Here Are All The Ways Your Credit Card Info Can Get Stolen
KEY POINTS
- Stolen credit card information contributes to $8.8 billion in total fraud every year.
- Reports of stolen credit card info rose 13% in 2022.
- There are a handful of ways consumers can protect themselves from fraud, including setting up two-factor authentication for their accounts and only using credit cards with microchips.
Last year, credit card fraud topped the list of types of reported identity theft, according to the Federal Trade Commission (FTC). There were nearly 442,000 reports from people who said their information was misused with an existing credit card or when they applied for a new one, up 13% from the previous year.
And that fraud adds up to a lot of money being spent. Stolen credit card information contributed to the broader fraud category, in which $8.8 billion was stolen in 2022, a shocking $2.6 billion increase from 2021, according to the FTC.
While credit card companies typically protect customers from having to pay for items that were purchased with stolen credit card information, it can still be a significant headache to have your card -- and potentially your identity -- stolen.
Here are the ways your credit card information often gets stolen and how to keep yourself safe.
Phishing
Phishing involves scammers sending a message, like an email, text, or phone call, that appears to come from a legitimate source, like a bank. The message typically asks the recipient to click on a link to a website that will eventually ask for their credit card number.
A specialty version of this scam is spear phishing, a sophisticated, tailored attack sent to someone to steal their credit card information.
Skimming
Credit card skimming is when a device is placed over a card reader at a register and it steals your card information when you make a purchase, according to Capital One.
Some criminals have placed skimmers at gas pumps, which then read and store the card's information when swiped.
Shimming
Shimming is similar to skimming, except it differs in that this theft targets credit cards with the small, embedded microchips in them, called EMV® chips. A paper-thin device, or shim, is put inside a credit card machine, according to Experian, and it then copies and stores the credit card info when you put the card into the machine.
It's worth noting that chip credit cards are still more secure than using a card's magnetic strip.
Physical theft
This one is a more obvious way to lose your credit card information. If you've ever lost your wallet or had it stolen, you know there's a possibility your credit card will be used to make fraudulent purchases.
Data breach
A data breach can occur at a company you've done business with or purchased from. If the company is the victim of a phishing attack or is targeted by hackers, your credit information can be stolen in the process, according to Chase.
Public wifi
Public wifi connections, like at a coffee shop, can be popular places for criminals because these networks often aren't secure.
Equifax says that anyone can easily access these networks, and some don't use proper encryption, making them easy targets for criminals to access someone's personal information.
Malware and spyware
Just like companies, you can experience a data breach as well. Your credit card information could be compromised if your device is infected with malware -- software that's intentionally designed to cause harm -- or with spyware, which is software installed on your device without your knowledge to steal personal information, according to McAfee.
Account takeover
Sometimes criminals get your credit card information by gaining access to personal information, like through an e-commerce account. For example, someone could buy your login credentials on the dark web, then use them to log in to your favorite online shopping platform and steal your credit card information stored in that account.
Mail theft
Sometimes criminals use less sophisticated ways of stealing your identity, like sifting through your mail looking for credit card numbers. According to Allstate Insurance, this may involve looking through your trash for personal information or even filling out a fraudulent change-of-address form to have your mail forwarded to them.
Social engineering
Social engineering is a technique where a criminal poses as someone you know or trust to steal your credit card information. According to HSBC, this sometimes happens on social media platforms where someone poses as your friend, wins over your trust, and then eventually asks you for credit card information.
Database SQL injection
Hackers can sometimes put malicious code in the backend of an online database that displays sensitive information, like credit card numbers. When this happens, criminals see your credit card information when you use an infected website or app.
How to protect yourself from credit card fraud
If you're thinking of switching to all cash after reading this, there's an easier way to protect yourself. First, the FTC recommends never giving out your credit card information over the phone unless you're the one who initiated the call. The organization also says you should never leave your account information out in the open.
Setting up two-factor authentication for accounts that use your credit card information is also recommended. This security protection will require you to enter a code or log in from an app before you can access your account, which makes it harder for criminals to use your stolen account information online.
And finally, using chip cards can help reduce fraud because they're more secure than swiping your card's magnetic strip. Taking these simple steps can help you avoid having your credit card information stolen and make it harder for criminals to impersonate you.
Our Research Expert
We're firm believers in the Golden Rule, which is why editorial opinions are ours alone and have not been previously reviewed, approved, or endorsed by included advertisers. The Ascent, a Motley Fool service, does not cover all offers on the market. The Ascent has a dedicated team of editors and analysts focused on personal finance, and they follow the same set of publishing standards and editorial integrity while maintaining professional separation from the analysts and editors on other Motley Fool brands.
Related Articles
View All Articles