Tweet This
Was I having a mental margarita? Looking at my credit card statement, I noticed $640 worth of charges posted earlier in the week from Sears and a Safeway more than 300 miles away.
I don’t always trust my memory, and a small part of me wondered for all of five seconds, “Wait, did I take a trip to Santa Cruz this week? Did I get a new dishwasher? YAY I HAVE A NEW DISHWASHER!”
Then reality set in--I realized my credit card number had been compromised. Unfortunately, the same nasty dishwasher that I’ve fixed so many times that I know it like a Marine knows her M16 was still in my kitchen, mocking me in its supernatural ability to add food particles and secure stains during the cleaning cycle. Fortunately, when I called the bank that issued the card, Wells Fargo, the problem with the mysterious charges was handled immediately.
Photo credit: https://www.flickr.com/photos/smemon/
I’m pretty vigilant on my accounts, and I get that sometimes a store clerk might sneak a peek at a credit card number and “borrow” it for a while, or that if I might leave my card behind after an exhilarating evening at karaoke. But this particular card lives in my desk drawer, and is only used for a small recurring expense. I didn’t understand how someone could really “steal” it, even virtually.
Enter Brian Krebs, a cyber-security expert. In a recent blog post, he recounts the ways credit card numbers can be compromised .
I’m ruling out anything that would have involved physical contact with the card, like an ATM or gas-pump skimmer or dishonorable restaurant employee. So, according to Krebs, the possible leaks of my information could have come from:
- A processor breach, somewhere in between the credit card company and the merchant’s bank
- A hack on the vendor or e-commerce system
- Malware on my computer
- Physical record theft
Wells Fargo’s Natalie Brown, vice president, Consumer Lending Communications, said that keeping those card numbers secure are a joint effort between the consumer and the bank .
Good habits for the card holder-include:
- Keeping the card safe and treating it as you would cash or checks
- Not sending the number through email or giving out the number on the phone, unless you initiated the call
- Making sure online transactions are secured with encryption to protect your account information (look for secure transaction symbols such as a lock symbol in the lower right-hand corner of your web browser, or “https://…” in the address bar of the website. The “s” indicates "secured" and means the web page uses encryption), and logging off from any website after a purchase transaction is made with your credit or debit card.
- Securely keeping or shredding transaction receipts
Brown says the bank is trying to stay a step ahead. “As the fraud landscape evolves, we adapt our approach to fighting fraud and counteract new threats by using innovative tools and technology to help keep customer information safe.”
One of those tools that most major credit card issuers are “chip-enabled” cards (which come with their own set of drawbacks). But the best thing you can do, she says, is use old-fashioned vigilance. “I think the most important thing for people to do is check their accounts regularly – monthly statements is a good way to do that, but using online banking is even better because accounts can be checked more frequently.”
Now if only Wells Fargo could crack the mystery of why my plates and glasses come out of the dishwasher dirtier than when they went in, I’d be completely satisfied.
