Six months into 2019 and 23 Million credit cards had not only been stolen but were readily available for sale for as little as $5 on the Internet, you just have to know where to look. In today’s ecommerce world where credit cards are the currency of choice, keeping personal information secure and protecting client data is a top priority for a growing number of businesses.
Globally the three major credit card companies – Visa, Mastercard and American Express – have issued 5.1 billion credit and debit cards and, as reported by Visa, there are 270 billion credit card transactions annually. More than 66% of stolen cards were issued in the US, so it’s no wonder that credit card fraud costs American businesses upwards of $12 Billion each year. While the US is leading the pack, most countries are being affected worldwide with the UK trailing in a close second.
So who is stealing this information, where and how are they selling it to black market buyers and most importantly, what can consumers and businesses do to minimize their exposure?
Most of the credit card information seems to be gathered in unsuspecting, everyday transactions. From restaurant and retail staff who duplicate cards when processing bill payments, to ATM machines and gas pumps that have ‘skimmers’ installed on card readers and, of course, the more sophisticated hackers that take down entire ecommerce websites and business sites gathering information on millions of users at a time.
The preferred stolen credit card information being sold seems to be gathered from online transactions that include the ‘CVV’ number, those three little digits on the back of the card. Once purchased by criminals, it’s easy to utilize this information on ecommerce sites and max out cards long before the credit card companies and actual card holders notice.
So what can you do to stay protected?
As a credit card user there are a number of security precautions you can take, such as setting up alerts on accounts and regularly checking credit card reporting agencies for exposure risk.
As a business, familiarizing yourself with PCI DSS compliance to ensure your business, and the businesses you trust with personal information are taking the right measures to keep data protected from cyber crime is key. Partnering with a company like Complior allows you to have experts that regularly educate, explore and monitor exactly this criminal behaviour online so you can sleep at night with your cards safely in your wallet.
SixGill’s report delved deep into the dark crevices of the internet to discover this information, for further reading head here.
For more great info, read our piece Notes and thoughts around the gentle art of assessing ATMs