Law enforcement weighs in on financial fraud
by Mark Andrews
Jan 01, 2014 | 1028 views | 0 0 comments | 11 11 recommendations | email to a friend | print
The Associated Press last week reported customers’ PINs were sought after during the recent Target security breach, which resulted in information being stolen from millions of customers. While Cartersville Police Department Public Information Officer Capt. Mike Camp says the city hasn’t dealt with reports of individuals dealing with their financial information being jeopardized while shopping a particular business, credit and debit card fraud aren’t uncommon occurrences.

“Most of what we deal with is someone discovering their credit card had been used, either from somebody outside of the county that their credit card was used here or [a local resident] discovers their credit card had been compromised and used somewhere else,” Bartow County Sheriff’s Office Public Information Officer Sgt. Jonathan Rogers said.

Both Cartersville and Bartow law enforcement said in years past skimmers have been used to gather credit and debit card information, but it often is difficult to determine exactly how someone’s credit or debit card information was acquired.

According to a press release provided by the Better Business Bureau, card skimming scams “involve attaching devices to money machines that read the information on your debit and credit cards when you swipe them. When combined with a nearby concealed camera to record your personal identification number (PIN), the thieves can get everything they need to drain your account or to make unauthorized purchases. In addition to using the information directly, thieves may sell your information to others.”

“Typically [the situation is] ... somebody got [a victim’s] credit card number through some sort of transaction and someone started charging to their accounts. Or, say somebody’s car got broken into and their purse or wallet was stolen and then, of course, [a criminal] gets their card,” Camp said.

Rogers said it is possible a skimmer could have been used, and quickly removed, in recent crimes.

“It just seems to be so random of a crime that someone could be targeted for one account and never targeted again, and then again, you may have somebody who is targeted over and over and over for some type of credit card fraud,” Rogers said.

He also said there is the possibility a black market exists for those who seek to obtain another person’s financial information. Camp reiterated that statement.

“Last year we had one instance where people were getting credit cards coming to people and they were activating them and it was all tied in with tax refunds and so forth, but we have not dealt with anything like a company with their credit card data being hacked,” Camp said.

Rogers said there are practical steps one can take to help deter instances of financial fraud.

“I think the two single most important things are to keep your card with you at all times, know where it is, and to monitor your account at least every day that way, if you catch fraud early, a lot of times your bank will work with you on crediting the money back to you or you have less of a chance being targeted for a big amount,” Rogers said. “[Criminals] usually go for a small amount first to see if it works then go for a bigger amount.”

Both Camp and Rogers said if one suspects their financial information has been jeopardized, it is important to first contact the financial institution in question then file a report with either the BCSO or CPD.

For Target customers

In addition to the encrypted PINs, customer names, credit and debit card numbers, card expiration dates and the embedded code on the magnetic strip on back of the cards were stolen from about 40 million credit and debit cards used at Target stores between Nov. 27 and Dec. 15.

Security experts say it’s the second-largest theft of card accounts in U.S. history, surpassed only by a scam that began in 2005 involving retailer TJX Cos.

“We remain confident that PIN numbers are safe and secure,” spokeswoman Molly Snyder said in an emailed statement Friday. “The PIN information was fully encrypted at the keypad, remained encrypted within our system, and remained encrypted when it was removed from our systems.”

However, Gartner security analyst Avivah Litan said Friday that the PINs for the affected cards are vulnerable and people should change their codes since such data has been decrypted, or unlocked, before. In 2009 computer hacker Albert Gonzalez pleaded guilty to conspiracy, wire fraud and other charges after masterminding debit and credit card breaches in 2005 that targeted retailers, such as T.J. Maxx, Barnes & Noble and OfficeMax. Gonzalez’s group was able to unlock encrypted data. Litan said changes have been made since then to make decrypting more difficult but “nothing is infallible.”

“It’s not impossible, not unprecedented (and) has been done before,” she said.

Besides changing your PIN, Litan says shoppers should instead opt to use their signature to approve transactions because it is safer. Still, she said Target did “as much as could be reasonably expected” in this case.

“It’s a leaky system to begin with,” she said.

Credit card companies in the U.S. plan to replace magnetic strips with digital chips by the fall of 2015, a system already common in Europe and other countries that makes data theft more difficult.

Minneapolis-based Target Corp. said it still is in the early stages of investigating the breach. It has been working with the Secret Service and the Department of Justice.

— The Associated Press contributed to this article.