Card Cracking Scams

woman with credit card at her computer

Card cracking fraud is a deceptive practice where cybercriminals entice individuals to share their banking information, including debit card details and PINs. Perpetrators often use social media platforms to lure victims with promises of quick and easy money in exchange for sharing their card information. Once obtained, the criminals exploit this information to commit various financial crimes, such as unauthorized transactions and identity theft.

If your credit card company or bank has reimbursed your financial loss (or will remove the fraudulent charges from your account), they become the monetary victim and must reach out to law enforcement for further assistance.

Credit card cracking and credit card fraud share many of the same characteristics. The main difference is that credit card fraud typically happens without the knowledge of the victim, whereas credit card cracking involves the victim in the scheme in one way or another.

  • Unsolicited Offers: Individuals receive unsolicited messages or advertisements promising quick cash or financial rewards in exchange for providing their debit card details.
  • Urgency and Pressure: Scammers create a sense of urgency, pressuring victims to act quickly to seize the purported financial opportunity.
  • Requests for Card Information: Fraudulent messages explicitly request sensitive information, including debit card numbers, PINs, and online banking credentials.
  • Unusual Account Activity: Victims may notice unauthorized transactions, withdrawals, or suspicious account activity after sharing their card information.
  • Fake Promotions: Scammers may create fake promotions, contests, or surveys that require participants to disclose their banking details to claim a prize.
  • Educate the Public: Raise awareness about the risks of card cracking fraud through public awareness campaigns and educational initiatives.
  • Secure Social Media Accounts: Adjust privacy settings on social media platforms to limit personal information exposure and reduce the likelihood of being targeted. See the Office of the Privacy Commissioner of Canada Tips for using privacy settings. Or see National Cybersecurity Alliance (staysafeonline.org) Manage Your Privacy Settings.
  • Avoid Sharing Sensitive Information: Remind individuals never to share sensitive financial information, such as debit card details and PINs, in response to unsolicited messages or offers.
  • Two-Factor Authentication (2FA): Enable 2FA on online banking accounts to add an extra layer of security, requiring additional verification beyond passwords.  See  Cybersecurity & Infrastructure Security Agency (CISA) More than a Password
  • Monitor Account Activity: Regularly review bank statements and account activity for unauthorized transactions. Report suspicious activity to the bank immediately. 
  • Contact the Bank: Report the fraudulent activity to the bank as soon as it is discovered. Provide details of unauthorized transactions and any relevant information.
  • Change Passwords and PINs: Change online banking passwords and PINs to prevent further unauthorized access to the account.
  • File a Police Report: If necessary, file a police report to document the fraud. This report may be required by the bank or relevant authorities during the investigation.  For Montgomery County residents, call 301-279-8000 (for non-emergency help).
  • Monitor Credit Reports: Keep a close eye on credit reports for any signs of identity theft. Report any suspicious activity to the credit bureaus.  See  Identity Theft for how to make these reports.
  • Install Security Software: Use reputable antivirus and anti-malware software to protect devices from potential threats that may have been introduced during the card cracking scheme.
  • Secure Your Accounts: If you shared personal information with the scammer, change your passwords and enable two-factor authentication where possible. See Cyber Crime Prevention for more information.

References: