Fraudsters steal about £800 a minute from people's credit and debit cards, a watchdog says.
Customers should be more vigilant about financial details, Apacs says
Payments where the owner is not present to sign a receipt are most vulnerable to fraud, the Association of Payment Clearing Services (Apacs) warned.
Most people, it said, did not realise credit card receipts contained all the information needed by a fraudster.
It urged people to be more aware and shred bank statements and receipts.
Remote credit card fraud has risen by 33% over the past two years, according to the association.
It said recently introduced security measures, such as the introduction of so-called chip and pin cards, did not lead to a reduction in this type of fraud.
These cards do not need a signature when purchases are made, instead requiring consumers to input a four-digit code.
One in five UK credit card users are expected to have the new cards by the end of the year, and more than half of all cardholders are likely to have them several months after that
Apacs said £300,000 a day was stolen by people buying something remotely using the details of another person's credit card - about £109.6 million a year.
It said a survey of 2,000 people indicated that one in three people did not shred or burn bank and credit card statements, while 19% had let someone else use their card to buy something over the internet or telephone.
One in five people admitted they only occasionally checked their statements or
did not look at them at all, and 17% said it did not worry them if someone took
their card out of their sight while they were shopping.
According to the association, "cardholder not present" fraud is the second largest element of credit card fraud, valued at a total of £411.6m in the year up until June.
The biggest contributor remained counterfeit card fraud, when information on a card is illegally copied, at £128.8m.
Fraudulent use of lost or stolen cards cost the industry £107.2 million during
the same period.
Fraud as a result of identity theft, when someone uses another person's details to apply for credit in their name, reached a value £25 million, up from
£15.4 million the previous year.
Read a selection of your comments below.
I recently had my name and address used to open a credit card account, the credit card company didn't check any of my other details that the fraudster gave them which were all wrong. They were able to get the card and pin number from my letter box and managed to get over £2000 from cash machines. The first I knew about it was a statement. I now shred anything I get through the post with my name and address on it that I don't need to keep. I was surprised at how easy it was for fraudsters to get a credit card with such little information.
I recently asked my UK credit card company to supply a second card for my fiancé. Even though the bank had received these instructions in writing, they managed to issue it in the name of my flatmate (whose name bears no resemblance and we have no ties other than living at the same address).
While the bank's creativity was a source of amusement, it makes me wonder if credit card companies are getting a little complacent. Perhaps fraud is merely a drop in the ocean compared to credit card company earnings?
I used to work for one of the major credit card companies in the UK. My biggest piece of advice? Read your statements in full EVERY month and check off your charges, remembering some charges can take several months before they show on your account, (dependant on how efficient the store is at book-keeping)!
Why do this? Because most card companies can only investigate fraudulent charges that have happened in the last 6 months. Deal with an issue as soon as you see it, and call the credit card company. Oh, and remember to ask them for a reference number or name, and note down dates and times you have called them.
Most companies have specialised fraud teams who can give excellent advice so don't be scared to ask questions about time-frames for resolution, how to make payments in the meantime, etc. It remains safer in general to use your credit card for online shopping than a debit card, as not all debit cards have fraud guarantees like the majority of credit cards!
As a retailer, I am expected to carry any losses from fraudulent credit card used on my on-line store. But banks not interested in card fraud: I can provide address details where fraudsters are operating but the banks don't want them. The police are no better. They are not interested in credit card fraud on the internet. I have provided the complete history of a fraudulent transaction to them but they took no action. Their excuse was that the fraud was a civil matter and that I should take court action against the individual concerned. This is despite the fact that the fraudsters are still using the same address for purchases with multiple credit card numbers. It is organised crime but is ignored by the police because these days they are too busy!
Geoff Powell, UK
As an employee of streamline, the service from Natwest bank for credit card terminals I have encountered some shocking details. I would estimate around 85% of merchants did not pay any attention or show any interest with the avs (Address Verification System) we offer on mail order sales or CNP customer not present. I have told merchants on several occasions how to use this system and the reason why it has to be used but the most of who I talk with take no notice and choose not use the extra security we offer on cnp sales. Merchants say it is too much hassle to get the extra information from their customers.
