6 common types of credit card fraud and how to avoid them

John Egan
Written by
John Egan
Why you should trust CardRatings
Where are you on your credit card journey?
Get Started
6 common types of credit card fraud and how to avoid them
Terms apply; see the online credit card application for full terms and conditions of offers and rewards.

Credit card fraud plagues America.

In 2022, more than 150 million Americans — or about two-thirds of cardholders — were victims of credit card fraud, according to a security.org report.

Further evidence of the problem: Credit card fraud tops the list of identity theft cases reported to the Federal Trade Commission (FTC) in 2022.

The FTC received 441,882 reports in 2022 of information being misused with an existing card or when applying for a new card. Credit card fraud involving existing accounts jumped 23% from the previous year, and credit card fraud involving new accounts went up 13%.

What is credit card fraud?

Simply put, credit card fraud is the theft and unauthorized use of your credit card information. This fraud comes in the form of using your information to make fraudulent purchases or to set up a new account in your name.

“Although many of the major credit cards offer zero liability on fraudulent purchases, it’s still your responsibility to be on the lookout for fraud and to report suspicious transactions as soon as possible,” says the Washington State Department of Financial Institutions.

What are the most common types of credit card fraud?

What follows are six common types of credit card fraud and how to avoid them.

1. Card-not-present fraud

Card-not-present fraud is a multibillion-dollar problem.

A forecast from Insider Intelligence and eMarketer envisions nearly $9.5 billion in losses due to card-not-present fraud in 2023, representing almost three-fourths of losses caused by card payment fraud. The projected losses for 2023 would be 8.3% higher than the losses from card-not-present fraud in 2022.

So, what is card-not-present fraud?

Card-not-present fraud refers to fraudulent credit card transactions made online, over the phone or by mail. It occurs in cases when a physical card is not handed over to a merchant to make a purchase.

Generally, card-not-present fraud takes place after a credit card or information on a credit card has been stolen or has been purchased illegally on the “dark web.” Information that a crook might grab includes your name, your address, a card number, the card’s expiration date and the card’s three- or four-digit security code.

A common type of card-not-present fraud happens when a customer adds a purchase to a cart on an e-commerce website and completes the transaction by entering their card information. While the transaction is taking place, a thief may be able to electronically steal the customer’s card information — without the customer being immediately aware of it.

How to prevent card-not-present fraud:

  • Don’t allow anyone else to use your online usernames and passwords.
  • Make secure transactions. Always look for a web address that starts with https:// and for a padlock symbol displayed in your web browser. These signal that your data is being transmitted securely.
  • Don’t send credit card information via email.
  • Ignore email requests for your credit card information, even if you believe the request is coming from a trusted source.
  • Avoid using public Wi-Fi when you’re making transactions involving sensitive data or when you’re logging into a bank or credit card account.

2. Application fraud

As the name suggests, application fraud occurs when someone opens a credit card account in your name without your permission. A fraudster might accomplish this by stealing some of your personal information or creating fake documents to set up a new account.

How to prevent application fraud:

  • Resist storing your credit card information on a website or browser where your data could be stolen.
  • Do business only on secure websites. Look for web addresses that being with https:// and for a lock icon.
  • Regularly update your passwords, making sure they are hard to guess and contain a mix of letters, numbers and characters.
  • Use multifactor authentication. Multifactor authentication requires you to log onto a website using more than just a password. For instance, you might be instructed to type in your password and enter a one-time code sent by text or email.

3. Skimming

Fraudsters often steal your credit card information when you least suspect it.

For instance, some crooks illegally install devices on ATMs, payment terminals or fuel pumps to “skim” your card data or PIN. With this data, thieves then can create fake credit cards or carry out unauthorized transactions.

These devices read and store data that’s transmitted via the magnetic stripe on the back of your card when you swipe it at an ATM, payment terminal or fuel pump.

