CreditCards.com

Protecting yourself

Credit card fraud hits home – my home

Fred Williams

You’d think my credit card is my best friend, judging by the amount of email it sends me.

It was getting annoying, right up to the moment when the subject line said, “Your address change.”

The email alerted me that someone tried to hijack my credit card earlier this month, bringing home the fears that have been stirred up by a string of high-profile data breaches and teaching me a hands-on lesson in fraud.

Even though I’m immersed in news about consumer data theft, it was a jolt to log into my account and see a false address and phone number. Suddenly hacking wasn’t an amorphous, computerized problem that affects other people. Someone out there had gone after me, personally.

Here’s a screenshot of my supposed new address, courtesy of Google street view, in scenic Houston. Thanks but no thanks.

8000 Cook Road Houston pic.jpg

The card company’s rep said the would-be fraudster changed the address on the account via a phone call. That means he — a woman’s voice would have aroused suspicion — must have my Social Security number and date of birth, as well as the card number. That’s what you need to hoodwink the ID verification process, according to the rep.

No bogus transactions were rung up — this time. The scammer did not even have time to request that a new card be sent to my “new” address, which was probably his next move.

But even if this attempt was nipped in the bud, my identifying details are out there, probably being traded on the hacker-fraudster underground. Maybe the next guy will be sharper, or luckier.

So after changing the card number and its associated passwords, I took the next step: filing an initial fraud alert with the major credit bureaus. The alert functions as a temporary, 90-day filter on your credit reports. Lenders can still pull your report to review loan applications. But, because the report is tagged with the alert, they are supposed to check to make sure they’re not dealing with an impostor.

There isn’t a specific set of steps that lenders are supposed to take, Rod Griffin, Experian’s director of public education, explained when I spoke to him recently about alerts. They are required to use “reasonable policies and procedures” to verify your identity before issuing a new card, or granting a credit limit increase, under the Fair and Accurate Credit Transactions Act.

“Presumably they’ll request additional identifying documents,” Griffin said, plus make a phone call to the number provided on the alert. I put my cell number on the form so lenders can double-check any applications made in my name.

How well does all this work? I’m about to find out. After getting confirmation that the alert had reached the other credit bureaus — the alerts are shared between TransUnion, Experian and Equifax, so you only have to file one — I applied for a new credit card. It’s nothing fancy, and my credit is strong enough that I should qualify for the extra account.

Will the issuer spot the alert and take extra security steps? Be extra careful and reject the application? Or congratulate me on my new line of credit, without checking that it’s really me?

I should know within 10 business days. Instead of the “instant approval” featured online, the card said my application needs additional review. That might be the result of the alert, or something else. At least the application didn’t sail through in the 30 seconds that the card’s website optimistically predicted, but I wonder how many really do.

In the meantime I am keeping an eye out. Filing the alert gave me access to one free copy of my credit report from each of the big three bureaus — in addition to the one yearly copy to which I am entitled under FACTA — so I can check those for suspicious activity.

The rep at my card company said she couldn’t guess how my identifying details got into the wrong hands. But it is safe to assume they’re out there. So from now on I’ll be paying close attention to my credit reports — and to those emails about transactions and other activity on my existing credit card. Thanks for the heads-up, buddy.

Join the Discussion

We encourage an active and insightful conversation among our users. Please help us keep our community civil and respectful. For your safety, we ask that you do not disclose confidential or personal information such as your bank account numbers, social security numbers, etc. Keep in mind that anything you post may be disclosed, published, transmitted or reused.

The editorial content on CreditCards.com is not sponsored by any bank or credit card issuer. The journalists in the editorial department are separate from the company's business operations. The comments posted below are not provided, reviewed or approved by any company mentioned in our editorial content. Additionally, any companies mentioned in the content do not assume responsibility to ensure that all posts and/or questions are answered.

  • Bennie Walton

    You should notify all creditors you do business with, and yes change password and secret answers, and particularly should you also get a new checking account number, not only your credit card number. I did all these things taking nothing for granted.

  • Jon

    Thank you so much for this post. Today my business received a suspicious phone call. The customer is trying to purchase a very large item, and using this address (8000 Cook Rd in Houston). On a hunch I googled the address plus the word fraud and found your post! Sounds like whoever this person is they are still at it, still using the same location. I would appreciate it if you would contact me so that we can get law enforcement involved. Just use my e-mail address that I provided in the field above.