Here’s What to Do the Next Time a Business Asks for Your Credit Card by Phone or Email

When we provide our credit card information via remote means, we are often made more vulnerable to identity theft. Here's why.

Recently, I was booking a hotel reservation for a family member and in the process was asked to provide certain information. It was a simple third-party credit card authorization. What could possibly go wrong?

Plenty.

Beyond the fact that I am professionally paranoid — I wrote a book about it — there are so many ways for your information to wind up in the wrong hands, especially your credit card information. When we provide our credit card information via remote means, we are often made more vulnerable to identity theft by the authentication process itself.

There is no best way to conduct this sort of business remotely without putting ourselves in danger of becoming victims of identity theft, but there are better and worse ones. These days, it’s more expedient to focus on the very few ways sensitive information can be made available to third parties without creating unnecessary exposure.

A Better Way for Another Day?

If you are unfazed about sending your information via electronic means, consider something similar: paying for a meal with a credit card. We expose our data and send it on a journey every time we pay a bill at a restaurant.

I saw my first portable credit card reader on American soil the other day when paying the bill at a new restaurant. First, I want to say that the lunch was excellent, and I would have gone back even if the waiter hadn’t trotted out that marvelous handheld identity theft reduction device. I am scam-obsessed, and have long envied our friends on the other side of the Atlantic — and locations in other directions as well — for the ubiquity of at-table card payment.

The reason those machines are great is simple: The server has no opportunity to write down or photograph your card information.

Let that sink in … It’s unsettling now that you think about it, right? All those times a server has walked away with your credit card, what stopped him or her from snapping a quick pic of the front and back before returning to your table?

That reader is new technology. The service industry is finally (belatedly) getting hip to the challenge of protecting consumers from identity theft and other scams, but what should you do while it’s still in catch-up mode?

How to Send Your Stuff

The form that was emailed to me by the hotel made the threat of a sneaky waiter snapping pics of my credit card seem like amateur hour.

Obviously, the reservations department asked for my credit card number and expiration date. They also wanted my billing address, work and home phone numbers, email address and signature. Then there was the outline of a box, under which were the words: “Copy front of the credit card” and “Copy of ID.”

Now, I’ve already confessed to being someone who looks for the angle crooks will try to use. The idea of sending, in addition to all the other information requested, an image of a valid form of identification — in my case, my driver’s license — was truly unthinkable. I’d sooner have my Social Security number puffed out by a skywriter over the House that Ruth Built during a Yankees-Red Sox playoff game. (Not convinced? Read up on the surprising ways identity theft can hurt you.)

The form gave me the option of sending my cornucopia of sensitive personal information via email or by way of fax. Which is the better choice?

Hackers Are Really Good at What They Do

Phone calls and faxes conducted over phone lines can be rerouted, emails can be intercepted. Phone calls can also be listened to, and therein lies another problem. When you call a service provider — any kind that costs a set amount every month— there will come a time during the call when you will have to provide your Social Security number so that the company can run a credit check. A service rep is going to ask you for it — the whole thing.

Remember the waiter? Same problem.

Absolutely nothing can stop that person from writing down your information. And before you ask why you can’t input the information on your keypad, remember: Phone calls are not secure, the tones can be intercepted. Encryption is both complex and costly. This is why the federal government has been investigating the possibility of a universal identifier. But in the meantime, those credit checks or authentications pose the same, if not greater, peril as your credit card’s journey at most restaurants.

Old Is New (But Not Fail-Safe)

As counterintuitive as it seems, using the fax in this scenario is the safer path, though it is not completely safe given the possibility of data interception.

Pro tip: Call before sending a fax that contains personally identifiable information or anything else that is for as few eyes as necessary, and ask the person on the phone if they are near the fax machine, or if not if they can be. Call again to make sure the transmission has been retrieved and isn’t just sitting in a tray waiting for a scam artist to come sauntering by with a smartphone and a shopping list of things they want to purchase using your information.

While we await better solutions, you are the ultimate guardian of your personal information, and your vigilance given the myriad threats out there will lead the way for change. In the meantime, get in the habit of monitoring your finances for any sign of mischief. You can view two of your free credit scores, with helpful updates every 14 days, for free on Credit.com.

Image: nyul

The post Here’s What to Do the Next Time a Business Asks for Your Credit Card by Phone or Email appeared first on Credit.com.

