As more Filipinos turn to cashless and online transactions during this pandemic, credit card fraud cases in the Philippines continue to increase as well. According to the Credit Card Association of the Philippines, there has been a 29% surge in credit card fraud cases. This figure is alarming and clearly a testament that cybersecurity in the country needs further strengthening.
Nevertheless, it’s also your duty to protect yourself from fraudsters. Being vigilant over your card’s activities is the number one thing that you should always do. It sounds simple, but some people are actually too lax when it comes to using their credit cards.
There are a number of precautions that you can take to keep fraudsters at bay, perhaps the most important of which is arming yourself with knowledge. Read our comprehensive guide so you won’t be a victim of credit card fraud in the Philippines.
What is Credit Card Fraud?
Credit card fraud happens when a fraudster uses your credit card (or debit card for that matter) to make purchases or get cash. Technically, it’s a form of identity theft since criminals use your personal information and credentials to initiate transactions.
Common Credit Card Frauds in the Philippines
Banks and credit card institutions have come up with new methods to prevent unauthorized card usage.But you have to realize that fraudsters are also getting more creative and resourceful. With that, you need to know the different modus operandi of these criminals, which in turn will give you an idea of how you can protect yourself. Here are some examples of credit card frauds that you need to watch out for.
1. Lost or Stolen Card
While seemingly old-school, stolen or lost credit card fraud still happens these days. This occurs when a perpetrator uses the card that you’ve dropped, misplaced, or lost somewhere. It also happens when the fraudster steals the card from you.
2. Account Takeover
Just like the name suggests, this is the scheme where fraudsters manage to take over your credit card account. To do just that, the criminal contacts your bank or credit card company and uses your personal information to access and change your PINs, mailing addresses, passwords, and other crucial details. Once the perpetrator has successfully changed these important details, they can then use your card to make unauthorized transactions.
Fraudsters use skimming devices to clone credit cards and then use the counterfeited cards to make unauthorized purchases on your account.
3. Collusive Merchant
This happens when merchant employees work with fraudsters to defraud banks and customers. They usually swipe the card twice; once through the payment terminal and once through a skimming device that collects all data from the card. After which they sell your stolen data to fellow fraudsters on the “dark net”.
4. Card-Not-Present (CNP) Fraud
This type of credit card fraud can be perpetrated against you if the account number and expiry date of your card are known. It may be by way of mail, phone, or the internet, and does not require your physical card to be present, unless the merchant requests the card verification code.
To ensure the card works, fraudsters may attempt to process a small transaction first. These types of charges are not that noticeable, but they are often the start of a major fraud attempt.
5. Card Replacement Scam
Fraudsters will claim to be bank personnel and ask you to surrender your credit card for their personal gain. They will notify you via SMS, email, or phone call that you are entitled to a lifetime free membership or an increase in credit limit, or that your credit card has been used for a fraudulent transaction.
6. Skimming or Credit Card Cloning
Fraudsters place a skimming device at ATMs that capture the data from your card’s magnetic stripe. Aside from the skimming device, a small camera is also sometimes placed on the ATM that will capture PIN key-ins. Data that’s been captured from your credit card will then be printed onto a fake credit card.
Usually, fraudsters will send official-looking emails that look just like the legit emails from your bank or credit card company. They will ask you to urgently update your information or else your account will be deactivated. Sometimes, it’s an email notification about an unauthorized transaction in your account. The goal is to get you to click on the link in the email and get your personal information.
This is more commonly known as voice phishing. Fraudsters will call you on the phone and pretend to be someone working for your bank or credit card company. They will trick you into revealing personal information and credit card details over the phone.
Spoofing involves the creation of websites that look legit and professionally made. But these websites are actually set up by scammers to trick you into giving your important personal details. You may stumble upon a spoofed page when you click on a link on an unsecured site that you’re visiting. In other cases, links to spoofed websites are included in fraudulent emails and text messages.
11. SIM Swapping
SIM swapping is a form of fraud where the perpetrator steals your phone number and assigns it to a new SIM card. Once the reassignment of the mobile number is successful, the fraudster can take over your credit card account. To understand better how it works, here’s how it usually happens:
- This fraudulent act starts when the criminal gets a hold of your contact details, normally through phishing.
- The criminal will impersonate you and will then visit or contact your mobile service provider, reporting that your SIM card or phone is lost or damaged.
- If the criminal manages to convince the mobile service provider, they will be given a new SIM with your number reassigned to it. At this point, your SIM card may get disconnected from your mobile service provider.
- Once the criminal has your mobile number, they can freely use your credit card since they already have control over your one-time passwords (OTPs) and other security features.
This is what happened to a credit cardholder who fell victim to this scam and got charged PHP 1.7 million in just 2 hours.
