(MoneyWatch) Credit card fraud, particularly "card-not-present" fraud where the crook uses stolen data to buy things over the phone or via the web, is soaring, according to FICO, the credit-scoring giant that also runs fraud prevention programs for banks.
Overall credit card fraud incidents jumped 17 percent between January 2011 and September 2012, according to FICO. But card-not-present fraud rose 25 percent in that nine-month stretch.
Consumers are generally held liable for no more than $50 in fraudulent transactions, and most banks won't hold you liable for a fraudulent charge if it's reported promptly. But if a fraudulent transaction gets past your bank, you've got to spot it to get it reversed. Consumers would be wise to employ a few simple measures to protect themselves to prevent getting ripped off.
Check your statements. It takes just a few minutes to look over your credit card charges each month. If there's a charge you don't recognize, call your credit card company and ask what it is. It may be a corporate name for a company you regularly do business with. If so, you're likely to remember that and not waste your time calling again. But if the representative identifies the company and you still don't recognize the charge, the same person can tell you how to dispute the charge and potentially have it reversed.
Password-protect your phone. Consumers do a lot of things to save time, including saving passwords and authorizing automatic sign-ins at third-party sites like Facebook, email, and often bank and brokerage accounts. If you're among the growing number of people who bank by phone, this time-saving device can make you vulnerable to having your bank account cleaned out by an enterprising crook. Since phones are commonly forgotten in cabs, left unwatched on counters and desks while charging, and, of course, frequently stolen, make sure your phone (and iPad and office computer) is password- or fingerprint-protected so your accounts can't be easily purloined by a crook.
Vary passwords. Think you are safe from bank fraud because you don't bank by phone? If you use the same passwords for your email, Facebook, Twitter and other accounts as you do for your bank accounts -- or if you provide hints to your passwords by posting too much information on social media sites -- you make yourself almost as vulnerable as the person who leaves an unprotected phone lying around. Make sure that your financial accounts don't use the same passwords as your social media accounts. And watch what you share publicly.
Install security software. If you don't have security software on your computer, a visit to a malicious site could allow criminals to watch every move you make, including logging your every keystroke when you enter passwords for your bank and credit card accounts. If you use your phone to go to financial sites, the phone needs security software, too.
Beware "spear phishing." The latest criminal trend is to take personal information that you share on Facebook, Instagram or Twitter and use it to "spear-phish." This refers to crooks who send a personalized contact via email or social media that urges you to sign-in or click on a link to a malicious site. Naturally, if you bite you've just given the crook keys to your financial life. Because spear-phishers use your name and other personal data to make the contact appear more credible, it's easy to be fooled.
The simple advice is to never click on a link that you don't recognize, and certainly never "sign in" to any account from a link sent to you via email or social media. If you think the contact might be legitimate, go to the relevant site and sign in.
Meanwhile, if the link is attempting to take you to a malicious site, your security software should warn you before you get there. Don't be fooled into overriding that warning. If you think a friend sent a link to a funny site, message that friend independently and ask.