As far as banks calling when they see a large or odd purchase, this is usually only done once. If the purchase is acknowledged as proper, then the bank feels that all purchases are acceptable and will not call again, no matter how large the charge may be. It will not make a difference if the charge comes from opposite ends of the country or from a foreign location/country.
Mark Konopka, USA
Ten years ago I had a card with my photograph on the reverse. Very convenient for me and difficult for anyone else to be me. The issuer was taken over by another company who did not use this photo system. Try as I might in a lengthy discussion by letter, they would not accept that the photo system was an excellent means of preventing use by anyone else in a face to face situation. I still do not understand their point ?
Richard Thomas, Wales
Don't be fooled into thinking that a clerk at the counter hasn't checked your card properly when you hand it over. I worked in retail for several years and was accused by one gentleman of not checking his card at all. What he didn't realise was that before it was even in my hand I had checked the hologram, before I swiped the card I had checked the signature strip and raised numbers with my thumb. the final check, his signature was done reading upside down while he was writing it. Of course that doesn't mean that all clerks check cards properly. The classic example is Petrol stations. A prime sight for using dodgy credit cards.
James Morris, UK
I have recently returned from a trip to Barcelona within a few days of my return my credit card was frozen. Upon checking with my card company I was asked if I had spent various very large amounts in Spain and in the UK. I hadn't. The card had been copied. I only used my card twice and it was only out of my sight for 2/3 minutes in a top restaurant, it doesn't take long. Beware.
David Townsend, UK
I've never been a victim of fraud but feel that an industry standard credit card receipt could help prevent it to some degree. Some receipts show only the last four digits whilst other omit either the last four or penultimate four. Two receipts in the same bin gets a fraudster the jackpot. If everyone omitted the same digits it would close this window of opportunity.
Andrew Lamberton, Scotland
Recently, my bank phoned me to check some debit card transactions as they were alerted to the unusual request for £50 cashback three times in one night. It was strange for me to hear this because I still had my debit card on me. Somewhere along the line, my card had been cloned. Luckily I was able to prove this as I made an ATM withdrawal at the same time the cloned card was being used 50 miles away. Unless the bank phoned me, I would probably not have noticed.
Then, two weeks later, with a new card, I checked my statement to find my NEW card had been used fraudulently. Either it had been cloned again OR, more likely, the clever fraudster made a new card but changing the expiry date and issue number. It pays to check your statement and luckily I learnt from the first time that it was important to do so.
In France credit/debit card receipts do not display all the digits of the card number or the name. Simple step but cuts down the risk from paper receipts.
I agree with the comments that many banks/card companies around the world have the means to reduce this fraud but seem unwilling to introduce them.
Here in Spain it is impossible to use your credit card (or anyone else to use it) without first showing your ID card. For internet purchases, you have to put in your ID card number and your bank/credit card number too. The government and police are very strict on ID cards here, and if this is something that is going to stop our cards and accounts being used fraudulently, then I think it's a good thing.
If credit card companies only allowed items purchased when the cardholder is not present to be sent to the cardholders registered address, this would cut the amount of fraud considerably. What would be the point of fraudsters purchasing items they cannot receive. Credit card companies, shops and the courts are equally to blame for much of the fraud, unfortunately they just pass on the cost to us the customer and let criminals walk free unpunished.
Over the past three years, I have been subject to around £500 pounds worth of fraud and goodness how much in the past. Check your statements carefully, and destroy them properly, its the only way.
I must admit when I raised the issue with the bank they were very good, and sorted it out straight away, however it would have been good to have been informed of the outcome of their investigations.
Brian Harwood, UK
I now make a point of checking my credit card regularly via my online banking facility, at least this gives a chance of picking up fraudulent transactions early. It is very common for fraudsters to make a small transaction first to make sure they have got active, unreported stolen details.
Dorothy Ross, Oxfordshire, UK
Shred our receipts and bank statements? Advice that the Inland Revenue is going to love, as it instructs us to keep records for six years. I wonder who'll be the first to try on the "I had to shred them" defence come tax audit time.
