Every time a charge hits one of my credit cards I get a text message detailing the transaction. This helpful little service was offered to me by Chase, but now other card issuers have offered this service as well.
I have to admit, my primary interest in this service is to keep a persistent eye on my college students, who each have a card for “emergencies.” While I occasionally let them use their cards for dinners out or other non-emergency spending, the rule is they are required to ask Dad or Mom first, and with the help of my text alerts, my enforcement is so immediate and relentless that violations are now rare.
This service also comes in handy for issues like monitoring free trials I signed up for that are now charging, reminding me I’m paying for streaming services I don’t watch, and of course, potential fraud monitoring. I’ve noticed a lot of online credit card purchases tend to post overnight, so every morning I review charges to make sure no misbehavior has occurred. Fortunately, it had been years since I experienced any credit card fraud. Until last Thursday.
Posting at 3:47 a.m. was a charge just subtle enough to go almost unnoticed. $100 even, charged to Menards.com. Now, like most of us in Northwest Indiana I spend a decent amount of time and money at Menards, and I occasionally buy things on the website for pickup at the store. I’m sure shopping with this vendor is common for many consumers in my zip code, and this charge may have slipped through, except I know I always use my Menards BIG card when shopping at the store because I like the 2% cash back deal it offers. This personal behavior trait, combined with the even dollar amount (likely a gift card) and posting time raised the red flags. My card had been hacked. An hour later the card was shut down.
There are some important observations to make from this experience. The sophistication level of the fraud being foremost. The transaction was clearly designed to be a trial balloon. While the fraudsters may have gotten away with a $100 gift card, the true intention had to be to test the card number and owner response, and using a common local vendor like Menards for the test shows a high level of refined logic. The last time my card was hacked, five plus years ago, the charge involved an international transaction in Italy, clearly a fraud. This charge was much shrewder.
As part of my annual continuing education, I am frequently exposed to financial fraud prevention training. The training tends to be forward looking and is continually reiterating the growing sophistication level of financial fraud. Years ago, I remember thinking some of the training topics were “over the top,” but low and behold it seems like every year, within months of training, I am hearing about the types of frauds discussed being perpetrated in the “real world.”
Last year, a client in southern Florida had bank statements stolen from the mail after the hurricane. The bank statements were used to initiate online ACH transactions that continued for two months before the theft was discovered. Just recently, financial industry regulator FINRA released an alert warning about fraudsters opening fraudulent online brokerage accounts and requesting transfers of real brokerage accounts which would then be liquidated and distributed. It’s likely the fraudsters would first hack the investor’s email account, and then observe the email account quietly until an electronic investment account statement could be accessed, which would then be used to initiate the fraud.
I wish I could recommend some sort of automated service or application that could be used to prevent this type of activity, and I’m sure some exist that attempt to provide this service, but unfortunately I don’t think protecting ourselves is going to be this easy.
At this point I feel like the only viable solution is simply relentless attention. Text alerts are a great tool which helped me, but I still go through my credit card and bank statements line by line every month. Tax time is also a time when a lot of financial information circulates through the mail and email. Now would be a great time to develop habits that make each of us our own best sentinel, and if any reader ever needs a “smell check” on a strange transaction or email, please don’t hesitate to reach out to me for an experienced second opinion. We are all in this together.
The opinions voiced in this material are for general information only and are not intended to provide specific advice or recommendations for any individual. Stock investing includes risks, including fluctuating prices and loss of principal. No investment strategy can guarantee a profit or preserve against loss. Past performance is not a guarantee of future results. This material may contain forward looking statements; there are no guarantees that these outcomes will come to pass.
Marc Ruiz is a wealth advisor and partner with Oak Partners and registered representative of LPL Financial. Contact Marc at marc.ruiz@oakpartners.com. Securities offered through LPL Financial, member FINRA/SIPC.