We've become so comfortable with our credit cards that it's easy to forget about being cautious. Even if your credit card boasts the best fraud protection in the business, you may still be leaving yourself vulnerable to identity thieves who can't wait to get their hands on your account details. CardRatings asked consumer advocates, financial security experts, and credit card company spokespeople to name the top five most dangerous card habits that we've all been guilty of doing at one time or another:
1. Responding to dubious e-mail
Denise Richardson, author of the book "Give Me Back My Credit," used her blog to spread the word about a new wave of phishing scams involving the latest iPhone. Crooks pretending to represent Apple sent thousands of spam emails to consumers, congratulating them on winning early access to the hot device. Just one problem: Apple never ran any such promotion.
Richardson writes that this is just the latest in a series of email scams designed to play on your emotions. Follow the emailed link to a "registration page" where you input your credit card data, and it's likely to end up in a scammer's database. "If you've never entered a contest and you suddenly hear that you've won it, it's not a real contest," Richardson says.
2. Giving your credit card number over the phone
When you didn't make the call, that is. Personal security expert Robert Siciliano thought his dining companions would get a kick out of the robot voice on his speakerphone, alerting them to a problem with his Eastern Bank MasterCard. As he recounted on his blog, Siciliano thought the ludicrous robot voice and his lack of an account at that bank gave away a weak scam. When his friends expressed concern that he should follow the caller's instructions, he realized that many consumers fall for this simple trick every day.
"No longer funny, this saddens me because these are intelligent people who could easily get bit by this crime," Siciliano writes. Robocalling systems dial phone numbers sequentially until they find a victim willing to enter their personal information. Banks and credit unions have advised customers for years not to provide those details, since they'll already have them on file if they ever need to call you.
3. Shopping at fly-by-night online stores
Search engines have made bargain hunting easier than ever, but they also turn up listings from novice merchants that don't always follow industry security practices. The PCI Security Standards Council sets the bar high for online merchants. Not only must they encrypt all customer information across a secure connection, they must ensure that credit card numbers pass directly through their database to a merchant processor.
If an online order form lacks a "secure" lock in the address bar or appears less than professional, assume that your account details could be easily hacked.
4. Losing sight of your credit card at a retailer or a restaurant
Jasmine Crowder evidently thought she could make a little extra money when she started skimming customers' credit cards at a Philadelphia-area pizza restaurant. After local investigators traced her involvement to 26 incidents of identity theft, she admitted that she expected to earn about $1,000 as part of a team that racked up nearly $45,000 in fraudulent charges at area retailers.
"Skimmers" use small devices that unscrupulous employees can easily conceal in work uniforms, aprons, or underneath retail counters. With a little sleight of hand, a skimmer can copy the magnetic stripe details from just about any credit card without being detected. Skimming has grown substantially over the past few years, with New York investigators taking down a skimming team whose 111 members were allegedly responsible for $13 million in illicit high-end electronic purchases.
5. Accessing your credit card over an unsecured Wi-Fi hotspot
Even if you think you're being vigilant about your credit card security by checking your lender's website every day, your otherwise good habit could set you up for identity theft if you do it in public. Unsecured wireless hotspots at coffee shops, hotels, and retail stores offer convenience, but they can also harbor sophisticated hackers who can see enough of the information flying through the airwaves to piece together your account credentials.
According to software developer and online security expert Leo Notenboom, you can avoid this exposure by checking banking information only over secure, encrypted connections. Look for networks that require passwords, and avoid dubious connections that promise "free" access in places that otherwise charge to hop online. Even better, Notenboom writes on his "Ask Leo" website, you can enable the secure "wireless hotspot" feature on most newer smartphones to create your own private network. "Hackers are much more likely to go for easier targets," Notenboom says.
Shielding yourself from credit card scams requires some healthy skepticism and a lot of practical protection. Use separate credit cards for restaurant bills, online purchases, and everyday shopping to isolate exposure if any one of your accounts gets compromised. Use text message or e-mail alerts to notify you whenever your card number gets used, so you can detect fraud early. Although the best credit cards hire loss prevention investigators who work closely with law enforcement to shut down scammers, keeping most of your account information secret can prevent you from the pain and frustration of identity theft.