We read every day stories about people’s credit cards that were “hacked”. \u00a0We put the word hacked in quotes because it’s really not the correct term. \u00a0The better word is breached.<\/p>\n
Regardless of the what you call it, the bad guys got your credit card number and now you have to jump through a bunch of hoops in order to fix it, from calling the credit card provider, to looking over your statements to see where all the bad guys used your card.<\/p>\n
But how did you get here? \u00a0Where did the bad guys get your card? \u00a0When did it happen? \u00a0What method did they use?<\/p>\n
First thing’s first. \u00a0It most likely didn’t happen recently<\/span>. \u00a0Unless you lost your card, chances are your card was compromised weeks, if not months ago. \u00a0So don’t blame the last place that you used your card. \u00a0Not only did they probably not have anything to do with it, but you’re also making possibly a slanderous statement against that company and could find yourself in legal trouble.<\/p>\n The card may have been compromised at a merchant who was not PCI Compliant<\/a><\/strong>, a requirement for any merchant who takes credit cards. \u00a0Unfortunately, many merchants don’t have a clue that they need to be compliant, or under the assumption that they already are, based on wrong information they are receiving from their credit card processor. \u00a0Here’s some simple facts:<\/p>\n The card may have been breached at a gas station or ATM that had a skimmer installed. \u00a0 This method collects card information for a period of weeks or months. \u00a0The bad guys (and girls)<\/a> then take the numbers and encode them on pre-paid credit cards they purchase at a drug store, and go on shopping sprees. \u00a0The length of time between the skimmed cards and the using of the accounts could be a few months.<\/p>\n Banks have become smarter when it comes to compromised accounts. \u00a0Many years ago when a card was compromised, the victim would find charges that were made in other states or even other countries. \u00a0Today, if there’s suspicious activity on an account, often times the bank will call the account holder and ask them if they are in another state. \u00a0If they are not, they will not authorize the transaction.<\/p>\n Because the banks are now monitoring accounts, the bad guys are adapting. \u00a0Usually, if a card holder is based in a particular ZIP code, the bad guys will harvest all of the account numbers for that area, then descend on that area and begin to use the compromised accounts in that area. \u00a0That raises less suspicion with the banks. \u00a0However, the time between the breach and the using of the account can be weeks or months.<\/p>\n\n