Wi-Fi at the airport and finding something you want to purchase online-- bookmark it for later, and purchase it when you know your connection is secure.
Phishing scams have been getting more and more sophisticated as the years have gone on. Phishers can contact you through email, text, phone, or snail mail. Though they approach from a number of different angles, the goal is always the same: to get you to give them your financial information.
Phishing scams come in all shapes in sizes. The goal is always the same, though: to get you to hand over your personal and financial information.
It's important to recognize that phishing scams are no longer as easy to recognize as they used to be. For example, you might receive an email that even has your bank's logo asking you to send information. A financial institution, however, will never request that you send sensitive information in that manner.
Look for typos or anything else that seems a little off when you are concerned a communication is actually a phishing scam. If the message appears to be from your financial institution, call them to verify that it is real. Don't use the phone number in the email, though-- use the number on the back of your card or on their secure, official website.
There are a number of credit cards that advertise that they provide $0 liability on unauthorized charges. Some examples include:
Having one of these cards can give you a little extra peace of mind. As long as you catch fraud early and report it right away, you shouldn't get stuck footing the bill for fraudulent charges.
Another way that scammers will steal credit card information is through devices known as "skimmers."
Credit card skimmers are devices that thieves will attach to unattended payment terminals, such as gas pumps or ATMs.
Though EMV chips help to protect you from card skimmers, it's still a good idea to be attentive when you're using an unattended payment terminal. If you notice anything that seems out of the ordinary about the card slot or indicates tampering of any kind, don't use it, and let an employee know what you saw.
Make a habit of reviewing your credit card and bank statements.
Skim them periodically to make sure that you recognize all of the transactions. You can even download the official app from the financial institution or card issuer to set up notifications to help keep you up to date.
Keeping an eye on your credit reports is also an important step for avoiding credit card fraud and, at worst, catching it early.
You'll want to look for anything that seems suspicious, particularly new accounts that aren't recognizable to you.
Shredding any documents you no longer want that contain financial information, such as credit card statements and credit card offers, can help protect your information.
It might seem unlikely that someone will dig through your trash to steal your credit card info, but the truth is it's not as uncommon as you might think.
Though this tip won't necessarily prevent fraud, it can be a useful tactic to reduce the impact of credit card fraud.
Using this method, pick one card that takes care of all of your autopay accounts. Then, you can use a different card for everyday purchases.
When you do this, it means that your autopay credit card is going to be much less likely to be compromised. After all, it's not being used at gas station pumps, cafes, retail locations, and so on.
What this can do is both help you track unusual spending and protects your autopay accounts from incurring late fees. Beyond that, it saves you the hassle of having to switch all of your autopay accounts if fraud does occur.
Ever wondered what would happen if you simply stopped paying off your credit card? Take a look at my recent post about the consequences of not paying your credit card bill.
It's a good idea to monitor your accounts manually. However, you can also sign up for transaction alerts, where you get a notification when transactions are made on your card.
For example, you could set up an alert when any of the following occurs:
Another tactic you can use to prevent credit card theft is to use smartphone-based payment services when you're out and about making purchases.
Make sure all of the apps on your computer and phone are kept up-to-date to ensure the latest security features are protecting you. The same goes for anti-virus software on your computer-- don't keep ignoring that reminder that it's time for an update.
Make sure your online passwords are unique and include random combinations of letters, special characters, and numbers.
If possible, make sure that each of your accounts has a different password.
Though letting someone borrow your card can seem like a nice gesture, don't do it.
If you need to lend someone a small amount of money to make a purchase, give them cash instead. Once your credit card is out of your hands, you have no way of knowing who is getting their hands on your information.
Paying over the phone isn't the most common occurrence, but it's important to take extra precautions when doing so. For example, you might give your credit card info when paying a bill from a small business owner or ordering takeout over the phone.
It's actually a bit riskier to pay over the phone than it is to shop online or in person. In order to protect yourself when giving your payment information over the phone, use these best practices:
It might be disappointing to learn that you can't really track down someone that used your credit card online. At the same time, it's good to know that there are tactics financial institutions and law enforcement agencies can use to try and figure out who stole your information.
Though you might desire that the fraudster receives criminal punishment for their crimes, it's best not to hold your breath. On the bright side, your liability will be limited. That is, so long as it's clear that the charges really were fraudulent and you reported them in a timely manner.
Taking the time to learn more about topics like credit card fraud and identity theft can help you protect yourself from becoming a victim. As you increase your knowledge about credit and personal finance, you'll find that you are better able to keep your private and financial information safe from bad actors.
Are you on a journey to improve your credit and increase your financial literacy? If so, make sure to check out our Credit Building Tips blog!