You Have Just 100 Days to Plan for Holiday Scams

christmas-scams-2016

Whether you are hoping we can “Make America Great Again,” working tirelessly for those who say that we are “Stronger Together,” or simply trying to make it through another day, it is highly likely that Christmas is the furthest thing from your thoughts right now.

But with only 54 days ‘till Election Day, I can already tell you what’s going to happen, and it’s not going to be pretty. I’m not talking about the continuing controversies over hacked email accounts or electronic voting systems. I’m not even talking about all the sore losers and obnoxious winners there will be no matter who wins.

You Better Not Cry

On November 9, America will wake up to a new leader of the free world. And with all the feelings (elation, dread, boredom) to which that gives rise, I still want to point out another horror show waiting on the other side of the election. There will be just 46 days until Christmas.

If you didn’t have insomnia leading up to Election Day, the night after might be your unlucky day.

Not worried? Consider for a moment that while you were thinking about politics, football and maybe Thanksgiving, the economic juggernaut that is Christmas has been rolling since January. All the people who make the holiday profitable have already spent tons of time thinking specifically about you.

That said, there are a lot of not-so-nice guys out there (also known as scam artists, criminals, swindlers and crooks), who have also spent a great deal of time thinking about you, and have been sharpening their proverbial knives in anticipation of a very merry Christmas. With all this in mind, here are some of the things you should look out for in the 100 days until Christmas.

1. Charity Scams

‘Tis the season to give until it hurts both emotionally (oh, those family get-togethers) and financially. But if you’re not careful, the emotional and financial will intersect when you are scammed by a fake charity.

I know, pretty harsh, right? Well, if only the likes of the Grinch can steal the entirety of Christmas (and as you’ll recall he actually couldn’t) there are plenty of grungy cranks out there who are perfectly happy to steal your donation of $10, $20, $100 or more (and they can). They do it with phishing scams: an email or text designed to look like it’s from a charity. Or that strategically placed dinnertime call when your impulse to be a good neighbor collides with your desire to get off the phone and back to the table.

How to avoid this: Always give directly to a charity. This goes for your cyber giving and real-time charity. Not all bell-ringing Santas are working for the Salvation Army, but if you go to the right site (that you have independently confirmed), with the right security (HTTPS and the little lock), you can be sure your money gets to the right people.

2. Fake Jobs

With the holiday rush, companies hire. This is a boon for everyone, potentially, but it also opens the door to identity-related scams. Be on the lookout for job applications that require detailed personal information just to qualify, and if you are applying online, make sure the site and the company are the real deal by making phone calls, searching online and relentlessly checking consumer reviews. If you believe you’ve been the victim of a scam, it’s a good idea to check your credit to see if your scores have fallen. (You can view two of your free credit scores on Credit.com.)

3. Holiday E-Cards

Holiday cards are fun. You get to see how kids have grown and check out your friend’s new car (I’m amazed at how many family portraits include the family car). But be careful because there are plenty of fake cards sent using your hacked or otherwise compromised address book or one that belongs to someone you know. The result: a holiday card that doesn’t seem odd, but open the wrong one, and you’ve just been phished.

Solution: There’s no silver bullet here, but always look at the URL and make sure that it is spelled correctly, because many of these scams operate spoof sites that require sharp powers of observation to detect, such as words spe1led slightly differently. (Did you catch that?)

4. Unsafe Online Shopping

No matter how pressed for time you are, no matter how forgetful-so-you-better-get-it-done-while-you’re-thinking-about-it (like me) you might be, try to avoid using public Wi-Fi to do your holiday shopping and never, ever use public Wi-Fi and your credit card at same time. There are often hackers sitting nearby either manning fake public Wi-Fi or ready to grab your information with a man-in-the-middle attack.

Tip: Rather than familiarizing yourself with every scam out there, just avoid public Wi-Fi for anything other than browsing the Internet.

5. Unlocked Devices

Doubtless you noticed several mentions of phishing scams above. This final suggestion is wildly popular with parents: Get your child their own tablet or smartphone.

It is impossible to police a child’s every click, and if that kid is on a family-wide device that also contains cookies and bookmarks and the like associated with bank accounts and other information housed by financial institutions, putting that device in a child’s hand is courting disaster.

There, I said it.

The Takeaway

The takeaway should be not to get taken (or carried away) this holiday season. Never let your Fear of Looking Like a Grinch (FOLLAG) trump your Fear of Getting Ripped Off (FOGRO).

