When identity theft becomes standard operating procedure

After discovering this fraud, the CIO called his credit card company to report the incident and get new cards. To his surprise, the card merchant said they didn’t normally cancel old cards and issue new cards until three separate fraud incidents were reported. Are they kidding? One isn’t enough? Apparently not; the friendly credit card representative said that one fraud incident could have been a mistake.

The very Italian CIO replied that his name wasn't John Smith, and it was highly unlikely that someone accidentally used his card, name, and CV number. He asked if he could at least have free credit history reporting. They said no. The representative replied that he had a “zero liability” card and he wouldn’t be on the hook for the fraudulent charges anyway.

What about the lost hours of productivity and personal time, and emotional stress he has to go through wondering if his card will ever be used again? What if the thief spends up to his credit limit and the next time the CIO goes to make a legitimate purchase, he gets declined? As a frequent traveler, he could be in a foreign country when his card gets declined and stuck there until he comes up with an alternative payment method. Zero liability doesn't mean zero hassle.

After hearing this story, one of the CIO's employees piped up with his own recent credit card fraud misadventure. His wife’s credit card was used fraudulently to purchase more than $5,000 of goods. The theft was only noticed because the couple realized that they hadn’t received a billing statement for two months. They called the bank and learned of the fraud: The thieves had stolen their credit card information, made purchases, changed their account’s mailing address, the e-mail address, ordered supplemental cards, and successfully extended the credit limit twice. These are common credit card fraud techniques. How long would you go unbilled before calling your credit card company?

The fraud could have been noticed a lot sooner if the merchant company sent a proactive notification of change of address or account information to the old mailing or e-mail address. But I guess that’s asking too much.

This time, though, the company canceled his wife’s stolen card and gave her free credit card monitoring service. Because the CIO's employee had the same type of card (only one number off from his wife’s card) and his account was opened at the same time, he asked if he could cancel his card, too, and get monitoring service. No dice.

These are examples of savvy credit card users trying to take proactive steps to prevent further credit card fraud, and the very companies that are supposed to protect them, at best, don’t have the same level of concern as their customers. At worst, they are indifferent to their customer’s plight.

On the other hand, both men canceled their credit cards with those merchants. In the end, the customer always has the final say.