Although safeguards have been enacted to catch most of these types of fraud, they’re often defeated by a combination of lax security and clever crooks who know how to work around them.
One of the those safeguards is the addition of three-digit security codes (known as CVC2 or CVV2 codes) to every Master Card and Visa card, codes which are indent-printed in the signature panels on the backs of the cards but are not encoded in the magnetic stripes and do not print on sales receipts.
In this case the scammers’ target data are the three-digit security codes found on the back of Master Card and Visa cards.
Just as the Internet and other technologies have greatly expanded the possibilities for making credit card purchases without the need to physically present a card to the seller, so have they created additional opportunities for identity thieves to make profitable use of purloined credit card numbers.
It worked like this: Person calling says, “This is Carl Patterson (any name) and I’m calling from the Security and Fraud department at VISA. Your card has been flagged for an unusual purchase pattern, and I’m calling to verify.(Visa did not add CVV2 codes on all their credit cards until 2001.) She also reiterated that Master Card would not ask a cardholder to disclose security codes or provide any information verifying physical possession of a card; any such inquiries regarding security matters would come from the financial institution that issued the credit card, not from Master Card itself. — Unfortunately, neither Master Card nor VISA would provide us with any statistics regarding the specific scam described here or confirm any actual instances of its occurrence (other than to note that using the telephone to trick cardholders into divulging their security codes is a type of fraud that has been occurring for several years and is ongoing).However, numerous readers have informed us they’ve received calls from persons identifying themselves as fraud investigation agents and asking for sensitive personal data, so (even allowing for the possibility that some of those calls were actually legitimate) we’d have to say anecdotal evidence indicates this scam is still being perpetrated, if only infrequently.It also assumes the scammer already has the names, addresses, phone numbers, and credit card numbers (plus expiration dates) of his victims, but that information might be obtained in a variety of ways (such as breaking into and stealing customer data from merchant web sites).Whether the same scammer could process more than a handful of phony charges before complaints caused his merchant account to be shut down is problematic, though, and most credit card issuers now have checks in place to prevent the shipping of merchandise to anywhere other than the card’s registered billing address and other “card not present” (CNP scams). — We talked with a representative of Master Card, who told us that although she couldn’t verify the specific details of the message reproduced above, this type of scam does occur and isn’t new; it’s been going on ever since Master Card started putting CVC2 security codes on all its cards back in 1997.5) Is the criminal activity described in the warning something the average person might fall victim to?