In addition to all those manufacturers and retailers and marketing wizards hoping for a robust Black Friday and magnificent Cyber Monday, there will lurk all stripes of holiday exploiters as we wend our way toward the holidays. While ‘tis the season for commerce and acquisition ecstasy, there is an army of potential holiday wreckers out there, so be careful.

This story is an Op/Ed contribution to Credit.com and does not necessarily represent the views of the company or its partners.

Image: kzenon

The post You Have Just 100 Days to Plan for Holiday Scams appeared first on Credit.com.

6 Scams to Watch Out for This Summer

Summer will be here before you know it, and with it come new and old scams. As you consider possible escapes — travel to exotic places; trips to the beach, the mountains or the golf course; a staycation to get much needed work done around your house — bear in mind that these diversions provide the perfect opportunity for con artists and identity thieves just waiting to insinuate themselves into your life, becoming the sand in your picnic basket (or bathing suit) — a vacation-killing burn that no ointment can soothe.

Here are few scams to be on the lookout for this summer.

1. Thanks for the Robocalls, Congress!

Thanks to a new provision slipped into important federal legislation, you may start receiving legitimate robocalls to your mobile phone — something that was previously forbidden by the Telephone Consumer Protection Act and the Fair Debt Collection Practices Act. According to Consumer Reports, buried in a recent Congressional Budget bill is a provision that allows loan servicers and other collectors of federal loan debt to use robocalls “to collect a debt owed to or guaranteed by the United States.”

While these calls will mostly target student loan borrowers, fearless fraudsters will certainly take advantage of this newly legal means to dial for dollars and try to extract money from those among us who don’t read Congressional Quarterly.

TIP: Caller ID is by no means a fail-safe protection. If someone calls you regarding money you allegedly owe, ask for the name of the debt holder, hang up, double-check that the number is legit online, and then call them directly.

2. Your New Chip Card Opens the Door for Fraud

There’s a newish phishing scam that has reared its ugly head in New York state, after a fairly long run on the road involving EMV chip cards. It’s a pretty straightforward phishing scam. The emails look authentic — that is, they appear to be from a bank with which you do business — and they target people who haven’t received their new chip cards. The ask: your personal information to authorize the new card. There may be a link, and if you click, it installs malware on your computer or mobile phone.

TIP: If you have your chip card already and this scam poses a threat to you, you have bigger issues. If you do not have your new card and receive an email or call about it, either go directly to the issuer’s site or call them directly and communicate with a representative. Don’t take the bait!

3. Summer Jobs & First Jobs

New college and high school graduates, and kids home for the summer exploring the job market — possibly for the first time — are getting duped into putting their personally identifiable information (PII) to work for fraudsters via fake job scams, according to a warning from the Better Business Bureau of Central Oklahoma. Sometimes the scam is focused on collecting PII to be used in identity-related crimes, but there are other scams that involve handing over bank account information.

TIP: Check out the company online, and don’t provide your bank account number or any other sensitive personal information. While I know this is incredibly painful for anyone born after 1980, pick up the phone and call your prospective employer.

4. A Moving Scam

A Georgia family learned the hard way that hiring a “man with a van” or any other mover can be risky business. According to the Atlanta Journal-Constitution, a woman who asked not to be identified hired movers she found through an online classified ad. They delivered her things, minus about $75,000 worth of personal items. Authorities later learned that the truck used by the suspects had been stolen shortly before the “job.”

TIP: Summertime is when many people choose to relocate. If you’re moving and you need help, hire a reputable company. And always check references.

5. Summer Rental Scam

Here’s an old favorite: You begin your search for a summer place way too late and assume there will be nothing available. But hold on — suddenly you fall upon the absolutely best summer rental ever! You reach the owner or realtor (it makes no difference to a scammer if he or she pretends to be one or the other), and you send a check to the address provided or wire money to an account. He or she then gives you the details about the place. Unfortunately, you have just rented a vacant lot or an empty warehouse. Or when you show up, you discover that you are but one of five families who also rented the house — or landfill.

TIP: If you get a real estate agent on the phone, get his or her license number and check it. Also request references if there are no reviews online, confirm that the address is real and the premises are truly available for rent. Use common sense.

