How to beat online card fraud editor Clare Francis speaks with credit cards expert Steve Willey about the growing number of online card fraud and offers tips on what you can do to prevent it happening to you…


Chip and Pin was introduced in a bid to combat credit and debit card fraud. But latest figures from APACS, the UK’s payments association, revealed that card fraud is soaring as criminals seek to target consumers in other ways.

Losses from online banking fraud leapt 132% last year from £22.6m to £52.5m. Identity theft is also a growing problem - it cost the industry £47.4m in 2008. But by far the most widespread problem is card-not-present fraud. This includes online, telephone and mail order transactions, and it cost the banking industry a massive £328.4m.

So with more and more of us shopping and banking online, what steps should we be taking to protect ourselves and to minimise the risk of us falling victim to criminals?

Last summer, we published some tips from Steve Willey, one of’s credit card experts. They remain as valid now as they were then, so here’s what Steve recommends.

Steve Willey:

Tip 1:

Firstly make sure that you’re using websites that we call “trusted websites” - known brands. If you’re unsure my recommendation is just don’t use them. Quite often you’ll see a website which says it’s a secure website – just check that the padlock is showing in the bottom right-hand side, and also that it says ‘https’ at the top in the unique address bar.

Tip 2:

So many times we see in our forums people saying ‘What do I do with my details? I can’t remember my passwords – I just write them down and put them in my wallet or my purse’. Well the first thing is if that gets stolen, somebody has access to all your records. What’s very, very clear is that people use the same password for all of their websites, just because it’s easier to remember.

So some key things you can do are obviously to use different usernames and different passwords, but also to change your passwords and I recommend you do that at least every 90 days

Tip 3:

Make sure you use up-to-date web security. There’s a number of applications out there now which protect you - firewall, anti-viruses and all those kind of good things we hear about in the press every day. So people like McAfee, Norton, Kaspersky all have some great products at very low prices that you can just put on your PC and ensure that your computer is protected.

And what they do is they employ some pretty advanced technology which identifies things such as phishing websites – that’s phishing with a ‘ph’ and not an ‘f’ – and they are spoof websites or spoof emails supposedly from the banks or companies that you use such as eBay, to actually get hold of your details, so they’re very, very useful for identifying those types of things.

Tip 4:

A lot of the current account providers are sending out card readers, so that when you access your account for certain transactions such as transferring money, they will actually ask you to put your debit card or credit card into the card reader and enter a secure code into your bank account details, and then your transaction can be processed.

An alternative is what’s called MasterCard’s Secure Code, or Verified by VISA. Now what this is is a way or a means of providing an extra layer of security while you’re shopping online. The way this works is most of the credit card companies in the UK now have this facility. Go to their website, you’ll see a sign – if you have a VISA card it will be ‘Verified by VISA’; if you have a MasterCard its MasterCard’s Secure Code – sign up for the service where you register for an additional password.

As you’re shopping online, if the merchant is signed up to that programme as well they will actually serve you a little box that appears and says ‘enter your secure code here’ – you enter your additional secure code, which is only known to you, and therefore you are protecting your transaction and your identity at a level further.

Without that information, a fraudster who may have compromised your card details will not be able to actually continue with the transaction, so it’s a great way of preventing online fraud.

Tip 5:

If all those measures have failed and you think you’ve been the victim of either identity theft or frauds and you [don’t] recognise transactions on some statements, the first thing to do is contact your bank. Tell them what’s going on, that you believe transactions are fraudulent, and get them to take things up on your behalf.

CF: So even though instances of online fraud are on the up, there are some simple steps you can take to reduce the chances of you falling victim to it. If you have got any advice you could offer to help on this matter, or perhaps you have been a victim of such fraud yourself, then why not visit’s forums and share it with other members?

Did you enjoy that? Why not share this article


Other articles you might like

Popular guides