12. Dating Fraud
In this scheme, scammers usually invest time in building a romantic relationship with their victim before they launch their final attack. The criminal usually creates fake social media or dating site profiles to find their victims. Once the romantic relationship has been established, the scammer will get the victim to share their personal information, such as credit card details, passwords, and the like.
Security Measures to Prevent Credit Card Fraud
Credit cards in the Philippines now come with EMV which provides protection for cardholders and acts as a deterrent for hackers and fraudsters. However, this does not mean that you should stop being careful where you swipe or where you leave your credit cards. Here are some tips to avoid being a victim of credit card fraud.
1. Make Sure to Sign Your Credit Card
This applies to credit cardholders who have just been issued new credit cards. Merchants check the affixed signature at the back of the credit card as part of their security precaution. The signature on the credit card should match the signature on the sales receipt.
2. Consider Your Credit Card as Cash
It may be a plastic card, but it's more valuable than that. With that said, keep it secure inside your bag or wallet. Credit card fraud happens when you let your card out of your sight, or when you let your guard down.
3. Don't Put Your Credit Cards in One Location
Having all your essentials in one place is good practice, but sometimes it can be a big headache, too. Especially if you misplace it, lose it, or get it stolen. This is why it's ideal to keep your credit cards separate from your wallet. If you lose your wallet, you only have one credit card to report. Also, if you own several credit cards, just bring one with you and have the rest kept in a safe location at home.
4. Shred Anything With Your Credit Card Information On It
While most fraudsters aren’t wholly intrepid, there are those who are perfectly willing to go dumpster diving for old credit card billing statements to acquire information. This is why it’s ideal to shred your billing statements once you’re through with them. And if you want to hold on to them for record purposes, make sure that they aren’t easily found.
5. Don’t Sign Blank Receipts
If you get a credit card receipt with blank spaces, strike through those spaces, or write ‘PHP 0’ on the space before signing. This means that you do not authorize any further transactions other than the one already carried out.
6. Check Your Credit Card Statements ASAP
This way, you can spot any fraudulent or unusual activity on your credit card and report it to your bank immediately. Most fraudsters don't always make huge and noticeable transactions. Not at first. But they will keep using your credit card until you check your credit card balance, report the unauthorized transactions, and block the card.
7. Be Wary of Phone Transactions
If you’re in a conversation with someone claiming to be calling on behalf of your bank, it’s best to not engage. Banks will not call and ask for your personal information, unless you initiated the call yourself.
8. Don't Lend Your Credit Cards
As the credit cardholder, you are the only authorized user of the credit card. You are responsible for it, and you pay for all the charges incurred on it. If someone with ill intent borrows your credit card, they can get all your credit card information and use it for their personal gain.
Read more: 8 Credit Card Mistakes to Avoid
9. Always Keep Your Credit Card in View When Paying
Never lose sight of your credit card, especially when paying at restaurants, supermarkets, or gas stations where you usually hand off your card to the cashier. Make sure that your credit card is swiped correctly and there are no other unnecessary items on the counter or people near the counter that can capture your PIN or credit card info.
10. Never Post Credit Card Details Online
This is like an invitation to be a victim of credit card fraud. You never know who's lurking on your social media feed, so don't post your personal and financial information. Whether it's an intentional or accidental posting, remember that fraudsters are very good at finding missing digits on credit cards, guessing credit card expiry dates, and locating credit card issuer ID numbers.
11. Only Shop at Trustworthy Websites
When online shopping, only shop at websites that you trust and show the gray padlock symbol (Site Identity button) to the left side of the address bar. This means that everything is encrypted and you are connected securely to the website.
A gray padlock with a yellow triangle warning or a red strike over it means you should not send sensitive personal information on the site because the site is only partially encrypted.
12. Review App Permissions on Your Mobile Device
Some apps can be harvesting your data without you even realizing it. Check your mobile app permissions one by one. Delete apps whose privacy and security policies don't make sense, and regularly perform a scan for viruses and other vulnerabilities on your device. While you're at it, invest in legit protection software for your gadgets as well.
13. Use Your Card Only at Trustworthy Locations
Only use your card at ATMs and other locations that are secure and trustworthy. For instance, it’s much wiser to use an ATM inside a mall compared to an external ATM without even a security guard in sight. Malls and reputable stores are now using EMV technology to keep hackers from using skimming devices.
14. Avoid Using Public Wi-Fi When Paying Online
Public Wi-Fi may be tempting, but it’s not recommended for financial transactions. Since it’s unsecure, hackers may use it to access your sensitive data. Should you need to accomplish a finance-related task in a public space, switch to your mobile internet. While you’re at it, make sure that you’re doing it within a private area. If it’s okay to delay the transaction, wait until you get home.
