The Now: Common Credit Card Scams

Lesson 29: Common Credit Card Scams


Common credit card scams

Credit card fraud has been around since the invention of credit cards themselves. Sometimes individuals steal your information without you knowing it. Other times, you may give your information over through deceptive means. These days, scammers are using a variety of tactics to obtain users' credit card information. While it can be difficult, there are steps you can take to lessen the risks of having your information stolen.


A more recent method of credit card fraud is a process called skimming. Skimming is when a thief uses an electronic device called a skimmer to steal your credit card information. This information is then loaded onto a counterfeit card and can be used as a credit card.

Skimmers are generally difficult to spot. More often than not, they're made to look like regular card readers and they snap on top of existing ones at ATMs, gas pumps, cashier stations, and more. The only way to really tell if a skimmer is being used is to gently pull on the card reader to make sure it's real. If it doesn't pop off, the odds are good that it's not a skimmer.


Phishing is when someone obtains your credit card information by disguising an email, message, or website as legitimate when it's actually not. It can often be difficult to tell whether these links and sites are real. It's best to err on the side of caution and look for the following signs before clicking a link or typing information:

  • Emails asking for sensitive information: Banks will never send emails asking you to respond with passwords or other personal information.
  • Misspelled URLs/slightly altered logos: Phishers will often re-create websites and slightly change some elements that you might not catch at a glance.
  • Links to "trusted" websites: Always manually type the URL of websites where you need to provide sensitive information; links in emails and messages may lead to fake websites.
  • Nonsecure websites: Only enter sensitive information on a website if its URL begins with https:// rather than http://.

For more information on phishing, review our lesson on Avoiding Spam and Phishing.

Public Wi-Fi networks

If you're using the Internet through a public Wi-Fi connection that doesn't require a password (like one at a coffeeshop or store), you're probably using an unencrypted network. This makes it possible for someone to see the websites you visit and even the information you type into certain forms, including credit card numbers.

We recommend only using encrypted networks (those that require a password) when entering sensitive information. If you absolutely need to use an unencrypted network, we recommend using a virtual private network, or VPN. For more information on VPNs and help with setting one up, visit


Spyware is software that gains information about your computer activity without your knowledge. More often than not, spyware makes its way onto your computer when you download harmful software or visit attack pages. The best way to prevent and eliminate spyware is to use antivirus software and avoid clicking links and downloading files you can't trust.

Even when taking all of the preventative measures stated above, there's always a risk that your credit card information could still be stolen. Because of this, it's always a good idea to check your bank account regularly for any unfamiliar or suspicious activity.