You and Your Credit Card

Credit cards can be convenient and reliable, but sometimes, you’re much better off if you just leave yours in your wallet. The following “don’ts” apply to online and offline occasions when you’re tempted to pull out that piece of plastic.

  • If you don’t see the letters https as the first letters in the address bar of a website’s URL, don’t use a credit card. https is the universal protocol for secure communication over a computer network on the Internet. However, don’t blindly trust this. A scam website or scam merchant can obtain https certification, so be sure it’s the correct website before you type in your info. As an alternative, you can use PayPal if it’s presented as an option.
  • If you don’t see any online reviews of a merchant, consider that a red flag. If you see a merchant with no or few reviews while shopping on a site like Amazon, it’s a caution flag. While you assume they were vetted, they could have slipped something through the process. Some other things that shouldn’t be missing from a website are social media accounts, though there are Facebook marketplace scams. Be wary if you don’t see complete, verifiable physical addresses and telephone numbers.
  • Don’t put your credit card info into an email, especially if responding to an email. It could be part of a phishing campaign. We’ve written extensively on how responding to misspelled email addresses or URLs are ways to get you to provide a valid card number to a fraudulent operation. You’re actually better off giving your credit card to someone over the phone – but only if you initiated the call. A valid merchant uses a system that only retains the last four numbers of your card.
  • Going offline, don’t allow a merchant to take your card out of your sight. Who knows what they’re doing with it? More restaurants are processing your credit cards at your table. It’s all the same “trust but verify” thing.

If you’re a consumer, you likely know just about everything we discussed in our “don’t do” list.

If you’re a merchant, we can help you keep your credit card system secure by providing you with hardware and software systems that comply with all regulations. We can also help you get the proper https certification you need for your website. Call us – 973-433-6676 – or email us for an appointment to talk about it.

The Great Credit Card Conundrum

We rely on credit cards and other cashless forms of payment as business owners and consumers. As a result, we roll points, cash-back schemes and fee schedules into decisions about what we use and what we accept. We have our thoughts, but what are yours?

Here are ours.

We’re seeing more fees as a business and as a consumer. As a business, we can absorb fees on small amounts, but for large amounts, the fees are too large. In one recent month, we collected $4,300 in credit card sales and paid almost $67 in fees. We realize there’s a convenience factor that makes sense for us to pay the fees. We don’t have to spend time (which has a cost) to stamp checks and then use a mobile banking app to deposit each check. We can take the stamped checks to the bank, but that’s travel time. If you have a business, what role do fees play in your decision about whether to take a credit card?

Of course, if you have a business with walk-in traffic, you can get a break on fees. But that only works up to a point. For example, if you buy a car for $35,000, it would be nice to pay with your credit card and earn points or cash back. But if you’re the car dealer, you’ll absorb fees in the neighborhood of $1,000. Neither party in that deal benefits; only the bank benefits. How do you navigate this as a consumer or business?

Many nonprofits ask you to absorb the fee when you make a donation. Do you check the box to pay the fee?

In your business, do you prefer an alternative to credit cards, such as an ACH or a check? One benefit of taking a credit card is that can streamline your accounting system.

As a consumer, do you sometimes balk at putting your credit card number on the internet when you buy online or over the phone? If you’re afraid of having your credit card info exposed to hacking by entering your card on a website or giving it out by phone, you should know that a transaction in a store or office involves using the internet, and someone in that chain can be hacked.

You should also know that anyone who takes your credit card number by phone is NOT allowed to write down the full card number. They should be entering it on another website that will display only your last four numbers once it’s verified.

We are seeing one advance in using credit cards – or their numbers – in restaurants. We’ve never liked the fact that servers take your card to a location you can’t see to enter your card info. That disappearing act is the most serious threat to your card’s security. Having your server process your card at your table is better, but then your server is standing over you while you decide on the tip. That’s uncomfortable.

A better solution involves the use of your phone. When your server presents your bill electronically, there’s also a QR code you can scan. That puts it all on your phone. If you are set up to pay through your phone, you can add the tip and pay the bill without ever pulling out your physical wallet.

As we move farther into a cashless society, we can help you – as a business or consumer – to set up your technology to be more efficient and secure. And we can answer any questions you may have about how to use what you already have. Give us a call – 973-433-6676 – or email us.

Holiday Security Alert

Holiday Security Alert —
Scammers love chaos, and they are in heaven this holiday season. With shortages and high prices sending everyone scrambling for gifts while we dash to the end of the business year and try to make plans to see family and friends, scammers have an abundance of opportunities to find a weak spot in anyone’s online armor and penetrate for all you’re worth. Here are our steps to stop the scams.

