Information Security – Credit Card Fraud

How to Avoid Travel Scams and Rip-offs

by

How to Avoid Travel Scams and Rip-offs.
You can’t keep the weather from ruining your vacation, but you can guard against travel scams and gotcha fees.
Before you book a room or tour or transportation, make sure you know the cancellation and refund policies.
You might not get a refund once you pay.
With a hotel, find out the final price of your stay – including any “resort fees” or other mandatory charges.
These resorts fees, which are generally part of the room rate, cover things like the pool and health club – whether you use these facilities or not.
It’s always best to pay with a credit card.
I would never book travel with a debit card.
That’s the key to your checking account and if there’s problem, they money is gone while you dispute the charge.
More Info: I’d like a scam-free vacation

Traveling this holiday? So are credit card skimmers

by

So are credit card skimmers.
The state Department of Agriculture says 276 credit card skimmers were removed from pumps in Florida this year. “There was like payments from California, and I have never even been to California,” said Tatiana Moranas. “Because there was a bunch of transactions; there was like a three hundred dollar transaction on my card.” “Somebody was charging all kinds of stuff on our card, and we got the information, and they said that they caught the person who did it,” said Jimmy Keppler.
With more people on the roads for the holiday, officials say skimmers are more likely to take advantage this weekend. “Anytime someone takes from you or robbed you or takes your identity; it’s very vulnerable; it’s like someone taking everything that you have,” Keppler said.
Thieves often place skimmers at the gas pumps farther away from the store.
Credit cards have better fraud protection, and the money is not deducted immediately from an account.
· Consumers who suspect their credit card number has been compromised should report it immediately to authorities and their credit card company.

Card skimming fraud alert issued in York County

by

Card skimming fraud alert issued in York County.
Sean Heisey, York Daily Record The York County Elder Abuse Task Force is warning people about card skimmers – devices that can read data off of the magnetic strip on credit and debit cards.
Skimmers can be located either inside or outside a payment device and are designed to blend in so scammers can steal your information without your knowledge, according to a fraud alert issued by the Elder Abuse Task Force.
Here are some tips to protect yourself from skimmers: Select “credit” rather than “debit” to keep your PIN safe.
If you use your PIN, cover the keypad.
If you do pay at the pump, use a pump near the front of the store, where scammers are less likely to place skimmers.
Jiggle the payment device on an ATM or gas pump.
If it moves or is not securely fastened, don’t use it.
It could be rigged with a skimmer.
If you notice unauthorized charges, immediately report it to your bank or credit card company and freeze your account, the alert states.

Data Breach Lawsuits Continue to Fill the Courts

by

Data breach litigation continues to fill the courts in all stages, with a new class action filed against Tempur Sealy International and the dismissal of a suit against Barnes & Noble.
In the new action, New York resident Michelle Provost claims that Tempur Sealy (and Aptos Inc., the company’s website host) failed to appropriately safeguard customers’ personal information.
The defendants’ poor data security practices and decision not to abide by best practices and industry standards resulted in a February 2016 breach that compromised sensitive consumer data, including names, addresses, email addresses, telephone numbers, and payment card account numbers and expiration dates, the plaintiff alleged.
“Defendants allowed widespread and systematic theft of their customers’ personal information,” according to the complaint.
“Defendants’ actions did not come close to meeting the standards of commercially reasonable steps that should be taken to protect customers’ personal information.” The defendants also waited too long to disclose the extent of the breach and notify affected consumers in a timely manner, Provost claimed.
The plaintiffs’ third effort was not the charm, despite the fact that they dropped some claims and added factual allegations about their injuries, namely that one had her bank account put on hold, had to spend time with police and bank employees sorting out her financial affairs, lost the value of her personally identifiable information (PII), and suffered emotional distress because she had to renew her credit monitoring service to protect against future fraud.
The plaintiff alleged that the data breach only played a part in her decision to renew the service, “and thus this alleged injury is still insufficient to state a claim.” Granting the defendant’s motion to dismiss, Judge Wood said further opportunities for amendments to the complaint “would be futile,” dismissing the suit with prejudice.
To read the order in In re Barnes & Noble Pin Pad Litigation, click here.
Why it matters: The cases demonstrate the challenges facing data breach cases—the difficulties of establishing standing as well as stating a viable claim, as found in the Barnes & Noble litigation.
Despite these uphill battles, plaintiffs (like those in the suit against Tempur Sealy) continue to file class actions.

9 Crucial Tips to Protect Your Small Business From Credit Card Fraud

by

9 Crucial Tips to Protect Your Small Business From Credit Card Fraud.
Processing credit cards for your small business is pretty much a given these days.
An Address Verification System (AVS) is a tool used by banks and credit card associations.
The issuing bank can then verify when a merchant makes an authorization request.
There could be instances, like when a customer moved and hasn’t updated their address yet.
Also, AVS is only available from banks and not payment software or gateways.
Reviewing the following before processing a payment: Orders that have several of the same items – especially when it wouldn’t make sense to purchase multiples.
In layman’s terms, tokenization replaces numbers with a token.
If the card is not present, and you suspect fraud, don’t hesitate to call your credit card processor, bank, and even the local authorities.
Make sure that you frequently stay updated and informed on the latest credit card fraud tactics.

