Top 10 tips to protect yourself against online card fraud
1. Anti-virus software
Keep your anti-virus software up-to-date. Poor or out-of-date anti-virus software can expose you to a score of vulnerabilities. A prime example of this is phishing, in which fraudulent emails and copy-cat websites are used to coax valuable information from users.
Account numbers, passwords, log-in IDs and so forth can be collected and eventually exploited by criminals in this way, but up-to-date virus software should be able to detect this kind of scam relatively easily.
2. Secure Urls
Only shop or pass on card details where you see an unbroken key symbol or 's' in the URL prefix (e.g., https): The 's' ensures that you are using the secure URL scheme and that the server with which the user is interacting has been authenticated. Information passing through the website is encrypted, making communications much more secure.
3. Look after your passwords
If you have registered for Verified by Visa or Securecode for MasterCard, keep your password safe. Banks use this code as further verification of your identity - essentially it replaces your signature. It's often the final stage before a payment is made and significantly reduces the risks of online shopping.
If a fraudster were able to steal this number, there is very little immediate action that could be taken to terminate any fraudulent activity on your card.
4. High security
Keep your computer security settings high to avoid attack. Fraudsters with even moderate hacking abilities may be able to crack low levels of security, and as such infiltrate any personal information stored on your computer. This is particularly problematic if information has been stored by your internet browser's cookies.
5. Beware suspicious emails
Beware of emails requesting personal information such as PIN or card security codes. Banks will never ask you for this information via email. Report any suspicious emails to your bank immediately.
6. Don't use provided links
Type the URL of your bank into your browser. Don't use a link provided in an unsolicited email: these links could potentially lead to copy-cat sites, or direct you to potentially harmful sites that may infect your computer.
7. Be vigilant
Never leave your computer unattended while logged into your online bank account or online retailer. This is like leaving your wallet on the table and stepping away.
Log out, especially when not using your home computer. Criminals target public computers, such as those in airports and internet cafes, and need only a very short amount of time to transfer money from one account to another.
8. Avoid 'money mules'
Beware 'money mules' offers where you receive financial reward for transferring money outside the UK.
Numerous scams exist in which large returns are offered via small foreign investments. Typical examples of these include bogus lottery wins, laundering offers and the notorious
Nigerian money scam. Fraudsters will request personal details, account numbers and copies of passports, which could potentially lead to both money loss and identity theft.
9. If it sounds too good to be true - it is
Remember that if the offer sounds too good to be true, it probably is. Fraudsters create deceptive offers that they know are likely to grab the attention of unsuspecting users, and then attempt to coax out their financial and personal details. Don't be taken in.
10. Don't write down passwords
Don't write down your PIN or password. The Banking Code protects you against fraud as long as you have taken a duty of care to avoid fraud. PINs and passwords are secret for a reason, so remember them, and never write them down.
Martin Warwick is the principal fraud consultant at FICO, which protects nine out of 10 UK cards
Phishing scams are typically fraudulent email messages from seemingly legitimate sources (your internet service provider, mobile phone provider, bank etc). These messages usually direct you to a counterfeit website or ask you to divulge private information (password, PIN, credit card numbers, or other account updates), which is then used to commit identity theft.