How To Safely Pay Online With Credit Card

Vulnerability of Internet surfers to online fraud is caused mostly by their lack of knowledge of this subject. There is no need to refrain from using credit cards online in order to be safe. If one follows a few very simple rules, one can reduce the risk of being caught by online fraud almost to zero.

Credit card numbers and other data are transmitted using secure SSL technology which is practically impossible to break. But fraudsters find different ways to steal information. They either make a fake web site which looks identical to an authentic site (this method is called phishing) or they use spyware to get information from a user's computer. Let us see how that is done and how one can protect oneself from such frauds.

Phishing. In order to steal credit card data, a fraudster creates a fake web site which looks exactly like some authentic site. A visitor, who suspects nothing, enters credit card information which then gets intercepted by those who created the fake site. In fact, it is very easy to avoid being captured by such kind of tricks. Even if the site is an identical copy of the original one, its URL will be different. Thus it is sufficient to check carefully the site's URL in the browser address string. For example, the URL of all Skype pages starts with http://www.skype.com... except for the secure payment pages, which look like https://secure.skype.com... or https://pay.skype.com... One should check the URL very carefully because a fraudster may use a very similar URL with just one different letter, so one may easily miss it. In some cases, however, phishers may be able to change the site's URL in the browser address string. Therefore, the most reliable and simple way to avoid phishing sites is not to click on the links that come in an e-mail from a source you are not absolutely sure about or are contained in a site that may be not trustworthy. In such cases it is better to type the URL manually in the browser address string. That will ensure complete guarantee from getting to a phishing site.

Spyware. There are two main types of spyware programs, keyloggers and screen loggers. Keylogger intercepts everything that is typed on keyboard, while screen logger takes snapshots of a small screen area around the place where one clicks with the mouse. Information thus obtained is sent to the attacker. To make oneself secure against such attacks, one should not type credit card numbers using keyboard and should not click in the card number field on the Web page. One may then ask, but how are we going to enter credit card information in that case? That is in fact quite simple, just follow the steps below.

1. Open Notepad (or Word or any other text editor) and type numbers from 0 to 9 randomly, each number can be typed several times.
2. Open the Web page where you are going to make payment (enter the credit card data) and enter only your name and expiry date of the card (at this stage you can safely click anywhere within that window as it does not yet contain any sensitive information).
3. Click once in the empty field for the card number to place the cursor in that field. To make the process even safer, you can hide now the card number field behind the screen edge by dragging the browser window towards a side of the screen.
4. Switch to Notepad (or your text editor). But this time do not click in the Notepad window, because now it contains information, instead click on the respective button at the bottom of the screen.
5. Bring the cursor to the first digit to be entered (first digit in your credit card number) using left or right arrow keys. Press Shift+(Left Arrow) or Shift+(Right Arrow) to highlight it. Then copy the digit to Clipboard by pressing Ctrl+C. Now you can shift the cursor with left or right arrow keys, so that there is no highlighted digit which could be seen by screen logger when you make next click.
6. Switch to the browser window. Again do not click in the window itself, click instead on the respective button at the bottom of the screen.
7. Press Ctrl+V to paste the copied digit into the card number field.
8. Repeat steps 4-7 for each digit in the credit card number, thus you will enter the whole number.
9. While still in the browser window, press Tab one or several times until the cursor comes to the security code entry field (security code is the three digit number on the back of the card).
10. Enter the security code by following steps 4-7 above.

Thus you will enter the credit card information without typing it on the keyboard or clicking into respective fields in the form. This will secure you from any spyware attacks. Of course, in principle, one can create spyware that would track all the steps above. However, that is quite difficult. Especially, taking into account that you may modify those steps in many different ways (for example, you may use your e-mail client instead of Notepad to type a sequence of digits, or in between those steps you may do something else), it becomes practically impossible to create a program that would be able to track them.

Related Articles