How do you prevent credit/debit card fraud?

[SoundnFury]

Got a message this morning from the bank about suspected fraudulent activity. Checked my account and sho nuff there were charges on there for online services that were not authorized by me. So someone hacked my debit card information.

If they got the info from me making a purchase through a site one time, I'm not concerned. What would really concern me is if they got the info from a trojan horse or other virus. Is this possible? Likely?

The only merchant who I don't 100% trust who I've paid out of my checking account in the last 90days was ppc coach (but that was through paypal).

Any insights on how this happened?

Any advice on how to prevent this in the future?

 

[Dwight Schrute]

Same thing happened to me a couple of weeks ago.

B of A told me to run a virus scan, that it might be a trojan/keylogger. The bank will also cross-reference your purchase history with others who have had fraudulent activity to see if there's a vendor who is not protecting their data.

 

[zany zoroaster]

It could've been that someone took the info off your physical card at the ATM or when you were buying something at the store. At the store, I recommend that you put your wallet over your hands when you enter your PIN. At the ATM, you should check for parts of it that are loose, or for small holes that could conceal a camera. Check out how subtle the skimmers are: Would You Have Spotted the Fraud? — Krebs on Security

 

[ShadowCaster]

You might want to use a tool like this:

 

[lemon]

I had a job which involved this sort of thing.. although most of my experience is from preventing it on the purchase end rather then the cardholder end.

anyway, 3 ways they can get your card that I know of

1) hacked sites
most sites are not supposed to store card data on, but lots of them do. Sometimes people are able to get the databases to that site. Alternately, somebody can get root access to a server and reconfigure it to store your address, cc number, expirey and the security code on the back.

2) trojans / spyware
There can actually be a long period of time before a virus is detected by antiviruses.

3) physical copying
this can either be a "mouth" over top of the atm slot that copies the data on the magnetic stripe, or just a gas attendant swiping your card through a handheld reader and making a clone. I am pretty sure that cards copied this way can only be used in person (swiped) and cards with the info online cannot be swiped.

regardless at the end of it all, just keep track if your billing statement and look for any suspicious tranactions. Both me and my girlfriend have had our cards copied (mine recently and hers years ago) and both times the bank caught it before it even showed up on my statement.

Oddly enough, both cards had a 1$ charge on it from some charity followed by a large transaction that did not go through. On my card they tried to buy 10 macbooks from the apple store. On my girlfriends they tried to buy furniture from a store in singapore.

whacky shit.

 

[blog8491]

Did you use your credit in a cyber cafe?