As Christmas nears, the shoppers will be out in force and with them the fraudsters. Rupert Jones and Judith Larner look at the many scams and how to avoid them

Saturday November 23, 2002
The Guardian

That friendly tap on the shoulder as you're at the cash machine may not be all it seems. With Christmas now less than five weeks away, police are warning people to be extra-careful with their credit and debit cards because the fraudsters are out in force.

Bigger-than-average ATM withdrawals to pay for presents, distracted shoppers laden down with purchases, boozy office workers out on their work Christmas party ... the conditions are ideal for the crooks to work their card tricks.

This week the City of London Police cheque and credit card unit said it had seen a "significant" increase in organised teams of criminals targeting ATMs. However, cashpoint-related card fraud is only one weapon in the crooks' artillery. Fraudsters are resorting to all sorts of scams to try to part people from their cash. One of the scariest is identity theft (see later), where a crook makes it their mission to become you.

Earlier this month it was revealed that plastic card fraud has jumped by more than 50% over the past two years to £430m.

Here we identify the main card fraud scams and offer advice on how to avoid being a victim.

At the cashpoint

Fake swipe devices
In one of the most brazen scams doing the rounds, fraudsters attached fake card readers to the doors of bank ATM lobbies used by customers in the evenings or weekends. The fake readers are removed later, containing thousands of customers' details, and no-one is any the wiser until the dodgy transactions start showing up.

Lebanese loop
Allegedly first used by a Lebanese gang, the scam involves a card attached to a piece of magnetic ribbon being inserted into an ATM. The next card put in will be swallowed. The fraudster approaches his target, pretending to be helpful, and says the problem can be remedied if the cardholder types in their PIN number. There's no joy, of course, so the cardholder gives up and leaves. The fraudster, who has memorised the PIN number, fishes out the card using the loop device and helps themselves to the cash. The advice? "Don't enter your Pin number unless you get a prompt," says the City of London Police.

Shoulder surfing
In one of the simplest scams, a crook looks over a cash machine user's shoulder as they key in their PIN number, then steals the card using distraction techniques or pickpocketing. The advice? Cover the key pad with your hand when your're entering your number.

The dropped tenner
After keying in their PIN number, a victim is tapped on the shoulder and told there is a £10 note lying on the ground. While they look down, or reach to grab it, the crook or an accomplice swipes the card and legs it.

Sticky tape
Works best on older cash machines, which dispense money from a slot well below eye level. The crooks place a strip of clear tape across the slot slip away and wait. Customers failing to withdraw cash walk away believing there is a technical fault. The criminals move in, strip off the sticky tape and trouser the cash nestling behind it.

The false front
A false front is placed over the machine's card slot, which will accept your card and retain it but won't allow you to initiate a transaction. Again, if this happens, on no account enter your PIN unless the machine prompts you to. Try pressing the "return card" button, and if this doesn't work, try to remain at the machine and get help.

Stolen cards
Many cases of ATM-related fraud occur when the cardholder has written down their PIN number - against all advice - and kept it with their card in a purse or wallet which is then stolen. Never write it down or reveal it.

Shops, bars and restaurants

Skimming
One of the fastest-growing types of card fraud is skimming - copying genuine data from the black magnetic strip on one card on to a blank card without the owner's knowledge. An unscrupulous shop assistant or restaurant waiter processing a transaction can quickly record data using a gizmo as small as a pager. The resulting counterfeit card may turn up anywhere in the world, and the cardholder is unaware of the crime until unexplained transactions appear on their statement. So, try to keep a very close eye on your card.

Dodgy bartender
A variation on the above. In celebrating something, you put your card behind the bar. A crooked member of staff has plenty of time to secretly copy your plastic. Advice: be very careful who you hand your plastic to!

Two times' takeaway trick
A minor league scam. You phone up a restaurant for a takeaway and pay by card over the phone. You later see on your statement you've been charged twice for the meal.

Online

Card-not-present fraud
This involves crooks using fraudulently-obtained card details to make a card purchase online, over the phone or by mail order. The victim may not be aware anything has happened until they get their statement and find they've been billed for six copies of Jim Davidson's autobiography they most definitely didn't buy. The advice: don't throw away your receipts and card statements, says Martin Warwick at Barclaycard. "Take them home and burn or shred them."