Continue reading

Finding and Thwarting Scammers

We helped a client recently resolve a personal financial issue that involved online banking and credit cards. The story illustrates some of the dangers we face in our online world. We can’t run away or hide from those dangers.

Those of us with aging parents face a gut-wrenching dilemma. Without getting involved in anybody’s specific family dynamics, we want our elderly parents to remain independent (as much as they want to be independent), but we also know they are more vulnerable to scams because they tend to be more trusting. Their vulnerability becomes even greater as they use technology more.

This story started with a credit card issued by BP, the gasoline retailer, and money that started to disappear from our client’s mother’s account through Synchrony, a bank that has close ties to Amazon and is used to finance merchant accounts. Our client manages the finances for his mother, who is in her 90s and lives in an assisted living facility. A gasoline credit card was odd because his mom stopped driving four years ago. That raised one red flag. Synchrony raised another.

We surmised that someone that someone was able to hack his mother’s bank account and then created a way to use her info get the credit card and create the transfer portal. In all likelihood, they found a piece of junk mail with the credit card offer and used it to do their dirty work. No email was involved. The credit card had a balance of $1,500, even though he had no knowledge of the card being used. So, he made a $200 payment and saw the balance transferred to what looked like a debit card. He also changed the bank account, but the connection was still there.

When our client wondered if his mom’s account had been hacked – and if any others had – we told him to investigate. He changed the bank account again and told us he was worried that his other accounts at the bank might be affected. In addition to his mother’s account, he had a personal account and one for his business. All were online. Fortunately, the scammers never got there.

To protect the money for the three accounts, our client created a sweep account in his wife’s name for personal use. This enabled him to clean out the accounts he was worried about on a daily basis to keep it safe.

At the same time, he had to send letters to the banks involved to cancel the credit card and close all the bogus accounts and open new accounts. None of this activity tied his mother’s taxpayer ID number to any of the accounts. Had there been a connection, the scammers could have done much more damage.

But it all started with the low-hanging fruit – that credit card offer that anyone could send in. The same problem can come from those “checks” you get in the mail that are really loans. Anyone can use them, and it can hurt you if your name is on the “check.”

Our advice: Pay as much attention to physical pieces of mail as you do to email. Don’t throw those offers in the trash or recycling bin. Shred them or cut them into tiny pieces that can’t be reassembled. At the same time, keep your online presence secure and check your financial info regularly to spot anything that looks out of order.

We can help you with a security audit and we can explain the technology behind various security measure you can take. Call us – 973-433-6676 – or email us to set up a consultation and implement a program.

CAVEAT EMPTOR!!!

“Buyer Beware!” is a more important warning than ever before if you’re buying phones, computers, tablets and other electronic devices online. We all like online bargains, but the looting that took place as peaceful demonstrations fell apart will put a lot of stolen goods on the market. It’s a fact of life – not a political or social statement. Here’s what you need to know.

First, mobile phones, tablets and computers have built-in tracking. If the merchant from whom the devices were stolen reports the identifying information to the manufacturer, a message can be displayed as soon as the device is connected to any kind of network. It will tell the user that the device is stolen and cannot be put into service.

Second, in all likelihood, if you bought tainted goods on the internet, you bought it from a less-than-reputable seller, which means you won’t get any support from the manufacturer or a cellular network carrier. We can’t say for sure, but a manufacturer or merchant who knows where a stolen device is could initiate action to get it back.

Third, if you used a credit card, your account information is now in the hands of people who can monetize it at some point.

In short, you’ll have no consumer protection, and you could have a lot of liabilities. That puts the onus squarely on you to make sure you visit only legitimate merchant websites and buy from legitimate sellers.

Everyone can expect to be bombarded with offers from sellers, legitimate or not. We’ve been bombarded for years. Some offers come through phishing expeditions, which can look legitimate but may have one slight change from a seller that might be familiar to you. You might see an ad on a website, and that can be a tough call. Huge businesses have been built – legitimately – by tracking your browsing history and then sending you ads. It’s easy for a “fencing” operation to set up a website that has every appearance of legitimacy.

Our advice is simple. Only click on links that you are 100 percent sure are legitimate websites. Only buy electronics from legitimate sources. They may be well-known retailers as well as vendors vetted and supported by services such as Amazon. You can be reasonably assured you are getting a legitimate product and that your credit card information will be properly protected. And if your product is defective or not what you expected, you should be able to exchange or return it within a clearly stated policy.

If you have any questions about a product you’re shopping for, don’t hesitate to ask us about its properties or things to look for in a seller. Call us – 973-433-6676 – or email us if you have any questions.