People truly enjoy the perks of the digital era and tend to shop and pay online or via mobile banking. Research commissioned by Kaspersky Lab confirmed that the majority of users (81%) rely on the Internet in their financial routines, and almost half of them (44%) store financial data on their devices.
And yet, only 60% of users install security solutions on all of their devices, and the remaining 40% of respondents are left to the mercy of cybercriminals.
People lose $476 on average per fraudulent transaction. That’s just an average value — one in ten users loses up to $5,000. The compound annual loss sustained as a result of online fraud, identity theft, and malware amounts to billions of dollars worldwide, if we consider only reported cases, which makes the real loss much more substantial.
Victims have a fair chance to get back the stolen money if they reach out to the card issuer and perhaps the fraud-handling department of the merchant involved in a rogue transaction. They should do so within 24 hours if possible, giving details of the transaction that was fraudulent. Merchants have no desire to do business with a stolen card, and they will cancel the transaction and revert the amount if you get to them in time. Note that bank services and the laws and practices governing them can vary quite a bit by country, so the advice we give here may apply differently where you live.
Many people think that their bank is the sole bearer of responsibility over the security of their accounts, but bank agreements typically include a passage about the client’s responsibility to keep their financial information secure. The most precious bits of this information are PIN code, CVC code, and one-time passwords sent by SMS. You’re far less likely to get a refund if any of those were used to confirm a fraudulent transaction; banks usually consider compromise of them a user’s fault.
We tried to figure out what it takes to get back money stolen by online scammers, and how many victims were lucky enough to recover their losses.
Is it realistic to expect a return of the stolen money?
The Kaspersky Lab research shows that almost half of respondents feel sure their bank would reimburse money stolen by online scammers. However, here comes the harsh reality: More than 52% of victims did not get back their money at all or recovered only a part of the loss.
Unfortunately, the majority of experts in finance agree: Banks are unwilling to return money lost due to fraudulent transactions.
“Don’t assume you can always recover stolen money,” says Vyacheslav Zakorzhevsky, a senior analyst at Kaspersky Lab. “The best way to keep your money safe is to avoid having it stolen in the first place. Use dedicated security products that won’t allow cybercriminals to lay a hand on your personal and financial data.”
What to do if your money is stolen
When you perform a transaction, your bank is just an intermediary between a sender and a recipient. You wouldn’t expect the bank to return money you sent to someone voluntarily (for example, simply by mistake). Would you succeed reverting a fraudulent transaction? It depends on the specifics of the situation.
If your money has been stolen, the first thing you have to do is report the incident to the bank, and if you do that within 24 hours from the time the transaction took place, there is a higher chance to revert the fraudulent transaction.
You need proof you notified the bank in time. Should a bank refuse to give you material proof — a letter acknowledging notification — request a written explanation of why, and when, they declined to issue this document. Then you have to report the incident to authorities. That might be the police, the Federal Trade Commission, or another authority, depending on the jurisdiction. At this point, you have what you need to take the bank to court.
In some cases, the money earmarked for a transaction is put on hold first, and then is transferred. If this is your case, you have a better chance of recovering the money. But, of course, it’s best not to land yourself in such a situation in the first place.
How to protect your credit card
Never tell anyone your PIN code, CVC code (the printed code on the reverse side of the card), or a one-time password sent via SMS.
Don’t pay with your card at suspicious places; instead use cash.
Don’t leave your card unattended when with other people. When handing it to a cashier or a waiter, don’t lose the sight of it at any time.
Enable SMS notifications from your bank. Scammers tend to steal money via a series of transactions, so a timely SMS might keep you from bleeding more money.
Immediately block or freeze your card if you notice any signs of fraudulent activity.
If your bank offers the service, use a virtual card for online shopping. With other cards, ask about enabling zero-dollar limits for online transactions or card-not-present transaction blocking.
In addition to implementing safe behavior, it’s critical to install a robust security solution on all devices you use for payments. For example, Kaspersky Internet Security and Kaspersky Total Security have a purpose-built component called Safe Money. This feature ensures all payments are transacted on a legitimate website and over a secure connection, essentially cutting off phishing sites. In testing by independent labs, Safe Money is a top performer.