The Jakarta Post
Aside from scammers, you yourself are responsible for how much money is expended from your credit cards. (Shutterstock/File)
Credit cards are easy, convenient and only require either a PIN or your signature to approve a payment.
However, in certain scenarios, this convenience could mean a breach of safety, according to several experts interviewed by Reader’s Digest:
1. When on a non-secure website (HTTP instead of HTTPS)
“HTTPS is a protocol for secure communication over a computer network that is widely used on the internet,” said lawyer and certified international privacy professional Robert McKee.
The S in “https” is for "secure", meaning the information you give the website is secured with encryption. If a website requires payment and reads “http” instead of “https”, the website is not secure. Using a third-party payment service like PayPal, which allows for secure and quick payments, is a safer option than entering your credit card numbers on an unsecured website.
“[HTTPS’] main motivation is authentication of the visited website and protection of the privacy and integrity of the exchanged data,” McKee said.
2. Over the phone
Getting a phone call from your bank regarding your credit information is suspicious enough on its own and if your phone does not recognize the number, it might be safer to have the conversation in person. This is an especially dangerous situation as it can happen to anyone living anywhere in the world.
A resident of Richmond Hill, Ontario, Canada, identified only as Jill, was recently scammed out of almost CDN$3,000 (US$2,258) through a series of phone calls, as reported by YorkRegion.com.
A scammer posed as a representative from the bank Jill used, Scotiabank, and started asking questions about her recent purchases. The scammer then convinced Jill to read the numbers off of every credit card she owned, which is the only information anyone needs to make online purchases.
In April of this year, three suspects allegedly used 80 to 100 phone numbers to contact their victims and steal their credit card data.
Scammers can also be listening in on your phone conversations, even when you are on a call with your actual bank, using wiretaps or other methods. When in public, anyone around you could be listening to your conversation and be writing down your card numbers as you read them out.
Other situations, aside from bank calls, could be when you are ordering anything over the phone, such as a shipment, or food for delivery.
“One of the most common examples of card information being given over the phone is through delivery of food purchases,” said the vice president of information technology at the Florida Capital Bank Mortgage Company, Jeremy Brant.
When ordering a food delivery, there are plenty of available applications with built-in payment systems that do not require you to converse with a stranger over the phone.
“In situations like these, or other instances when a vendor is asking for card information over the phone, order the service online or pay cash in person,” Brant advised.
3. Responding to an email
Despite the dangers of providing your credit card details over the phone, or in text, it is possibly even more dangerous to put your credit card information in an email, according to attorney, credit card expert and best-selling author Stephen Lesavich.
“There is a technique called ‘phishing’ and it involves emails that are designed to extract credit card numbers for an unauthorized purchase,” Lesavich warned.
Lesavich explained that hidden links, spelling mistakes, strange use of English and logos that look off somehow could be signs that the email was not genuine and the recipient should avoid clicking any links contained within it.
4. When there are no reviews (on e-shopping sites)
From Tokopedia to Bukalapak, there are plenty of people selling almost anything. Banks are embracing Indonesia’s growing internet economy more and more by capitalizing on platforms such as these, which make online payments more frequent.
However, if sellers have no reviews it is difficult to judge whether they are legitimate, as scammers can pose as legitimate businesses, much like phone scammers pretend to represent someone’s bank.
“The internet has given consumers a much more effective way to gauge the reputation of the companies we do business with, so use it,” said founder and CEO of a card comparison and news site, Adam Jusko.
If there are no reviews for a seller or business you want to purchase something from, it might be safer to avoid giving out your credit card information.
“Cross reference the address and phone number by looking them up on a search engine to see if they match the merchant,” Jusko said.
5. When you can’t afford it
Aside from scammers, you yourself are responsible for how much money is expended from your credit cards.
“While some people are building up a debt on their credit cards, other people who treat their cards as a tool of convenience are actually making hundreds of dollars from their cards," Jusko said.
“Use your credit card for the convenience it provides and any rewards you might receive, but only charge what you know you can completely pay back at the end of the month,” he advised.
6. When you won’t be able to see your card
“A high-risk destination example is Brazil. During the 2016 Olympics, multiple people had their credit cards cloned while at restaurants,” said the CEO of ETS Risk Management of Bethesda, Maryland, Mark Deane.
When paying at a restaurant or a store, if at any time a merchant, seller, or cashier needs to take your card out of view, it might be safer to accompany them, or pay in cash. This is especially dangerous when you are traveling because you are in an alien environment.
“This is becoming more and more common in Europe, where restaurants bring devices to the table to accept payment,” said the head of cards at mobile-first credit card startup Final, Alex Cramer.
“One security manager of a large corporation even told a story of being at a table and catching the waiter with a cloning device under his jacket, trying to swipe the card at the table. The waiter ran off when challenged,” said Deane.
7. In public or on unsecure Wi-Fi and computers
“Delete Wi-Fi networks from your devices that aren’t yours and make sure to secure your Wi-Fi connection with a unique, private password,” said Emmanuel Schalit, CEO of password manager Dashlane.
“A public computer may have devices or software to record all of your keystrokes, also known as keyloggers,” McKee warned.
Passwords, personal data, along with credit card information, can be read by anyone who can reach your device via Wi-Fi (even your own, if it is not secure). It is even easier for scammers and hackers to obtain your sensitive information via public Wi-Fi, or any internet connection that is not password protected. If any network has no password in order for you to connect to it, it might be safer to avoid using it altogether.
“Also, don’t use Wi-Fi connections that aren’t known to be secure (think: your coffee shop Wi-Fi, the free Wi-Fi in your building or the airport) unless doing so over a secure VPN,” Schalit said.
When traveling, or for those that frequent internet cafes, usage of a public computer might be a common daily practice, such as for blogging, updating social media accounts and even making purchases using your personal credit card information (or, also just as dangerous, your online payment merchant such as PayPal).
“The computers also might contain malware with other tools for stealing your information,” McKee said. (acr/kes)