Legal Definitions - credit card fraud

Credit card fraud refers to the illegal act of obtaining and using another person's credit card information or identity without their permission. The primary goal of such fraud is to make unauthorized purchases, withdraw cash, or open new credit accounts, leading to financial loss for the victim or the credit card company.

This type of fraud can take many forms, from creating entirely new accounts in someone else's name to hijacking existing accounts or exploiting vulnerabilities in digital systems.

• Example 1: Application Fraud

  A criminal finds a discarded document containing enough personal details about a victim, such as their full name, date of birth, and Social Security number. The criminal then uses this stolen information to apply for a new credit card online in the victim's name. Once the card is approved and mailed to an address the criminal controls, they use it to purchase expensive electronics and gift cards.

  Explanation: This scenario illustrates credit card fraud because the perpetrator used the victim's identity to *unauthorizedly open a new credit account* and then *made purchases* without the victim's knowledge or consent. This is a classic example of "application fraud," where a new line of credit is established fraudulently.

• Example 2: Account Takeover via Skimming

  While paying for groceries, a customer swipes their credit card at a self-checkout terminal. Unbeknownst to them, an employee has secretly installed a "skimming" device on the card reader. This device covertly captures the customer's card number, expiration date, and security code. The employee later sells this stolen data to an accomplice, who then uses the information to make several large online purchases from various e-commerce sites.

  Explanation: This is credit card fraud because the customer's existing credit card information was *illegally obtained* through skimming and then *used without authorization* to *charge purchases* to their account. This demonstrates an "account takeover" method where existing card details are compromised and exploited.

• Example 3: Data Breach Exploitation

  A popular online clothing retailer experiences a sophisticated cyberattack, resulting in a data breach that exposes a database containing thousands of customers' encrypted credit card numbers. Although initially encrypted, the hackers manage to decrypt a significant portion of this data. They then sell batches of these stolen credit card numbers on the dark web. An individual purchases some of these numbers and uses one to book a non-refundable, luxury hotel stay in a different country.

  Explanation: This constitutes credit card fraud because the credit card information was *obtained without authorization* through a data breach, and then *used to make a purchase* (the hotel booking) without the cardholder's permission. This highlights how large-scale technological vulnerabilities can lead to widespread instances of credit card fraud.