Credit card companies and banks all over the United States have begun replacing magnetic-stripe cards with smartchip cards in hopes of clamping down on credit card fraud and theft. If you haven't received yours yet, heads up — scammers may be trying to steal your personal information by posing as your credit card company.
Data thieves are preying on the millions of Americans who still have not received their replacement chip cards, according to a report by Colleen Tressler of the Federal Trade Commission (FTC). Scammers send an email purporting to be from your bank or credit card company telling you to update your accounts and verify your personal information so your new cards can be sent.
The spoof email usually includes a URL for you to click on to proceed with the verification process. The link usually silently installs malware that enables scammers to take over your computer or device, track your online habits and send out spam and malware.
Unwary consumers who fall for the trap end up handing over their personal information, leading to identity and account theft and fraud (including, rather incredibly, stealing your tax refunds).
The new smartchip credit and debit cards use metallic chips that hold your personal and payment data, replacing the magnetic stripe on older cards. The new cards are being phased in as merchants upgrade their technology to use the new cards. Here's how to deal with a suspected scam email.
- If you receive an email or phone call asking you to confirm your personal information so that your card can be sent, do not provide any information. Credit and debit card companies will not call or email you to verify your personal information as a requirement for sending your replacement card.
- Be skeptical of links in emails purporting to come from your credit card company. If you need to provide information, do it on the company's secure website rather than by clicking some link in an email. Make sure you're at the right place by checking that the site's address on your browser begins with "https" (which signifies a secure connection) and make sure you haven't made any typos. Scammers have been known to get https credentials for sites that are slightly off the correct spelling for legitimate financial institutions.
- Scammers do their best to make their spoof emails look legit. If you are not sure about the email you received, call up your credit card's hotline. Use the contact numbers printed on your card, not the phone numbers given in the suspicious email, which may lead to the scammers.
Identity theft is a common occurrence on the Web, and it is a lucrative business. Even your used boarding pass can be used as a starting point for digging up your personal life and financial information. Take care when purchasing or using your personal or financial data online.
Your best strategy for protecting your personal identity and financial accounts is to learn how to prevent your identity from being stolen. The FTC also provides helpful information on identity theft prevention. If you find you've become a victim, follow the FTC's resources to help you recover from identity theft.
[Image credit: Credit card with security lock - data theft protection via Shutterstock]