The Atlanta Journal-Constitution
Don’t let yourself be a victim of debit card fraud
Our financial lives have become a series of debit card swipes.
We swipe for groceries. We swipe for gas.
Why bother with paper when access to all your money for just about any purchase is accessible within seconds on a small plastic card?
But the card you rely on to conduct your business has a vulnerability that thieves have become masters at exploiting.
During a financial workshop I conducted at my church, several people talked about their recent experiences of having money stolen from their accounts because of a debit card breach. One person lost $700. And we all gasped when one woman said $3,500 was drained from her account, including her rent money. Eventually the banks, as often is the case, returned the stolen funds. But can you afford that kind of hit, even if it’s temporary?
There was a 26 percent jump from 2015 to 2016 in the number of locations or businesses where debit cards were compromised, FICO’s Card Alert Service reported. And those breaches meant that hundreds of thousands of consumers needed new cards.
It has become relatively easy for criminals to steal debit card data. Crooks place cameras and/or skimming devices over the keypads at ATMs or at gas pumps to capture card numbers and PINS and then load the information onto a plastic card they can use to tap into your bank account.
Contributing to the rise in debit card compromises is the improvement of skimming technology, said Michael Betron, senior director of product management for FICO.
“For under $100, someone can buy a skimmer from an online marketplace,” he said. And they are making them smaller and more discrete.
And the ease of the skimming breeds more theft.
“People become successful and then they become more organized,” Betron said.
Under the federal Electronic Fund Transfer Act, if you report that your card is missing or stolen before someone uses it, you are not responsible for unauthorized transactions.
But if someone uses your debit card before you get a chance to report the fraudulent activity, your liability depends on how fast you spot the hack. Within two business days the most you could be held liable for is $50. Wait longer to notify your bank and you could be on the hook for up to $500. If you report the loss 60 days after receiving your bank statement, you may not get back the money you lost.
And even if you do report the loss right away, it can take awhile for the banking institution to investigate and replace your funds.
Here are some tips from FICO to reduce the chance your card will be compromised.
Pay attention to the ATM you’re using. If something looks funky or your card doesn’t easily go into the machine, walk away.
I probe around any ATM I use to see if anything can be lifted up or pulled out. Still, no matter how careful you are, you may not detect anything wrong.
“The skimmers are camouflaged, so unless someone knows what to look for, it’s hard to tell it’s there,” Betron said.
I won’t use any ATMs that don’t belong to my financial institution. I limit the use of my debit card to just a few places. I don’t use it to get gas, since the pumping machines have been particularly vulnerable.
Be leery of stand-alone machines and ATMs located in convenience stores, especially if they are placed in a spot out of the view of store clerks. FICO said that most compromises occur at nonbank ATMs.
If you use an ATM and your card isn’t returned immediately, contact your financial institution right away. It might be that the crooks staged the capture of your card.
Be mindful of the people standing around you. If someone is positioned just a little too close, don’t complete your transaction. (I give the person a look that says, “You better back up.”)
Regularly check your bank account. I have set up online alerts for all my accounts — credit and debit. I get an email whenever a purchase or withdrawal is made.
Be sure that all your contact information — address, email, and mobile number — is updated on all your accounts. You don’t want a possible fraud alert from your bank to bounce back.
I’m not telling you all this to put you in a panic. But just be careful out there. Readers can write to Michelle Singletary c/o The Washington Post, 1301 K St., N.W., Washington, D.C. 20071. Her email address is michelle. singletary@washpost.com.