Has Your Credit Card Been Stolen? Here's How It All Went Down

credit card cut, credit card stolenWith the news that Target and Neiman Marcus revealed more than 70 million pieces of customer data to hackers, I thought it would behoove me to inspect my credit card bill. Sure enough, my card number had been stolen and used to buy $10 worth of something somewhere in Ohio. 

I won't go into what to do when someone steals your credit card (cancel it immediately, report fraudulent charges, subscribe to a credit watch service, keep track of your bills like a hawk) or how to prevent it in the first place (use Paypal online, cut up your debit card, use one credit card for "unsafe" purchases at companies that have been compromised). Instead, let's look at how my credit card information was stolen and where it probably went.

First, let's figure out how the hackers got the numbers in the first place. As far as anyone can tell, they were most likely able to "sniff" the numbers and data out of the stores themselves, although the breach could have been far more comprehensive. All anyone knows at this point is that more than 70 million pieces of data, including credit card numbers, were stolen. It's staggering.

Once a thief gets your card number, there's no telling when or even if it will be used. Credit card numbers are bought and sold on the black market by hackers who call themselves carders. Carding is actually quite dangerous -- it's rare you can actually make purchases anymore with only a stolen number -- but there are some tricks they use to grab your cash.

For one, remember that most credit card fraud is caught at the bank level. Those calls you get from the credit card company usually work, and even though they are sometimes annoying, they're important. Once a card is canceled, it can't be used anymore. 

Carders buy and sell cards in large, thousand-number packets. When you "check out" on black market sites, the carders will scan every single number to ensure it's at least active and not locked. Card numbers are inherently insecure. You can make sure a card is valid by using a simple mathematical equation (this site will check your number for you) because, in the old days, you had to ensure a number was real without access to a networked computer. Without major human fraud prevention, we'd have a much bigger card problem on our hands.

Once a card is checked, carders can start using it. Most of them don't clone cards -- meaning create copies of existing cards. That's expensive. Instead, they use a variety of techniques to buy items and ship them to themselves. For example, those "get rich quick" schemes often require you to be a drop for a carder. Carders ship stolen items to your house, give you a little cash, and ask you to ship the items to another location. You, then, are the one in possession of stolen goods and you're the one arrested.

Some bolder carders will simply have items sent to themselves or request bulk orders from businesses, offer up a credit card, and then take deliveries a few days after the business owner discovers that the card has been canceled.

Most stolen cards are shut down sooner than later. But folks with a debit card or an unfriendly bank can be on the hook for hundreds in charges. Credit card fraud is a messy, nasty business and it pays to know what to look for when it happens to you. It's also good to be aware of how carders take advantage of a broken system to make a quick buck.

Have you ever had your credit card stolen? What did you do?


Image via dno1967b/Flickr

software, business, hacking, online shopping, crime, technology, home finances

1 Comment

To add a comment, please log in with

Use Your CafeMom Profile

Join CafeMom or Log in to your CafeMom account. CafeMom members can keep track of their comments.

Join CafeMom or Log in to your CafeMom account. CafeMom members can keep track of their comments.

Comment As a Guest

Guest comments are moderated and will not appear immediately.

wendy... wendywendy

This thing is my husband's job.  A very common way the criminals 'test' numbers for viability is to make a very small purchase, usuallyfor under $5.  They then wait to see if that purchase is caught by the victim.  A small purchase like that doesn't register as suspicious to your bank. After a while, they then use the number.  This has happened to us a few times, but we caught it before a larger purchase was made.  We have had our number stolen by someone who immediatley made a few larger purchases - and we are very careful.

My husband has a text sent to him for any online purchase (which is a good and bad thing, lol).  Another way toprotect yourself is to use one card for online purchases only, never use your ATM.  Use a different password for every single online store you use or anyplace you have to give some personal information.  I keep a cheatsheet in my desk that hass all the passwords, as it is unlikely we'd be robbed.  Don't use your email password for anything else.  Make your passwords hard for automated systems to guess; use a mixture of symbols, numbers, and capitalization.  For example, thestircafemom would be the$t1rCaf3eM0m.

1-1 of 1 comments