6. Scalpers

Summertime is tour time for the record industry, and the hottest acts can sell out thanks to ticket brokers who horde big blocks of seats for resale at extortionate prices seconds after they go on sale. While this isn’t a scam per se, it creates a fertile field for fraudsters, who offer tickets at more reasonable prices, though they’re often still more than face value. The only problem: They don’t have tickets, or at least not real ones.

TIP: If you are tempted to buy tickets secondhand, be exceedingly careful because there are all sorts counterfeit tickets for sale. Go to reputable sites or deal with folks whom you trust and have established a relationship with.

The Takeaway

Unfortunately, in a world where identity theft has become a near certainty, the season is pretty much irrelevant. When it comes to scams and other kinds of fraud, it’s always open season on you.

Minimize the damage by monitoring your credit for signs of fraud. You can do so by pulling your credit reports for free each year at AnnualCreditReport.com, and viewing your credit scores, also for free, each month on Credit.com.

More on Identity Theft:

Image: Robert Vautour

The post 6 Scams to Watch Out for This Summer appeared first on Credit.com.

How to Spot a Bogus Diet Plan

eating_healthy_meal

It’s the time of year when people look at their bank accounts — and their scales — and resolve to do a bit better next year.

There’s more than a coincidental connection between eating healthy and saving money. Researchers have found that, at least in some cases, the same part of the brain that promotes good choices also promotes good eating habits, i.e., “trade a cookie today for a healthier tomorrow.”

So it should come as little surprise that come-ons you’ll see for get-rich-quick schemes seem almost identical to pitches for weight loss programs. “Everyone will lose weight” sounds a lot like “You can’t lose with this investment;” “Lose 30 pounds in 30 days” sounds an awful lot like “15% returns or more.”

False diet claims got a lot of national attention last year when Dr. Mehmet Oz was hauled before Congress as it investigated “The Oz effect.” Products that Oz hawks on his show, many with dramatic and unproven claims, sell like hotcakes online. Oz was criticized for helping these products, but he was not accused of breaking any laws.

At the hearing, the FTC’s Mary Engle said that the agency had brought “82 law enforcement actions in the past 10 years challenging false or unsubstantiated claims about the efficacy of a wide variety of weight loss products and services.”

New Year, New Weight Loss Gotchas

By some measures, two-thirds of Americans are overweight. That’s a really big potential market. During the holiday season with all the feasts, parties and cookies, that market only gets bigger. January is the time for making self-improvement resolutions. If you are thinking about living a healthier life, that’s great. But first, resolve that you won’t fall for a diet scam.

The Federal Trade Commission sums up the medical literature on weight loss nicely on its website devoted to avoiding bogus diet plans. There’s only one healthy way to lose weight — eat less, exercise more, stick to it for a long time and don’t expect dramatic results.

“For most people, a reasonable goal is to lose about a pound a week,” the FTC says. “Getting to a healthy weight takes work. Take a pass on any product that promises miraculous results without the effort. The only thing you’ll lose is money.”

Here is the FTC’s list of most common weight loss claims, per its website:

  • Lose weight no matter how much you eat of your favorite foods! Beware of any product that claims that you can eat all the high-calorie food you want and still lose weight. Losing weight requires sensible food choices. Filling up on healthy vegetables and fruits can make it easier to say no to fattening sweets and snacks.
  • Lose weight permanently! Never diet again! Even if you’re successful in taking weight off, permanent weight loss requires permanent lifestyle changes. Don’t trust any product that promises once-and-for-all results without ongoing maintenance.
  • Just take a pill! Doctors, dieticians and other experts agree that there’s simply no magic way to lose weight without diet or exercise. Even pills approved by FDA to block the absorption of fat or help you eat less and feel full are to be taken with a low-calorie, low-fat diet and regular exercise.
  • Lose 30 pounds in 30 days! Losing weight at the rate of a pound or two a week is the most effective way to take it off and keep it off. At best, products promising lightning-fast weight loss are a scam. At worst, they can ruin your health.
  • Everybody will lose weight! Your habits and health concerns are unique. There is no one-size-fits-all product. Team up with your health care provider to design a nutrition and exercise program suited to your lifestyle and metabolism.
  • Lose weight with our miracle diet patch or cream! You’ve seen the ads for diet patches or creams that claim to melt away pounds. Don’t believe them. There’s nothing you can wear or apply to your skin that will help you lose weight.

More Money-Saving Reads:

Image: Ingram Publishing

The post How to Spot a Bogus Diet Plan appeared first on Credit.com.