I.D. theft via credit card fraud has become the single biggest headache for every user of the internet shopper. Just last month, my friend who is a Doctor had her identity stolen and one bank account cleaned out!

All this from a fake phone call from her *supposed* credit card company. She was busy, not thinking until she hung up that it seemed *odd* - and that, in hindsite, she shouldn't have answered the questions asked.

The Obvious thing is this - NEVER EVER GIVE ANYONE information about you or your finances, SSN, or DOB, address etc... OVER THE PHONE EVER.

Here is how the basic scam works; there are various deveations of course but the theives need certain information from you so some things they will ask won't change much.

Phone rings, you answer, scammer says something like:

"Good morning, I am from Visa One and am checking into a recent transaction on your credit card. Can you verify the last 4 digits of your SSN for me please?"

Example: - it really does catch a LOT of people off guard and they do tell the caller. They don't have ANY idea that it is SUPER easy to obtain ANYONES first 5 SSN digits!! The last four are much harder to obtain!!

If you answer that question; they know they have hit pay-dirt and continue on until they are either done stealing your identity or you have twigged and hang up. It is always one or the other - this is the deciding factor - right then.

When you use your credit card online, make SURE the site you use is highly encrypted; if your security warning comes up - don't use that site. All reputable websites use this encryption; there is NO reason not to! These sites also reguire the last 3 digits on the back of your card; obviously if someone does not have the card in their hands, chances are they could never know what those 3 digits are...unless you TELL THEM. This is a very good auto-I.D. thieft provention measure.

I had to keep bugging my own merchant account provider to put it in place once this technology was implemented.

Also - this is VERY IMPORTANT - unknown to so many people are these 3 FACTS about credit cards and disputing a charge. Because the credit cardagencies and the law have not caught up to the internet these days (and it applies to phoning in orders as well) - there are 3 things BY LAW that MUST BE PRESENT for a charge to your credit card to be held up as valid and purchased BY YOU. Old school rules are still the LAW.

#1 - Your signature MUST be on the original purchase receipt!!

Now we all know that can't happen with phoning in a purchase or with purchasing anything online; so right there you have every right to make a charge back! Credit card companies do NOT obviously want you to know this!!

#2 - The cashier MUST look at the back of the card and your signature to see if they feel they match; if they doubt they match, they muct ask you for supporting I.D. to confirm you are the owner of the credit card presented!

(One the phone or internet the card cannot even be swipped

#3 - THE BIG ONE - YOU, yes, YOU must be PRESENT during the transaction! It is actually laughable isn't it!? This is actually #1 on the list!

Rule1: Every sale requires both an authorization and a deposit.

Rule 2: Always note the Authorization Code.

An Authorization Code indicates that the cardholder has the credit to pay for the purchase. This assures you of payment, as long as

• A valid card was used by the authorized cardholder.
• The cardholder (not someone else) has signed a sales draft.
• The signature on the sales draft was matched against the signature on the back of the card.
• You have proof that the card was present ( a receipt created by your printer as the result of a magnetic stripe read, or an imprint of the card created by your imprinter). You won't have this for mail-order, telephone-order, etc., increasing the risk.
• The transaction is not disputed later by the cardholder. (If this happens, you'll have to fight for your money through the chargeback process.)

Now...there are those who will dispute this; however, nevertheless, it is true. I am sure the laws will catch up eventually - but right now - still in 2008 - they have not.

For the merchant this is really a raw deal as the below from the FTC can never apply:

Make sure that the credit card is from the legitimate cardholder... not just someone who knows the card number, or has stolen the actual card Verify signatures (face-to-face transactions) on the card and on the receipt signed by the customer Take special care with non-magnetic transactions like telephone orders, mail orders or Internet orders. If applicable, use the Address Verification System and verify the Security Codes (also known as "Validation Codes") on the card (this prevents many pass-through fees). Obtain a signed receipt from the cardholder and, if applicable, a signed proof of delivery from the shipper for delivered goods. Protect your merchant ID and terminal ID so no one submits transactions without your permission.

So - the risk is not only for YOU but for the merchant as well. MANY people buy something online and get it; then turn around - write their credit card company and tell them -->

A) - They never Ordered the goods or service to begin with (Prove I did!)

B) They never Received the goods or service (NO shipment tracking and especially difficult with a service)

So...as you can see - this is a really big mess and not one that will be getting cleaned up anytime soon - if ever.