15. Never Share Your CVV Code
The Card Verification Value or CVV is the three-digit number that proves to an online store that you actually have the card with you when you’re making the transaction. It would be unwise to share this with others, even with those you know personally. When you’re making an offline purchase, be wary of the retailer that requests for your CVV. You should never give them this number since they have no reason to ask for it.
16. Destroy Your Expired Physical Card
If your credit card expires, don’t just throw it away. You have to destroy it until the numbers are no longer recognizable or the chip is badly damaged. Just be careful as the plastic can be quite tough.
What to Do if You’re a Victim of Credit Card Fraud
If your card is lost or you think that you’re a victim of credit card fraud in the Philippines, the next steps that you’ll take are crucial for keeping the criminal from wreaking further havoc. Here are the important things that you need to do immediately:
1. Call Your Bank ASAP
If the initial evidence that you’ve gathered says that you’re a victim of credit card fraud, contact your bank or credit card company ASAP. While you’re waiting for your call to be picked up, check if your mobile banking app allows you to lock your credit card account. That way, further transactions will be prevented.
Tell the banking representative that you’ve noticed irregular transactions. The bank may cancel the existing card and mail you a new one that contains a different account number, CVV, and expiration date.,The bank will then conduct an investigation.
2. Report the Case to the Proper Authorities
Identity theft is a serious crime, so it must be reported. Thankfully, the Philippine National Police (PNP) accepts complaints of this nature via its Anti-Cybercrime Group. Here are the department’s contact numbers should you need its help:
- Telephone Number: +63 (8) 723-0401 local 7491
- Smart/Viber: +63 961 829 8083
3. Change Your Login Credentials
When you realize that you’re a victim of credit card fraud, you’ll need to exercise heightened caution when it comes to other areas of your finances. If you have other credit card accounts, check for any irregularities and inconsistencies in your records. Lock them for the time being. It’s also recommended that you change your account username and passwords.
4. Check Your E-Commerce Accounts
It’s the norm these days to let online shopping websites save your credit card information. After all, this facilitates easier payments when you shop again on the site in the future. But in the event of a credit card fraud, you need to check if your e-commerce accounts have been compromised as well. You can’t be sure how the perpetrators gained access to your credit card information, so it’s just wise to assume that they might have also gotten hold of your other login credentials. With that, change all the usernames or passwords of your e-commerce and social media accounts. Include your email as well.
5. Enable Your Bank App’s Notification Feature
Now that you’ve experienced how bad credit card fraud and identity theft could get, be extra vigilant to keep these things from happening again. If your banking app has a transactions alert feature, enable it. Usually, such a feature will let you know that certain transactions have exceeded the credit limit or that a specific purchase was made internationally. Through this, you’ll be notified of possible fraud.
6. Monitor New Transactions Through Your App
As soon as your credit card goes missing, you’ll need to monitor new and irregular transactions through your mobile banking app. If you’ve enabled your card’s two-factor authentication, you’ll easily know that someone is trying to use your credit card since the OTP will be sent to your number. Watch out for these activities even if you’ve already reported the incident to your credit card company.
Learn more about credit card use:
- 3 Cautionary Tales of Irresponsible Credit Card Use
- How to Avoid Credit Card Delinquency
- How Risky is a Credit Card Cash Advance in the Philippines?
What is the Punishment for Credit Card Fraud in the Philippines?
Cardholders will be glad to know that there's a credit card fraud law in the Philippines that will penalize counterfeiters, hackers, and fraudsters. People who commit Access Device Fraud can receive the harshest penalty of life imprisonment, with a fine of up to PHP 5 million.
Acts that fall under Access Device Fraud include the following:
- Illegal access of ATM and online banking accounts
- Skimming or counterfeiting debit and credit cards
- Producing or possessing software or hardware that can illegally access information
Republic Act (RA) No. 11449 considers the following acts as a form of ‘economic sabotage and a ‘heinous crime’.
Credit card fraud in the Philippines remains a big problem. But there are many ways you can protect yourself and your credit card data.
Fraudsters and scammers usually obtain credit card information in the Philippines through public networks. If you connect your phone or laptop to such a network, be very careful with entering your personal information.
Be careful with your credit card application as well. Make sure that you're only filling out legit online credit card application forms.
Lastly, always think before you click. If an offer sounds too good to be true, it's most likely a scam. More importantly, do your research. Knowledge is your best defense!
-  Credit Card Fraud Cases Surge 29% (Abadilla, Manila Bulletin, 2021)
-  A Scammer Withdrew P1.7 Million From My Wife’s Credit Card in 2 Hours. This is What Happened (The Philippine Star, 2021)
-  Higher penalties now await bank account hackers, credit card skimmers (Rappler, 2019)