X-rated rip-off
One of the most popular scams operated usually by overseas-based adult sites involves requests for users' credit card details, either to pay a "one-off" subscription fee or simply to act as proof that customers are over 18. When the individual does this, they find they are being charged $20-$30 every month by the site. Attempts to get the unauthorised payments stopped run up against toll-free phone numbers that only work in that country, with no address to write to.

Out of your control
The nightmare scenario for many internet users is someone else being able to access their bank account details without their knowledge. There have been several high-profile internet security scares in the last couple of years involving big names such as Barclays and PowerGen which have involved people being able to see other customers' details.

Other tricks and traps

Identity theft
There's a touch of the sci-fi about this scam as it involves crooks trying to take over peoples' card accounts. They gather information about their victim, then contact the card company pretending to be them. They say they have moved and ask for their mail be directed to the new address. The crook then reports the card lost and asks for a replacement to be sent.

Stolen in the post
Fraud involving new cards which go missing en route to customers had been falling sharply, but last year saw a sizeable increase in this fraud. Cards going to people in high-risk areas are often securely delivered or customers are asked to come in and collect them.

Holiday horror
A third of fraud involving UK cards occurs abroad. More than half of this takes place in three countries: the US, France and Spain. Barclaycard is among the companies that encourages cardholders to notify it when and where they are going on holiday.

The card game
• Don't let your card out of your sight when making a transaction, particularly if you're in a petrol station or restaurant.
• Report lost and stolen cards, or suspected fraudulent use of your card account, to your card company immediately.
• Don't carelessly discard receipts from card transactions or your card statements. If possible, shred or burn any documents that contain information relating to your financial affairs.
• Check your receipts against your statements carefully. If you find a suspicious transaction, contact your card issuer immediately.
• Never write down your PIN number and never disclose it to anyone.
• When using a cash machine, be wary of anyone trying to watch you enter your Pin and do not allow yourself to be distracted.
• When buying over the internet, get the merchant's phone number (not a mobile) and postal address (not a post office box). And ensure the locked padlock or unbroken key symbol appears on screen before you send your card details. The beginning of the retailer's internet address will change from 'http' to 'https' when a purchase is made using a secure connection.

As Christmas nears, the shoppers will be out in force and with them the fraudsters. Rupert Jones and Judith Larner look at the many scams and how to avoid them

Saturday November 23, 2002
The Guardian

That friendly tap on the shoulder as you're at the cash machine may not be all it seems. With Christmas now less than five weeks away, police are warning people to be extra-careful with their credit and debit cards because the fraudsters are out in force.

Bigger-than-average ATM withdrawals to pay for presents, distracted shoppers laden down with purchases, boozy office workers out on their work Christmas party ... the conditions are ideal for the crooks to work their card tricks.

This week the City of London Police cheque and credit card unit said it had seen a "significant" increase in organised teams of criminals targeting ATMs. However, cashpoint-related card fraud is only one weapon in the crooks' artillery. Fraudsters are resorting to all sorts of scams to try to part people from their cash. One of the scariest is identity theft (see later), where a crook makes it their mission to become you.

Earlier this month it was revealed that plastic card fraud has jumped by more than 50% over the past two years to £430m.

Here we identify the main card fraud scams and offer advice on how to avoid being a victim.

Section headings

i. Online
ii. Other tricks and traps
iii. Shops, bars and restaurants
iv. At the cashpoint

Paragraph headings

1. Card-not-present fraud
2. X-rated rip-off
3. Stolen in the post
4. Fake swipe devices
5. The false front
6. Stolen cards
7. Skimming
8. The dropped tenner
9. Holiday horror
10. Two times' takeaway trick
11. Dodgy bartender
12. Lebanese loop
13. Out of control
14. Identity theft
15. Sticky tape
16. Shoulder surfing

Section 1 -

a.
In one of the most brazen scams doing the rounds, fraudsters attached fake card readers to the doors of bank ATM lobbies used by customers in the evenings or weekends. The fake readers are removed later, containing thousands of customers' details, and no-one is any the wiser until the dodgy transactions start showing up.

b.
Allegedly first used by a Lebanese gang, the scam involves a card attached to a piece of magnetic ribbon being inserted into an ATM. The next card put in will be swallowed. The fraudster approaches his target, pretending to be helpful, and says the problem can be remedied if the cardholder types in their PIN number. There's no joy, of course, so the cardholder gives up and leaves. The fraudster, who has memorised the PIN number, fishes out the card using the loop device and helps themselves to the cash. The advice? "Don't enter your Pin number unless you get a prompt," says the City of London Police.

