Target, The Home Depot, and Kmart are just a few of the big companies that have been hit by credit card breaches. And the undeniable truth is, it’s only a matter of time before another company makes the news.
With the holiday season just around the corner, finding the perfect gift is on the minds of many consumers. In spite of the massive credit card breaches that have happened this year, a recent study by Deloitte found that while 42 percent of consumers are concerned about their personal data when making in-store purchases, 56 percent will still shop at retailers that have experienced a data breach. What this implies is that many consumers have accepted credit card breaches to be the norm.
How do credit card breaches happen, and what can you do to prevent your information from falling into the wrong hands?
How credit card breaches happen
Credit card breaches can happen when a bank or retailer is hit by a cyber-attack. In these instances, the back-end of the bank or retailer may be breached and there’s not much a consumer could have done to prevent the data loss. Perhaps an employee was tricked into revealing sensitive information through a spear phishing attack on a company computer. Perhaps a dishonest employee stole information while processing bills. Or it could be that the point-of-sale system had been compromised by malware or a skimming device. Once a cyber-attack begins, you can only hope the targeted organization is able to stop, or at least mitigate, the problem before it gets even worse.
Credit card information can also be compromised, unfortunately, as the result of your own actions. Similar to how a bank employee could fall for a phishing scam, so can consumers. An email pretending to be from your bank saying “unusual activity has been detected on your account” might send you into panic. As a result, you may be fooled into clicking on the link or attachment within the email, which ultimately directs you to a phishing website or one that infects your PC with data-stealing malware. Before you know it, your personal information has been exposed to people who should not have it.
Phishing emails aren’t the only method cybercriminals employ to steal your credit card information. Cybercriminals could exploit vulnerabilities in your operating system, Web browser, and other applications then infect your computer with malware that can be used to record your keystroke or perform a man-in-the-browser attack.
Finally, cybercriminals can steal credit card information when you connect to public WiFi. Since 90% of public WiFi hotspots have inadequate security, any data being transmitted can be intercepted by cybercriminals through a man-in-the-middle attack. Additionally, cybercriminals can set up rogue networks that masquerade as legitimate ones to trick users into connecting to it. Consequently, if you accidentally connect to a rogue network, information being transmitted from your PC is now in the possession of the cybercriminal.
What you can do
While bank and retailer credit card breaches are out of your control, there are some steps you can take to prevent your credit card information from being compromised on your end.
• Beware of phishing emails – especially after news of a massive credit card breach
• Regularly monitor your statements
• Secure your accounts with strong passwords – and never reuse them
• Set up email alerts with your bank for balance notifications
• Equip your PC with, at the minimum, an antivirus and two-way firewall
• Update your operating system, Web browser, and other applications
• Avoid logging into your accounts through email links
• Never access websites with sensitive information on public WiFi
Credit card breaches with banks and online retailers are likely to continue to occur. As banks and online retailers implement preventative measures to protect their business and customers, you, the consumer, should follow the same path. While you have no control over an organization’s security measures, you do have control over your own best practices to help prevent your credit card information from falling into the hands of cybercriminals.
Have any tips to add to our list?