Sunday, May 16, 2010

Don't use a debit card when dining out!

This Saturday, my husband got an e-mail from American Express, warning him of a fraud alert. It was a personalized e-mail, but fearing a phishing scam, he went to a trusted bookmark where he monitors our AMEX account (and my shopping habits!) and sure enough, in big red letters, was the announcement of a fraud alert. Someone attempted to buy an Apple iPhone and other smaller purchases using his account number. AMEX denied the purchase because the card numbers were keyed in manually.

In addition to American Express, we alternately use our Visa or MasterCard or a debit card which works directly from our checking account.

How did our AMEX number get loose? We carefully retraced our purchasing steps. We use AMEX exclusively for online purchases. We use our debit card at grocery stores or places where there is point of service swipes. Our credit cards rarely leave our possession.  Except when we dine out.

The week before last, we did just that. My husband and I enjoyed a meal at a well-known eatery in Rehoboth and a nice, young waitress, likely a college student, took our AMEX card to process our bill.  She was not a foreign student.

We can't accuse the eatery or the waitress. The breach could have occurred with any employee who has access to account numbers. But it got us thinking- the only time credit cards usually leave our possession is when I don't feel like cooking- which is a lot.

In those few seconds, a part-time, seasonal employee could run a paper and pencil impression, or easier still, take a quick image of our card with a cell phone. The person doing this may not be interested in using our card for purchases. Instead they can earn a few quick bucks selling a valid number to outside parties that do.

Fortunately, AMEX and other banks have excellent fraud and security departments. They sniffed the fraud out before it could even occur, and had it occurred, we would not have been held responsible.

But if we had used our debit card, cash funds could have been removed from our checking or savings account. Eventually, our bank would make good on it - most banks do- but it could be days or weeks before you regain access to your funds.

What can you do?

1. Do not use debit cards in restaurants. If that is where the funds are coming from, you are better off getting the cash from an ATM. If you can't use cash, at least use a credit card that offers 24-hour customer service and has a good reputation for customer protection and fraud detection.

2. Ask every restaurant manager you patronize to consider using customer point of service swipes. Convey your concern, and let them know you have been a victim of similar fraud in the past. The more an establishment's management hears these requests, the more likely they will consider changing their payment processing policies.

3. Know your financial institution's policies on fraud. What, if anything are you liable for? How long does it take to get a replacement card? How quickly will stolen money be put back in your account?

4. Notify an establishment if you feel there is a security leak. You can't accuse if you don't have proof, but you can share your suspicion and concern. For all you know, they may have had similar complaints which will tip them off to a serious staffing problem. Be polite, but share the information with management.

5. Notify your financial institutions ahead of time if you are traveling. Many banks have profiles, algorithms, etc. based on prior purchasing habits.  If they start seeing out of state or country activity, or an uptick in shopping patterns, they may question or block your purchases, which can be embarrassing.

6. Check your credit reports regularly. Annual Credit Report is the ONLY legitimate and free without any catch or additional fee service.

7. Be observant where and how you give out credit card information. Can you be overheard? Is the credit card leaving your possession? Make sure online sites are secure- look for https in the url (the added s indicates the site is secure).

No comments:

Post a Comment