Banks consider changing security codes on debit and credit cards every hour to foil online fraudsters

by

The development is encouraged today in a National Audit Office report that warns police forces are not doing enough to tackle the growing threat of online fraud.
The NAO said new cards with changing numbers could be “a positive step, as the re-design may help to stop an increase in online card fraud.
Data threat | Five tricks hackers use to steal your bank details Using fake “free” WiFi networks to steal passwords Guessing obvious passwords like “123456” Social media stalkers who find out when you’re on holiday, using Facebook Dodgy apps that trick you into giving away data using in-app permissions Fake emails pretending to be from well-known brands – like Amazon or eBay The NAO said the issue was “not yet a priority” for all local police forces and the problem had been overlooked by government, law enforcement and industry.
Almost two million cyber-related fraud incidents were estimated to have taken place in a year and the cost is likely to run into billions of pounds, the NAO said.
He said the Home Office, while not solely responsible for tackling the issue, was the only organisation that could oversee the system and lead change. “At this stage it is hard to judge that the response to online fraud is proportionate, efficient or effective.”
The report said: “Fraud is now the most commonly experienced crime in England and Wales, is growing rapidly and demands an urgent response. “Yet fraud is not a strategic priority for local police forces and the response from industry is uneven.”
Cyber crime What is the NCA’s advice to UK internet users?
Members of the public are reminded they should be vigilant and not open documents in emails, or click on links, if they are unexpected or if they are unclear about its origin.

BBB tips on avoiding vacation rental scams

by

BBB tips on avoiding vacation rental scams.
Some victims have found images of their home being offered as a vacation rental online.
If you get an email about a vacation rental, check the sender’s address.
While paying with credit card is the smart way to go, never share that information by email.
Search a reputable home sharing website or app.
Verify companies’ legitimacy by searching at bbb.org.
Most home sharing companies vet the individuals who post their property for rent on their sites.
Do an online search on the owner’s name, the property address, and even do an image search to ensure the photos are not from a magazine or stolen from another listing.
Look at different listings before making a reservation, paying a deposit or putting a credit card on file.
Look for misleading reviews that may be posted by the scammers.

How to Protect Your Child From Identity Theft

by

How to Protect Your Child From Identity Theft.
Brill: Unfortunately, in many cases you find out the hard way.
Either your kid eventually applies for credit and discovers he has a terrible record, or someone has been using your kid’s information for something like W-2 fraud, using it to work when they’re not supposed to be working, and a year and a half later your child gets a nasty letter from the IRS saying, “We have W-2’s for you, why haven’t you filed your taxes?” Or your kid looks to go to college, and the college says, “Why do you owe AmEx $37,000 on a credit card, and why do you have bankruptcies on your record?” It can cause problems for the kid, and for parents who want to protect the identity of the of kid.
Another thing we see that is also scary is how criminals use your kid’s identity to get medical services for another kid.
Lapidus: Also, you have teenagers applying for jobs in the summer, and with a lot of applications they have to give their Social Security number.
What kind of cybercriminals are we talking about?
But if the place where the data is stored hasn’t done the security basics, they can run an attack that might get them that data.
Aside from warning your kids , what can a parent really do?
The first question to ask a company is how are you protecting my kid’s data?
And you want to monitor your kid’s Social Security record just as you would for an adult to see if anything is reported.

Make sure your wedding plans go without a hitch with scam advice

by

Make sure your wedding plans go without a hitch with scam advice.
All of these transactions are potentially liable to fraudulent action by scammers.
l Obtain a physical address and contact details for the vendor and verify this information.
l Obtain a contract before paying money for services.
Fully read and understand what is offered before applying a signature and note the terms of cancellation.
l For services such as wedding photography, beware of websites using fake images.
Look for inconsistencies in style, meet the photographer, and ask to view sample albums.
Trading standards officers also advise paying for services by credit card, as they offer protection for single item purchases above £100 and below £30,000.
Even if a company goes into liquidation before the big day, a refund can be claimed through the credit card company.
Always take precautions and research that the options available are genuine when spending large sums of money on services.” For advice, or to report any problems to trading standards officers call 03454 04 05 06.

The New Rules of Identity Theft Protection for Employees

by

The New Rules of Identity Theft Protection for Employees.
And the child continues showing up on her pharmacy records as a dependent.
“To this day, I don’t know if my name is in the baby’s medical record,” she notes.
Her insurance information had been stolen and used by someone else to obtain medical care.
But medical identity theft also poses a serious risk to employee health.
Medical identity theft is thus, above all, a quality-of-care issue.
While medical identity fraud is the fastest growing type of identity crime, identity theft generally continues its march unabated.
The number of US data breaches recorded in 2016 set an all time high of 1,093—a 40 percent increase from 2015, notes an authoritative Data Breach Report by ITRC.
For an employer to fully protect its employees, health insurance information will require the same attention and care that financial institutions have offered to their credit card customers.
For more information about how to help your employees protect themselves from identity theft, don’t miss Kevin’s session, How the Growing Threat from Medical Identity Fraud Puts Your Employees & Company At Risk—And What You Can Do About It only at the 9th Annual Employer Healthcare & Benefits Congress, October 2 – 4 in Los Angeles.