How I managed to dodge credit card scammers

I've become a frequent target for credit card scammers. Every week, some stranger attempts to use one of my credit cards. I've mostly escaped without significant loss, thanks to the security features offered by my bank.

One Sunday, I was working on my desktop at home with my phone in front of me. In less than a minute, several transaction alerts flashed across my screen before I could even react.

All of them seemed to be from the United States. A one-dollar charge from RI*Napster | Rhapso was reversed immediately. Then came an attempt from Cloudgaming in Malaysian Ringgit, followed by charges from Netflix, Priceline and SP Boss Dog Art Dept (in PEN, Peruvian sol currency), before the bank automatically blocked my card.

It didn’t end there. I kept receiving OTPs for attempted payments at Papaya Play and TapTap. Among these, only the Netflix transaction went through without requiring the OTP.

I called the bank right away and reported the fraudulent transactions. After investigating, they refunded the amount lost in the Netflix transaction. The bank also issued a replacement card, which I wasn’t thrilled to pay for, especially since the issue wasn’t my fault.

But the scammers didn't give up. The following week, they tried to use my cancelled card for a purchase at a Daraz outlet. More attempts came in for a fast food outlet and a government transaction. That’s when I realised that the scammers could be anywhere and were likely using a VPN.

I was baffled by the sheer number of attempts and the variety of outlets and currencies used. Most of these transactions were small amounts, but it was still worrying.

A month later, another of my cards became a target. This time, the attempted transaction was from MSI*Morningstar, but my bank blocked it due to my credit card settings. I had customised the settings to allow only certain transactions, and that really helped.

Banks continually try to stay ahead of scammers with regular awareness campaigns. One common tip is not to click links from unknown sources. But the problem is that these messages often look like they come from trusted sources. The scammers’ fake pages that look exactly like the original.

So how do you spot it? Click on the email address of the sender, and it will reveal the true identity. A fake one might look like it’s from a legitimate source, but the domain will often be a dead giveaway. So, always check before you click.

Cyber-attacks have truly become a crime of the times. We live in an era where technology allows criminals to steal with ease — without breaking in or leaving fingerprints. They could be miles away.

It’s up to us to safeguard our hard-earned money. Read the bank’s instructions. Get familiar with the safety features on your bank’s website or app. Some features allow you to block transactions from specific countries or prevent card use overseas. Others let you limit daily spending or set maximum transaction amounts.

I know a colleague who makes good use of the temporary block feature. He keeps his card frozen and unblocks it only when necessary. A great idea!

What do you do when you have to use the card online? I use a debit card with a minimal balance. I only load the account with the amount needed for a specific transaction and use the card online. So far, it’s worked well.

But, criminals always find new ways to trick us. We must remain vigilant at all times. Don’t relax — it’s our money at stake.