Cart shark: As profits fall, hackers work harder
For those who think their credit card is a lucrative target for online hackers, think again. With a glut of stolen personal information available on the underground market, competition among identity crooks is causing prices for such data to plummet, according to a study released this month by security software giant Symantec.
While this may help online shopaholics sleep better at night, keep in mind that the surplus of stolen data exists because cyberfraud is on the rise. Although the banks are getting better at quickly cutting off compromised accounts, Symantec found the number of cyber attacks increased fivefold last year, suggesting the average American with even a low-limit credit card is vulnerable when shopping the Web.
Most reputable online retailers encrypt credit card transactions to protect against hackers, but security lapses can penetrate even the most ironclad systems.
Although major credit card companies like Visa and MasterCard offer special security programs for added online protection, financial organizations like Citibank and Discover take Internet security a step farther, using virtual account numbers to disguise personal financial information during online transactions.
Virtual account numbers are randomly generated substitutes for your bank card number that can be used to buy goods and services online, over the phone and through the mail.
These random numbers are connected to the card member’s existing account, and are intended for one-time use only when shopping online. Purchases made using the virtual account numbers appear on the cardholder’s monthly statement, just like any other transaction. It’s free for Citibank card members at https:// www.citibank.com/us/ cards/vanpromo/cmc_pop/ index2.htm. Discover Card members can check out a similar service at http://www.discovercard.com/ customer-service/security/ create-soan.html.
One limiting factor associated with the virtual account is that it can’t be used to verify items bought online but picked up in person, such as will-call tickets. Still, for the vast majority of online purchases, this added layer of security could help thwart would-be hackers.
Another means to safeguard against online credit card fraud is to be selective about where you shop. Look for the “https://” at the beginning of the URL address of the retailer’s order page, an indication that any personal or financial information transmitted over the Web is encrypted.
It’s also worth your time to read the merchant’s privacy and security policies to ensure credit card data is properly stored. Transmitting personal information over secure channels is largely useless if the merchant doesn’t store that data in encrypted form.
Keep in mind that the safest way to shop online is with a credit card. Unlike debit cards, check cards and ATM cards, credit cards are protected under the federal Fair Credit Billing Act, which means consumers have the right to dispute credit card charges, and can even withhold payments during a creditor investigation. If you’re a frequent online shopper, it might be wise to obtain a credit card intended solely for online payments, making it easier to detect fraudulent credit charges associated with it.