How to prevent skimming:

  • Inspect the ATM, payment terminal or fuel pump. Look for anything that appears suspicious, such as buttons that feel odd when you press them or keys that seem to be misaligned.
  • Steer clear of non-bank ATMs. It’s estimated that 60% of skimming incidents happen at privately owned ATMs.
  • Use tap-to-pay technology. This technology eliminates the need to swipe your card.
  • Rely on mobile payment apps such as Apple Pay and Google Pay.
  • Pay with cash instead of plastic.
  • Pay inside a gas station rather than at the pump.

4. Lost or stolen cards

It happens: You credit card is lost or stolen, and now you’re in a panic.

Fortunately, federal law guarantees that you’ll never be responsible for more than $50 in unauthorized credit card transactions. Plus, a number of credit card issuers provide $0 fraud liability for unauthorized transactions made with a lost or stolen card.

How to prevent lost or stolen credit cards:

  • Inspect the ATM, payment terminal or fuel pump. Look for anything that appears suspicious, such as buttons that feel odd when you press them or keys that seem to be misaligned.
  • Steer clear of non-bank ATMs. It’s estimated that 60% of skimming incidents happen at privately owned ATMs.
  • Use tap-to-pay technology. This technology eliminates the need to swipe your card.
  • Rely on mobile payment apps such as Apple Pay and Google Pay.
  • Pay with cash instead of plastic.
  • Pay inside a gas station rather than at the pump.

5. Account takeovers

An account takeover can be a pain in the you-know-what.

“When account takeover attempts are successful, the cost for the customer can be monetary as well as lost time and frustration when they try to undo the damage that’s been done,” says LexisNexis Risk Solutions, which collects and sells an array of consumer data.

In an account takeover, cybercriminals hijack an online account to make purchases, for instance, or to access data that they then use or sell. The data they might steal includes your usernames, passwords, email address and Social Security number.

In many cases, these fraudsters sneak into your account using stolen data they purchased online.

How to prevent account takeovers:

  • Be careful with your passwords. The password for each of your online accounts should be unique and difficult to figure out. Each password should be a mix of letters, numbers and characters. When you use the same password for multiple accounts, you run a greater risk of your accounts being hacked.
  • Take advantage of multifactor authentication. Multifactor authentication requires you to provide at least two ways to verify your identity before you can log onto an account. A multifactor combo might be your username and password plus a one-time code sent to your mobile phone.
  • Be on the lookout for phishing scams. A phishing attack takes place when a cybercrook tricks you into sharing personal data or downloading malware (malicious software), which can steal sensitive information. This may happen via emails, text messages or phony websites.

6. Phishing scams

In a phishing scam, a cybercrook is fishing for valuable data such as passwords, account numbers or Social Security numbers. They try to grab this data through emails, text messages or fake websites that direct you to click on a link or download an attachment. Once you click or download, the crook may be able to dig into your trove of data and steal some of it.

How to prevent phishing scams:

  • Install and update security software on your computer.
  • Keep up with software updates on your phone.
  • Embrace multifactor authentication. This requires you to provide at least two credentials, such as a username and password plus the answer to a security question, before you’re able to log onto an account.
  • Be on the lookout for suspicious emails, text messages and websites. If they appear as if they’re not legitimate, don’t click on links, download attachments or provide personal information. Even if they look legitimate, think twice before following the instructions given by in an email, in a text message or on a website.
author
John Egan
Cardratings Contributor

John Egan is a content creator and content marketing strategist in Austin, Texas. His specialties include personal finance, real estate, and health and wellness. John’s work has been published by outlets such as CreditCards.com, Bankrate, Forbes Advisor, Experian, Capital One, The Balance and U.S. News...Read more

Featured Partner Cards:

Disclaimer:

The information in this article is believed to be accurate as of the date it was written. Please keep in mind that credit card offers change frequently. Therefore, we cannot guarantee the accuracy of the information in this article. Reasonable efforts are made to maintain accurate information. See the online credit card application for full terms and conditions on offers and rewards. Please verify all terms and conditions of any credit card prior to applying.

This content is not provided by any company mentioned in this article. Any opinions, analyses, reviews or recommendations expressed here are those of the author’s alone, and have not been reviewed, approved or otherwise endorsed by any such company. CardRatings.com does not review every company or every offer available on the market.