c.
In one of the simplest scams, a crook looks over a cash machine user's shoulder as they key in their PIN number, then steals the card using distraction techniques or pickpocketing. The advice? Cover the key pad with your hand when your're entering your number.

d.
After keying in their PIN number, a victim is tapped on the shoulder and told there is a £10 note lying on the ground. While they look down, or reach to grab it, the crook or an accomplice swipes the card and legs it.

e.
Works best on older cash machines, which dispense money from a slot well below eye level. The crooks place a strip of clear tape across the slot slip away and wait. Customers failing to withdraw cash walk away believing there is a technical fault. The criminals move in, strip off the sticky tape and trouser the cash nestling behind it.

f.
A false front is placed over the machine's card slot, which will accept your card and retain it but won't allow you to initiate a transaction. Again, if this happens, on no account enter your PIN unless the machine prompts you to. Try pressing the "return card" button, and if this doesn't work, try to remain at the machine and get help.

g.
Many cases of ATM-related fraud occur when the cardholder has written down their PIN number - against all advice - and kept it with their card in a purse or wallet which is then stolen. Never write it down or reveal it.

Section 2 -

h.
One of the fastest-growing types of card fraud is skimming - copying genuine data from the black magnetic strip on one card on to a blank card without the owner's knowledge. An unscrupulous shop assistant or restaurant waiter processing a transaction can quickly record data using a gizmo as small as a pager. The resulting counterfeit card may turn up anywhere in the world, and the cardholder is unaware of the crime until unexplained transactions appear on their statement. So, try to keep a very close eye on your card.

i.
A variation on the above. In celebrating something, you put your card behind the bar. A crooked member of staff has plenty of time to secretly copy your plastic. Advice: be very careful who you hand your plastic to!

j.
A minor league scam. You phone up a restaurant for a takeaway and pay by card over the phone. You later see on your statement you've been charged twice for the meal.

Section 3 -

k.
This involves crooks using fraudulently-obtained card details to make a card purchase online, over the phone or by mail order. The victim may not be aware anything has happened until they get their statement and find they've been billed for six copies of Jim Davidson's autobiography they most definitely didn't buy. The advice: don't throw away your receipts and card statements, says Martin Warwick at Barclaycard. "Take them home and burn or shred them."

l.
One of the most popular scams operated usually by overseas-based adult sites involves requests for users' credit card details, either to pay a "one-off" subscription fee or simply to act as proof that customers are over 18. When the individual does this, they find they are being charged $20-$30 every month by the site. Attempts to get the unauthorised payments stopped run up against toll-free phone numbers that only work in that country, with no address to write to.

m.
The nightmare scenario for many internet users is someone else being able to access their bank account details without their knowledge. There have been several high-profile internet security scares in the last couple of years involving big names such as Barclays and PowerGen which have involved people being able to see other customers' details.

Section 4 -

n.
There's a touch of the sci-fi about this scam as it involves crooks trying to take over peoples' card accounts. They gather information about their victim, then contact the card company pretending to be them. They say they have moved and ask for their mail be directed to the new address. The crook then reports the card lost and asks for a replacement to be sent.

o.
Fraud involving new cards which go missing en route to customers had been falling sharply, but last year saw a sizeable increase in this fraud. Cards going to people in high-risk areas are often securely delivered or customers are asked to come in and collect them.

p.
A third of fraud involving UK cards occurs abroad. More than half of this takes place in three countries: the US, France and Spain. Barclaycard is among the companies that encourages cardholders to notify it when and where they are going on holiday.

You have been cntraced by a big department store in your country to help draw up a list of advice & warnings for shoppers.

When you have finished compare with the article's list below

The card game

• Don't let your card out of your sight when making a transaction, particularly if you're in a petrol station or restaurant.

• Report lost and stolen cards, or suspected fraudulent use of your card account, to your card company immediately.

• Don't carelessly discard receipts from card transactions or your card statements. If possible, shred or burn any documents that contain information relating to your financial affairs.

• Check your receipts against your statements carefully. If you find a suspicious transaction, contact your card issuer immediately.

• Never write down your PIN number and never disclose it to anyone.

• When using a cash machine, be wary of anyone trying to watch you enter your Pin and do not allow yourself to be distracted.

• When buying over the internet, get the merchant's phone number (not a mobile) and postal address (not a post office box). And ensure the locked padlock or unbroken key symbol appears on screen before you send your card details. The beginning of the retailer's internet address will change from 'http' to 'https' when a purchase is made using a secure connection.