It’s always annoying.
It certainly seems like we can’t, doesn’t it?
It also seems that for every barrier we put in place to protect our credit card use, hackers find new ways to run off with our card information.
Let’s look at ways credit cards can be compromised and how you can protect yourself.
Become a Patron of Ask Leo! and go ad-free!
Preventing credit card theft
- Check for malware.
- Secure your local network.
- Be cautious who you give your credit card to.
- Beware of credit card skimmers.
- Use your card only with reputable companies.
Some forms of card compromise are outside your control.
It’s happened to me
It can be very frustrating.
Once I had both my cards compromised for different reasons while I was traveling to Las Vegas. I was afraid I’d have to do dishes to pay for my room, but my credit card company overnighted me a new card in time for check-out.
I suspect one of my cards was compromised by a service into which I had placed too much trust. The other? I have a suspicion there as well.
Let’s look at some of the ways this can happen.
Check for malware
To answer your first question, could your anti-malware tool be missing something?
No security software can catch absolutely every possible malware. That’s the nature of malware and anti-malware tools.
I suggest you get a second anti-malware tool — perhaps a couple — and periodically run additional complete scans of your system. (What Security Software Do You Recommend? has recommendations.) One specific tool I recommend is the free version of Malwarebytes Anti-malware, which has a reputation for catching a lot of things that many other tools do not.
Make sure that all of your security software is up to date, running the most recent versions, and running its most recent database. Remember, the version of the software may change every year or six months or so, but the database it uses will change daily, if not multiple times per day.
Always make sure you’re running the latest version of both the software and its malware database.
Check the network
Make sure other machines on your network aren’t compromised.
If you have more than one machine at home connected to a single router, then by definition you have a local network. Make sure that all the other machines on that network are free of malware.
It’s possible that malware on a machine could be “sniffing” (watching) the traffic on your network. Usually that’s not the case, but given the number of times things have gone wrong for you, it’s something else that comes to mind.
When you’re not able to trust another machine on your network, it’s very much like using an open Wi-Fi hotspot. That other machine could do many interesting things to compromise your security. It’s important that all machines connected to your router are secure and free of malware. Make sure you’re up to date and running appropriate scans on all of them.
We’re often quick to blame our computers (or the internet) when we experience credit card fraud.
Frequently, the issues are much more low-tech.
For example, have you ever annoyed the waitstaff at a restaurant? Well, annoyed or not, when you give them your credit card, it’s out of your eyesight while they process it.1 There have been stories of clerks who take your credit card and clone or otherwise compromise it while it’s in their possession and out of your view. (It’s this that I suspect happened to my second stolen credit card. I didn’t knowingly annoy the waitstaff, but that card was out of my sight as I paid for a meal at the airport as I left town.)
The less obvious, slightly higher-tech case is hardware that’s actually installed on card readers.
Every once in a while, you’ll hear about bank machines or gas station pumps that have had what’s called a skimmer installed in front of the card slot. It looks like a regular card slot, and unless you know what you were looking for,2 you wouldn’t know that there was something else reading your card in addition to the pump or the cash machine. The hackers let the skimmers collect card data for a while and then come back and remove it, walking away with the credit card information for everyone who used the machine while the skimmer was active.
That’s one way card information can be stolen without the card ever having left your hands.
By far, most of the card theft I am aware of, including the scenarios you describe, are things completely out of our control.
Large databases of credit card and other information are stolen. It’s not somebody targeting you or me, going after cards one at a time — it’s someone targeting the computers at your bank or the grocery store where you use the card.
You and I don’t really have a lot of control over those things.
Fortunately, besides being rare (that’s why it makes the news, after all), most credit card companies cover fraudulent charges to your card as long as the loss isn’t because of your personal actions. Unless you’re hacking in and stealing large databases of information, you’re likely covered.
But it is an inconvenience, no doubt about it. My Las Vegas experience was nerve-wracking enough, but to have cards compromised three times in a row, and that quickly, would be maddening.
I would definitely look closely at both your local network and computer security and keep a close eye on where you’re using the card.
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!
Footnotes & References
1: To be clear, this is uncommon – most restaurant servers wouldn’t dream of abusing your credit card, no matter how much of a jerk you might be. But I can see it happening. So, don’t be a jerk. It’s an unexpected and yet important part of keeping your information secure. Tipping generously helps as well, I’m sure.
2: I wish I could tell you what to look for, but it varies. I just keep an eye out for anything that seems out of the ordinary, particularly for those places I visit frequently.