Credit Crunch

EASY PREY: Banks says people need to be security-conscious when handling their credit cards.

It's the sort of thing you feel in the pit of your stomach.

You go online to check your bank accounts and notice the credit card balance has gone a little haywire.

The balance has crept up but you know that you haven't used your card in a while. You look more closely at the statement and see transactions have been happening in New York. The only problem is you haven't been to New York. Not recently, not ever.

Take Paulette Archer. A leader of the after-school programme at Whanganui's YMCA, she regularly uses her credit card for online purchases both nationally and offshore.

"Two years ago I opened my bank statement and found a couple of transactions that were definitely not mine. They had happened in the UK," Ms Archer said.

"I'm lucky because I've worked in a bank and I knew what would be happening. The person at my bank who I dealt with was very helpful and the refund was made to my account almost straight away," she said.

Despite that glitch, she's not worried about continuing to use her card. She said as long as the cardholder took every precaution then any problem beyond that is the bank's worry and the retailer involved.

Another Whanganui couple, who asked for anonymity, are battling with card abuse of a different sort after they booked a night's accommodation at a Wellington motel. They were heading to the capital to see the Warriors play the Bulldogs at Westpac Stadium.

"When we arrived at the motel we gave them our card details as they requested. We decided to stay another night but still paid for both nights in cash," the man said.

A couple of weeks later they checked their card statement and found that the motel had taken out one night's accommodation, even though the couple paid for everything in cash.

"We contacted the motel and they said they wouldn't make any refund but offered us a night's accommodation. We don't want that. We want our money back and we're still arguing with them over that," the couple said.

"The thing is we certainly never gave them permission to take our money because we'd paid cash."

Another local made a purchase from a reputable US sports store but two months after that successful transaction (and he had received the goods he ordered online) he went back online to order a book from the States.

But when that transaction was declined he checked his bank statements and noticed a raft of illegal transactions on his credit card.

"They all involved purchases in New York. There were taxi companies, food stores and apartments. Later transactions were stopped by our bank because their security systems recognised I couldn't be in two places at once. I rang the bank straight away and one of their security staff said they were about to call me. "It was an awful feeling because whoever had scammed my card details had racked up more than US$1200 in transactions in a few days. I thought I was in the gun for those and would have to pay. Fortunately my card cover meant the bank took care of everything.

"But it's made me really wary of using my card like that again."

Then there's the case of a Whanganui woman holidaying in Australia. The only time she used her card was when she checked into the hotel she was staying in for two weeks. But even during her stay someone had accessed her card details and was using it illegally.

She only noticed the activity when she got home and checked her bank statements.

How much this credit card fraud is costing the banks is anyone's guess. Not surprisingly they won't say how much.

But Antony Buick-Constable, acting chief executive New Zealand Bankers' Association, said customer security was a major priority for banks and was something they continued to address to help tackle potential credit card fraud issues.

"NZ banks work hard to help prevent their customers and their accounts from becoming victims of financial crime. Banks take care to protect accounts from misuse and fraud. For example, bank systems can detect unusual spending patterns and help prevent attempts by fraudsters to access accounts," Mr Buick-Constable said.

"If you're the genuine victim of banking fraud, you need to talk to your bank immediately. Your bank may be able to reimburse you depending on individual circumstances and your terms and conditions. But that doesn't override your responsibility to protect access to your bank accounts."

He said all card users had a role to play to protect themselves and their money from financial crime.

"We strongly recommend people check their banking records and report any unauthorised transactions to their bank as soon as possible."

But he warned that fraudsters continued to find more sophisticated and "innovative" methods to illegally access someone's credit card details for their own gain.

"Fraudsters are always looking for new ways to scam us and steal our money. They use a range of ways to trick people into handing over personal information, including credit card details. Once they have that information, such as your account number, credit card number, login details, or password, they can access your identity and your money.

"This kind of fraud is known as 'phishing' if the fraudster makes contact by email, 'vishing' if it's by phone, or 'smishing' if it's by text. Then there's 'catphishing' which occurs when a fake profile is created online through emails, dating sites or social media to lure someone into a close personal or romantic relationship and then trick them into sharing personal information, such as bank account login details.

"Scammers may also pretend to be your bank, a government agent, a retailer or someone you trust," Mr Buick-Constable said.

Credit card skimming is another method favoured by criminals. Crooks use a small device to steal credit card information in an otherwise legitimate credit or debit card transaction.

When a credit or debit card is run through a skimmer, the device captures and stores all the details stored in the card's magnetic strip. Thieves then use the stolen data to make fraudulent charges either online or with a counterfeit credit card. In the case of ATM and debit cards, they can withdraw cash from the linked checking account. The stolen card details may even be sold over the internet.

Credit card skimmers are often placed over the card swipe mechanism on ATMs and gas stations. With ATMs, the crooks may place a small, undetectable camera nearby to record you entering your PIN.

Mr Buick-Constable said the banks have some basic rules people should follow if they're shopping or banking online.

When you log on to do internet banking, type in your bank's full web address. Do not use links in emails or text messages that appear to take you to your bank's website. And check you have a secure connection, which is shown by a closed padlock symbol in the address bar, and that the website address starts with "https://". The "s" stands for "secure".

You can save yourself grief by avoiding public computers and Wi-Fi for internet banking, from places such as internet cafes, libraries or hotels.

He said card users needed to protect their identity information and only provide it to trusted people and organisations. This includes date of birth, address, driver licence number and passport details.

"Shop with trusted retailers. Check the security of the website and before you provide personal information - including credit cards details - make sure they will protect that information. And keep your anti-virus and firewall software up to date. If you suspect you've been taken in by a scam and your bank account may have been compromised, contact your bank immediately," he said.

Mr Buick-Constable said if anyone wanted to know more about what form of protection the banks offered them if someone was illegally using their credit card there were links they could go to for information on card protection, such as Zero Liability policy. Got to either http://www.visa.co.nz/personal/security/securityagenda.shtml, or http://www.mastercard.com/nz/consumer/fraud-protection.html.