(by Julia Jenson)
9.9 million Americans had their IDs stolen in 2003. Businesses and financial institutions in the US lost over $48 billion due to theft of personal and financial information. In Britain, analysts estimate that fraud accounts for losses of £14billion annually, where card crime comprises £402million. Virtually every developed country faces the problem of credit card fraud that can keep consumers from online banking and shopping and makes some wonder whether their credit history could suffer if they defaulted on a mortgage payment because of scamsters overdrawing the account.
A number of different tricks are utilized to prey on card users approaching ATM machines. The simplest form of credit card fraud is “shoulder surfing”, when a criminal loiters around the ATM stealing a look now and then at a customer entering his or her PIN. Another variation is the “Lebanese loop” when a customer is tricked into thinking that the ATM has swallowed his or her card. When the victim stops trying to retrieve the card and walks away, criminals empty the account. Thieves are also known to insert a little skimming device in the card entry slot of the ATM machine that can read the card’s magnetic strip. The customer typing the PIN can be videotaped with a miniature camera focused on the key pad. Transferring this number to the blank card, fraudsters withdraw daily maximum from the account.
A very common approach is the “dumpster diving” that helps criminals obtain credit-card-account numbers and personal information from the discarded mail that consumers did not care to shred. After that scamsters fraudulently apply for new cards or take over existing accounts. Sometimes careless consumers can share their personal information such as password or pin with criminals introducing themselves as representatives of the bank or government agencies.
It is almost impossible to prevent ID theft by insiders – employees of a company that processes customers’ personal records. Transferring call center jobs overseas has exposed US citizens to fraud that originated in other countries. Inside thieves use personal information they access due to the nature of their work to get loans or open credit cards that are subsequently used to purchase large amounts of goods.
Perhaps the most “promising” type of credit card fraud involves the use of the Internet. Phishing is a scheme where fraudsters send e-mails requesting recipients to provide their personal financial data, account numbers, user names and passwords, often directing them to a fake website. Targeting customers of eBay, Wells Fargo, Citibank, SunTrust and EarthLink, scamsters can fool up to 5% of customers to respond to their e-mails. Another proliferating type of fraud is the so-called Trojan scam in which hackers infiltrate a bug into a customer’s computer that later communicates with the gang.
Banks and other financial institutions have been beefing up their security systems for years trying to match the increasing sophistication of the fraudsters. Many of them issue warnings to consumers trying to put them on guard against rogues. First Direct, part of HSBC, wrote in June 2004 to 110,000 account holders urging them to restrict their use of ATMs since frequent operations increase vulnerability to theft. Other British banks, such as Abbey National and Barclays, reduced the daily maximum amount of cash consumers are able to withdraw from a cash machine from £500 to £300 on theft concerns. Banks also take efforts to protect ATMs installing them in well-lit places, equipping them with CCTV cameras and anti-skimming devices to deter crime and establish contacts with the police and ATM-producing companies. Steps have been taken to notify consumers of potential dangers. In the US, the Federal Trade Commission has launched a special website to educate the public and inform victims how to respond to identity theft.
Financial institutions usually grant their customers compensation if they fall victim to fraudulent schemes. But consumers may become victimized in a different way: huge premiums banks are paying to insure against losses because of the fraud can prevent them from offering better deals to their customers. British banks seek to protect their customers’ identities through the upgrade to chip and PIN cards, which will require cardholders to put in four-digit numbers instead of signing their name when making transactions. Bankers have promised that 90% of British cardholders will have upgraded cards by the end of the year. Card holders can have their money insured with benefits ranging between $15,000 and $25,000 for a cost of $25 to $50 per year buying a policy from AIG, Farmers Group, Travelers, Chubb, Encompass and several other credit-card issuers.
Security software sales have grown to $9.6billion in 2004 offering consumers special protections on their PCs warning users before they send their PINs or passwords over the Internet or services that monitor subscribers’ credit reports alerting them in case of unexpected changes in credit history. Experts estimate that enterprises will spend 12% of their IT budgets on security in 2004, growing market giving a boost to companies like Retail Decisions PLC working to safeguard businesses against ever-changing behavior in the area of card fraud.
Governments and private sector officials around the world are making efforts to combat organized Internet crime that accounts for 57% of the material damage caused by crime or $8.3billion. 2001 Cybercrime ?onvention was adopted to step up international efforts in the fight for a crime-free cyberpace.
If financial institutions and law enforcement agencies could curb card crime, it would set free billions of dollars that could be used to enhance service quality and make consumers more comfortable when using credit cards.