Despite every effort being made (not without notable success) to mitigate the impact of bank card fraud, criminals unfortunately continue to come up with old and new tricks to bypass every possible control.
The stealthiest way to steal
While card loss or theft is one of the main reasons why our bank account can be emptied in an instant, there is a lesser-known but more worrisome method because it is much more difficult to detect and control. We're talking about card cloning.
Card cloning involves obtaining card data for fraudulent use, without the cardholder being aware of it at the time.
If he succeeds, he can record them (except for the PIN) on the magnetic strip of a counterfeit card to use without risk of detection, or better yet, he can use them to make online purchases. If he's well-organized, he'll even sell them to criminal gangs to avoid leaving any trace.
Next, we explore the different methods of data theft during in-person payments and their potential impact.
We are more gullible than we think.
Let's imagine these situations and see if you recognize us in any of them:
- We're walking down the street and a person wearing an NGO number catches us, asking for a donation. Our hearts soften, and we give them our card details so they can process the payment for the humanitarian aid.
- We go to a hotel, book a room, and the receptionist asks for our card so they can process the payment, so we give it to them. WRONG
- We're at a fancy restaurant, and when we ask for the bill to pay by card, they bring us the dinner receipt inside a leather wallet with the restaurant logo so we can insert our card.
Perhaps these cases occur less and less in Spain, but they do occur. However, when we travel abroad...
According to a report issued by the European Banking Authority (EBA) in 2024 , more than €600 million in card payments were defrauded in the first half of 2023. However, 71% of this amount corresponded to cross-border transactions.
Therefore, when paying in person at a store, no matter how much confidence the store clerk offers us (whether because they're a candid soul, or because it's a reputable chain, or because where there's luxury, there's good manners) , the moment we give the card or its details to another person, we lose control over it. It's worth remembering that all the companies in the examples cited tend to have a high employee turnover rate, even more so if you travel during peak season.
CONCLUSION: We should never give our card or its details to anyone else. On the contrary, we should always request that the payment order be executed ourselves using a POS (Point of Sale Terminal). Just like the remote control on a TV or the steering wheel in a car, we should never relinquish control of our card to a third party, not even for a moment.
If you've encountered similar situations and start noticing payments that can't be clearly identified, there's no need to hesitate; you should block the card and request a new one. Then, take the time to verify whether the transactions are truly fraudulent. It's also worth remembering that you always have the option to reject these payments, even if you have a dispute with the merchant, as it's still a way to verify whether the payment originated from you or is fraudulent.
Now, even if we follow this basic rule, there are still vulnerabilities in the system… We explain this in the following article…