David Harrison, UK
Why don't the Bank and Credit card companies adopt a simple step. And that is to text on the mobile of the card holder for authorization of the transactions. if the Card holder confirms the transaction, go ahead with it otherwise decline the transaction. It's so simple - yet they are not thinking about it?
Shumaila Yousafzai, Pakistan
In reply to Shumaila Yousafzai, not everybody has a mobile phone. However, since most of these frauds are for goods to be posted, there exists a system to stop these. It is called 'CV2' (customer verification 2). This basically tells the bank that the goods are to be delivered to "SW1 1AA" (or whatever the delivery postcode is). If this does not match the customer's home postcode (as known by the bank), then the transaction is declined, or the customer is phoned for authorisation.
C Miller, Scotland
A credit card company sent blank cheques to my old address even having been notified of change of address. The card was uses fraudulently to withdraw £10,000. It took me nearly two years to clear my name and was unable to get legal aid to try and get some recompense for time and misery caused. In my experience credit card companies do not care about customers as long as they can inveigle them into running up huge debts
Paul Davies, England
A few years ago I was the victim of credit card fraud - somehow somebody had the numbers of both my credit cards (from my combined account) and used them to buy items in the US in exactly the way described in the story.
Although credit card companies often suspend the cards if vastly different patterns of spending are seen, in this case they did not - despite the fact that I was also using the cards in the UK!
Fortunately I was not liable for the fraudulent items, but it took 6 months for it all to be cleared up.
These days I scrutinise every item on my statement - any payment I don't recognise, I query. Even if it's of a low value, if it's fraudulent it means someone has your credit card details and it could be the thin end of the wedge.
This fraud is all the banks fault - there is the technology out there that could stop this fraud. However, banks refuse to embrace such technologies because they would rather just shift the cost onto the consumer in the form of higher interest rates and fees.
My boyfriend was recently put £9,500 into debt in one day by unauthorized users of his bank current account. It took five weeks, at least 17 different people at the bank, and a lot of stress (including being accused and investigated himself) before they acknowledged that he couldn't have been in Turkey (where the money was taken) and his home town spending money at the same time.
There was no apology from the bank for allowing that amount of money to be taken in one day, even though it put him so much in debt, and certainly no talk of compensation for leaving him without any money for
five weeks. He had not lost his card, and since this has happened before to a much lesser scale, he has always been very careful with regard to what he buys and how the payment is made. I am so angry at the treatment he received, and he is so frustrated with the lack of compassion or urgency in dealing with this issue, that he has changed banks.
Internet credit card fraud is virtually irrelevant compared to other forms of credit card fraud. The most likely form of credit card fraud is probably your cards being cloned when you hand them over for payment, such as in a restaurant.
Keith Walker, UK
This does not surprise me. When I sign for a credit card payment I find that more times than not the cashier does not even look at the signature - often even passing the card back before I have signed and/or without even turning it over to the signed side. It is almost normal practise for restaurants to take away the card to a back room to swipe it - If you ask that it is not taken out of your sight you are typically derided as being paranoid. No wonder there is credit card fraud! Even if you try and take sensible precautions it is the shop and restaurants that should be preventing it but are the worst for creating a fraud friendly environment!
Should it not be the responsibility of the credit card merchants to ensure that the receipts printed by the PDQ machines do not display all the information needed to make a fraudulent transaction? This would seem a lot simpler than trying to educate the general public of the risks associated with the seemingly innocent bits of paper!
My bank visa card no. was used by someone in August to buy £200 worth of goods online from an electrical goods outlet based in Canada. Note! They tried it out the day before to buy a £2 bus ticket - even small bills which you can't remember may be significant.
The amount still shows on my visa bills the fraud dept. of the bank have yet to take any action on the case.
Barry Patterson, UK
I have been the victim of card fraud in recent weeks. I had no idea until the credit card company called me up wanting to check some large transactions that had been made. It certainly was a wake up call and I now check my statements and balance regularly.
Paul Marshall, Milton Keynes, UK