6. Credit card frauds

Posted on by Raghu Unnam
Credit card frauds

Credit card fraud refers to the unauthorized use of someone else’s credit card or card details to make purchases or withdraw money. It is a type of financial fraud and a cybercrime, often involving identity theft, phishing, hacking, or physical card cloning.

In the digital age, many of these crimes happen online through e-commerce platforms, mobile apps, or malware.

Types of Credit Card Frauds

  • Card Not Present (CNP) Fraud
    Occurs during online or phone transactions where the physical card is not required.
  • Phishing or Vishing
    Fraudsters trick users into revealing their card details via fake emails, messages, or phone calls.
  • Skimming
    Use of a hidden device to copy data from the magnetic strip of a credit card during a swipe.
  • Data Breach
    Hackers steal credit card information from compromised websites or company databases.
  • Carding
    Automated use of stolen card data to test which ones are still active for making purchases.
  • Lost or Stolen Card
    Physical possession of the card by someone who uses it without the owner’s consent.

How Credit Card Frauds Happen Online

1. Fake Websites or Shopping Portals

Fraudsters create websites that mimic legitimate e-commerce platforms or banking sites. These fake sites:

  • Offer deals that are “too good to be true”
  • Prompt users to enter their credit card details for payment
  • Steal the information once submitted

Example: A phishing website pretending to be “Amazon” offering huge discounts, then harvesting your card data.

2. Insecure Payment Gateways

Not all payment gateways use encryption or proper security protocols. On such sites:

  • Card details may be transmitted in plain text
  • Hackers can intercept this data using Man-in-the-Middle (MitM) attacks

How to identify: Sites not using HTTPS or having expired security certificates can be risky.

3. Keyloggers or Malware on Infected Computers

Keyloggers are malicious software that secretly record what you type on your keyboard, including:

  • Credit card numbers
  • CVV codes
  • OTPs

These are often installed through:

  • Fake software downloads
  • Email attachments
  • Infected USB devices

4. Public Wi-Fi Networks

When you access the internet on open or unsecured Wi-Fi, attackers can:

  • Intercept your data using sniffing tools
  • Access your browser sessions and capture payment details
  • Even redirect you to fake websites

Tip: Avoid entering sensitive info like card details while using public Wi-Fi in cafes, airports, or hotels.

5. Fake Mobile Apps Posing as Banking Apps

Cybercriminals create apps that look exactly like legitimate bank or payment apps. These apps:

  • Trick users into logging in and entering card details
  • Send this data to attackers in real time
  • May also access SMS to steal OTPs

Prevention: Only download apps from official app stores (Google Play, Apple App Store) and verify the developer name and reviews.

Legal Provisions in India

Under the Information Technology Act, 2000:

  • Section 66C: Punishes identity theft including fraudulent use of card details
    Penalty: Up to 3 years imprisonment and/or ₹1 lakh fine
  • Section 66D: Punishes cheating by impersonation using electronic means
    Penalty: Up to 3 years imprisonment and/or ₹1 lakh fine
  • Section 43: Deals with data theft, unauthorised access to computer systems
  • Section 72: Protects privacy; penalizes disclosure of information without consent

Under the Indian Penal Code (IPC):

  • Section 420: Cheating and dishonestly inducing delivery of property
    Penalty: Up to 7 years imprisonment and fine
  • Section 379: Theft
  • Section 468/471: Forgery and use of forged documents

Preventive Measures for Users

  • Don’t share card details via email, phone, or message
  • Use OTP-based or tokenized payments wherever possible
  • Avoid transacting on public Wi-Fi
  • Enable SMS and email alerts for all card activity
  • Regularly monitor card statements
  • Use secure and reputed websites for shopping
  • Never save card details in browsers or third-party sites unnecessarily

What to Do If You’re a Victim

  1. Immediately block the card via bank’s helpline or mobile app
  2. Inform the bank and file a complaint
  3. Report to Cyber Crime Cell at https://cybercrime.gov.in
  4. File an FIR with the local police station
  5. Keep a record of all communications for legal support

Related Posts

23. ‘DIPCART” an E-commerce firm situated in Bangalore deals with consumer goods like mobile phones and other digital products. Basing upon the advertisement given by the ‘DICART n the internet, a number of people purchased mobile phones from the E-commerce firm. One Mr. X from Hyderabad received a defective mobile phone from the same lodge a complaint in consumer forum. Discuss whether Hyderabad District Consumer Forum has jurisdiction to entertain the complaint.

1. Facts of the Case ‘DIPCART’ is an e-commerce company based in Bangalore, Karnataka, dealing in digital products, including mobile phones, tablets, and accessories. The […]

Leave a Reply

Your email address will not be published. Required fields are marked *