Counterfeit Credit Cards
Counterfeit Credit Card Fraud
Credit cards have made it easier than ever for consumers to save time, energy and hassle. Credit cards allow consumers to make purchases quickly, track their spending and carry a more secure form of currency than cash. Unfortunately, the same ease and convenience that credit cards bring to consumers also make them alluring to criminals. Like all forms of currency, credit cards can also be counterfeited. Like all counterfeits, however, there are also better and worse counterfeits. In some cases, the actual physical card may be counterfeited to use in restaurants, stores, and other establishments, in other cases the number and other information are used for e-commerce card-not-present purchases. Here is an overview of counterfeit credit cards; how they are made, what they are used for, how to spot them and how to prevent counterfeit credit card abuse.
What Are Counterfeit Credit Cards?
In the early days of the internet and digital financial transactions, identity theft was quite common. When thieves would steal a victim's identity, they could sometimes open dozens of fraudulent accounts in the victim's name before it was discovered. Even when it was discovered, there was often very little the victim could do to stop it. It could sometimes take years and in some cases several thousands of dollars in legal fees to separate their own identity from the fake one established by the thief. With a rising number of online security protocols to prevent identity theft, however, the complete takeover of someone's identity is becoming less and less common.
What is on the rise, however, is ATO or Account Takeover. This is where scammers gain control of one or more of a victim's accounts and simply use them in tandem with the victim. In some cases, they may quickly make several large purchases before abandoning the account and in others, they may spend several months making a series of relatively small purchases that go completely unnoticed. Sometimes, the scammers will simply use the victim's payment card information online, while in others they will actually create counterfeit cards to use at physical locations.
How Do Cybercriminals Take Over Accounts?
There are a number of different ways thieves can gain control of legitimate accounts. These are the most common.
- Call Center Fraud: Call center fraud exploits the vulnerabilities that still remain on telephone systems. IVR (Interactive Voice Response) systems are much less secure than most internet protocols and are only able to authenticate a caller's identity based on a few pieces of relatively generic information such as the last 4 digits of a social security number or a PIN code. Live call center agents are often easier to manipulate and can aid scammers by changing personal information such as a home address or email address, which can allow scammers to have a new debit or credit card sent to them, after which they can change the PIN code via the IVR system.
- Phishing: Scammers are often able to gain access to the victim's login credentials through phishing scams. Phishing scams generally consist of an official-looking email from a reputable bank or company the victim does business with, directing them to log into their account via a helpfully provided link. The link leads to a portal controlled by the scammer, where they can capture the victim's login credentials.
- Skimming: Skimming is the actual swiping of a legitimate credit card through a card reader to record the card's information. In some cases, scammers may attach a skimmer to a legitimate card reader such as at an ATM or gas station. They may also attach a small camera to record the victim entering their pin number. In other cases, wait staff at restaurants other service workers that get left alone with credit cards may carry a portable skimmer that they can use when they are on their way to scan or swipe your card legitimately.
- Hacking: These days almost all merchants and businesses have databases of both financial and personal information about their clients and customers. In some cases, hackers may steal that information and use it themselves or they may sell it on the dark web.
In some cases, thieves may make an actual duplicate of the credit card, while in others they may simply use the number and CVV to make e-commerce purchases.
Counterfeit Credit Card Detection
E-commerce sites have their own security protocols in place to prevent the fraudulent use of credit cards. In fact, where it was once easier to use stolen credit card information online, it may now actually be easier to use a counterfeit credit card in person. While many stores have cameras at the register or located throughout the store, there are always ways to keep even cameras from being able to make a positive identification. As with all currency, credit card manufacturers have begun putting security features in place to help merchants spot counterfeited credit cards.
The best way to prevent credit card fraud is for merchants to familiarize themselves with these security features and always keep a lookout for cards missing these identifiers.
- The signature panel should have Visa or MasterCard microprinted through the pane, rather than being plain white. Microprinting is printing that seems to be a solid line when viewed with the naked eye, but become very small words or letters when viewed under a magnifying glass. Microprinting is very difficult to reproduce so most credit card forgers don't even bother.
- The numbers on the signature panel should slant to the left and match the last four digits of the number on the front of the card.
- MasterCards will contain a holographic image embedded into the back of the card. On MasterCards, it will be the MasterCard logo, Visa cards will have a holographic dove. The stamped numbers on the front should be stamped right through the holograph.
- Visa's embossed account numbers begin with a 4 and contain 13 or 16 digits, MasterCard's with a 5 and contain 16 digits.
iovation is a leading provider of fraud detection and prevention solutions as well as advanced multifactor authentication software for online banking, e-commerce, insurance, gambling, online communities, and travel and ticketing organizations.
Ready for the next step?
Spot user behaviors and device information that’s suspicious, and stop those fraudsters in real time. We track billions of devices and our fraud analysts add evidence to make this intelligence even more effective.