Menu
EN
ES

Ways Credit Thieves Steal Your Information

shutterstock_131307074In the old days, thieves could glean your credit card number by dumpster diving and fishing the digits out of the trash. However, in the digital age, everyone, including the crooks, is ramping up their game in an ever-more sophisticated arms race to protect or steal your private information.

Over the 2013-2014 holiday season, hackers used a phishing scam to attack payment terminals installed at Target store registers and found a back way into Target’s entire data system. Ultimately, 40 million people had their credit card numbers stolen, and another 70 million had their identity information, birthdates, addresses, etc. compromised. Target wasn’t the only firm hit by identity thieves, either. In the last year Sony and Citibank had their systems broken into by cyber-criminals. Even an “expert” security company like RSA isn’t immune; RSA’s SecurID system was hacked into in 2011, an embarrassing breach that cost RSA $66 million to fix.

Data thieves steal your personal information for only one reason: there’s money in it. If someone can get their hands on your credit card number, your personal data (date of birth, address, relatives’ names, etc.), your Social Security Number, or your passwords, they may not only use the data themselves, but there are others who will pay them for it. Stealing data can come in many forms, some of them low-tech and obvious, others breathtakingly sophisticated. Here are some of the most common ways that credit-thieves will steal your information, and what you can do to safeguard against it.

Physical Theft

The old snatch and grab remains a popular way to steal someone’s identity info. So anytime you stop for gas, be sure your windows are rolled up far enough to prevent someone from reaching in and taking your purse. Make certain your windows are up and all doors are locked. If you have valuables in the car like a wallet or your phone, keep them out of sight. Old-fashioned pickpockets are still out there, too, so keep your wallet somewhere that’s not easily accessible to thieves.

Using Change of Address Forms

If a thief knows your name and address, he/she can submit a change of address form using your information. The thief will then get all of your mail until you can sort out the situation, including documents like credit card and bank statements. So pay attention to what arrives in your mailbox. If you get a change of address notice in your mail, act immediately. One way to avoid this is to go paperless, and have your statements sent electronically. Also, if it seems like it’s taking too long for a credit card statement to arrive, contact the issuing company.

Phony Calls and Phishing Scams

In this scenario, a thief calls you, pretending to be from your credit card issuer, and asks you to verify your personal ID data. Don’t fall for this one, because as soon as you hang up from talking with “Bob from AmEx”, he’ll telephone AmEx pretending to be you. If you get such a call supposedly from your credit card company, simply hang up. Your credit card company will not contact you for this information because they already have it. After receiving such a call, get in touch with your credit card company immediately. The same goes for phishing e-mails that pretend to be from your credit card issuer, or eBay, or any other business that has your personal info. In the case of spoofing e-mails, contact the company immediately, and forward the e-mail you were sent. It’s very important that you deal with these problems immediately. Don’t simply ignore them or delete them. Report the phony call or the phishing scam to the business being impersonated.

Credit Card Skimming While Shopping or Dining

Whenever you’re out in public having a meal or shopping, your personal data could be exposed. For instance, after you’ve given your server your credit or debit card to pay for dinner, the server disappears to swipe your card to create your receipt. But, what if your server is also a cyber-thief and swipes your card on a little device called a skimmer that attaches to a smart phone? This technology is incredibly cheap; you can buy one of these devices on Amazon for as little as $6-7, which may be one reason why 70% of card skimming occurs in restaurants. Once your card has been swiped, your data is stored for re-use or resale to someone who will clone the information gleaned from the card’s magnetic strip to a new card. To avoid being ripped off like this, avoid businesses where you can’t see your card being swiped, and deal with a credit card provider that will call, e-mail, or text you immediately when there is suspicious activity on your credit card.

Fake Skimmers or Camera for Data Harvesting

The ingenuity of cyber-criminals know no bounds. Sometimes crooks will attach an extra credit card reader to the outside of those pay at the pump gas pumps, or attach a tiny camera that will record your info visually. The skimmer sends a Bluetooth signal to a laptop, where the crook harvests the data encoded in the magnetic strip. To prevent this, try to avoid swiping your card at unattended credit card readers, or anything that looks suspicious.

Protecting Yourself From Data Thieves

Here are some additional ideas for protecting your identity and financial info from the cyber-sharks who cruise the Internet and commercial venues:

  • If your credit card issuer provides this service, establish mobile alerts for your phone, so anytime there’s questionable activity on one of your cards, you’ll be notified right away.
  • Check your online accounts often to look for suspicious transactions. Forewarned is forearmed.
  • Don’t use public computers. If your bank sends you e-mails and paperless statements, hackers can harvest them from public computers. Hackers will sometimes install software that records every keystroke made by users so that they can steal passwords, etc. Instead, set up an e-mail account just for financial transactions, and only access it from secure locations.
  • Don’t do business with online vendors unless you’ve vetted them. Go with well-established businesses like Amazon to avoid problems.

If you know your data has been stolen, get in touch with your bank, credit card issuer, and law enforcement immediately. Many police departments have a way to file a police report online at their websites. Contact all of the major credit reporting agencies, Experian, Equifax and Transunion, and put in place a fraud alert for your credit reports.

Written by Kristy Welsh



So how is geeky Kristy Welsh (former rocket scientist and current software guru) also a credit expert? After being laid off from her career in Aerospace engineering, Welsh served a short stint as a mortgage professional in the early 90s. It was there she first learned how to fix people’s credit in order to get her loans funded. When the Internet, recession and bankruptcy came knocking on her door all at about the same time, she learned web programming, database design and a lot more about credit and debt. As a hobby, and to fill a need in the credit knowledge deficit of the average person, Welsh founded CreditInfoCenter.com in 1997.


From daily research and correspondence with the credit and debt challenged, Welsh turned the original 9-page site into a personal finance information powerhouse. In 2001, Welsh published Good Credit is Sexy, a tongue in cheek guide to restoring credit. The book is now in its 4th edition. In November 2013, Welsh retired from CreditInfoCenter.com and was subsequently approached by CreditRepair.com to continue her conversation with the American public regarding all things credit and debt.

View all posts by Kristy Welsh | Website

Posted in Identity Theft
Learn how it works

Questions about credit repair?

Chat with an expert: 1-800-255-0263

Already a member?

Facebook Twitter LinkedIn