By Liz Weston
Check your monthly statements, remove stored card information from websites and use mobile payment systems.
This article is reprinted with permission from NerdWallet.
Last year, one of my family’s credit cards was used to collect hundreds of dollars in fake charges on Apple.com (AAPL). Another card was compromised four times in a row, as thieves repeatedly charged for merchandise and Uber rides (UBER).
We eventually got our money back, but repeated credit card scams can be frustrating and upsetting. Dealing with the aftermath taught me to value safety over comfort, and to change some of the bad habits that made me an easier target.
The clock is ticking on credit card fraud
Under the Fair Credit Billing Act, consumers have 60 days after fraudulent charges appear on a statement to report them to the credit card issuer to avoid most liability, said attorney Amy Loftsgordon, legal editor at Nolo, an independent legal website. (The law limits consumer liability to $50 per series of unauthorized use, but most publishers waive it, says Loftsgordon.)
So my heart broke when I realized that the fraud on our Apple.com account had started at least six months earlier.
I noticed that my Apple.com bill continued to increase, but assumed that my husband was buying more audiobooks and my daughter was downloading more games. I would grumble at them every now and then, they would plead not guilty and the accusations would continue.
Finally, the thieves went too far and collected over $300 in one month. I contacted Apple and learned that our cards had been used to purchase virtual dating apps and phone numbers, which were most likely used to scam other people. An electronic receipt for this purchase was sent to an email address I don’t recognize.
Also read: This new credit card promises no credit checks, fees, deposits, or even interest rates. What’s the catch?
New cards don’t stop fraud
The kicker: Thieves are using credit card numbers that have been reported to have been compromised. Usually, credit card issuers will refuse new charges on compromised numbers. But according to the card issuer, the thieves started their crime a few days after my replacement card was sent. Because we already make regular purchases on Apple.com, the card issuer assumes the fee on the old card is valid and allows it to pass “as a courtesy” — month after month. (I believe that this series of occurrences is “very rare and almost never happens”.)
Apple’s customer service representative writes off the last month’s bill and the publisher writes off the rest – even those past the 60 day limit.
Read: These online scams to steal your money will shock you
My note: Sites where you make multiple purchases each month need to be monitored carefully for fake transactions. Compare what your credit card statement says you’ve charged with your purchase history on the site. You may have to search online to find the history; Apple certainly doesn’t make it easy or intuitive to find your bill. And if you find a scam, report it — even if it exceeds the 60 day time limit.
Learn more: 6 things to do if you fall victim to credit card fraud
Makes cheaters work harder
It’s still unclear why my other cards are repeatedly compromised. As soon as I get a replacement card, I will receive an SMS from the issuer asking about another suspicious transaction.
I took the card out of the browser and website where it’s stored. We may like the convenience of not having to type in our credit card numbers, but every place we store our cards is another place they can be stolen, says security expert Avivah Litan, a leading analyst vice president at research firm Gartner Inc.
The mobile app for this card lets me see how many places my card is stored. But that list is not complete. After the fourth hack, a phone representative said my cards were stored at Airbnb (ABNB), Walmart.com (WMT) and Uber — three places that don’t show up in my app and that I haven’t authorized. The representative disconnects the card from the account. In the future, I will be calling to report the scam so I can request this review rather than just responding to a text or online warning. I also noticed that I can “lock” my card in the mobile app to prevent unauthorized use. Opening it when I want to charge only takes a few seconds. I wish more publishers offered this feature.
At the suggestion of the publisher, I ran antivirus and anti-malware software (my device is clean) and changed the passwords on my email accounts as well as my financial accounts, in case a thief broke in. I already have two-factor authentication, which requires a code and password to log in, on my financial and email accounts. I’ve also added it to my most used retail sites.
Also on MarketWatch: ‘I don’t use cash’: I am 70 years old and my house has been repaid. I live off Social Security, and I use a credit card for all of my expenses. Is it risky?
I also started using mobile payment systems wherever possible. These systems — which include Apple Pay, Google Pay (GOOGL), and Samsung Pay — create “tokens” that are sent to merchants so that your credit card number is never revealed or stored. Similarly, some credit card issuers will provide you with a virtual number that you can use in place of your real account number when making purchases online.
I don’t imagine any of this will make me anti-fraud, because that’s impossible. I’m just trying to make the thieves work a little harder next time.
The rest From NerdWallet
Liz Weston, CFP(R) writes for NerdWallet. Email: [email protected]. Twitter: @lizweston.
This content was created by MarketWatch, which is operated by Dow Jones & Co. MarketWatch is published independently of Dow Jones Newswires and The Wall Street Journal.
(END) Dow Jones Newswires
Copyright (c) 2023 Dow Jones & Company, Inc.