There are many ways that thieves can steal money from you using your bank card information. By being aware of some of these criminal tactics, you can avoid being a target. Below are just some of the most common forms of credit card theft and how to protect yourself.

credit card theft

Pexels. CCO Licensed.


An obvious way to get your card details stolen is by having your card physically stolen from you. This could involve having it taken by force (i.e. getting mugged) or having it taken away without you knowing (i.e. pickpocketing).

Getting mugged is the most frightening and dangerous form of this crime. If the criminal has a weapon, you are best off not resisting and giving them what they want (which will often include your card). You’re most likely to be mugged in a place away from onlookers so be careful of what routes you take when walking alone and stay away from secluded places where muggings have been reported.

Pickpocketing is actually more common in a crowd. When you are already having to brush up against people, it is much easier for someone to take something from inside your pocket or bag. Keeping your card zipped up around the front in a money belt will put most pickpockets off.

If you do have your card physically stolen from you, you should try to notify your bank as soon as possible so that it can be cancelled and no money can be withdrawn. If you’ve still got your phone, you may even be able to freeze your card via a mobile banking app. Your card is then useless to anyone who has it.


Phishing is when a criminal pretends to be someone you trust in order to deceive you into giving away personal information (such as your card details and PIN). This could be via email, text or phone call. Some of the most common things that fraudsters pretend to be include banks, insurance companies, energy providers and the government.

Sadly, phishing tactics are getting more elaborate and advanced – with some people even hacking into or even creating clone versions of email addresses. A few red flags worth looking out for include:

  • Urgent demands – especially regarding payment or bank details
  • Offers that seem too good to be true
  • Unusual greetings or language
  • Misspellings or poor grammar
  • Unusual sender addresses/unknown phone numbers

If you think it could be phishing, do not reply – at least not via that email address/phone number. Instead look for contact details online from a trusted source (such as an official website) and get in touch this way to confirm if the message is real.

Data breaches


Data breaches involve breaking into an account or network in order to steal information. This is typically done by cracking a victim’s password to an account which is likely to have bank details saved on it.

There are many different ways a password can be cracked. A few common examples include:

  • Leaked passwords through friends or colleagues
  • Brute force attacks using technology to crack someone’s password
  • Malware that records a person’s keystrokes
  • Guessing a password
  • Looking over a victim’s shoulder while they enter their password
  • Buying already leaked passwords on the dark web (you would be surprised how many passwords are already up for grabs)

By protecting your passwords, you can protect your bank details. Some of the best ways to secure a password include:

  • Always choosing a complex password that cannot be easily guessed by anyone. This post explains how to create a complex password.
  • Covering up your passwords when entering them in public places.
  • Taking steps against malware such as not visiting websites with warnings and not clicking on emails with warnings (good cybersecurity software should provide these warnings).
  • Regularly changing your password (just in cases it has ended up in a password list on the dark web)

Skimming devices

Skimming devices are illegal electronic devices that are used to steal people’s bank details by making physical contact with the card. They are sometimes attached to ATMs where they can grab someone’s details when they enter their card.

In other cases, they may take the form of contactless readers that are able to extract someone’s card information simply by being in the area of another card (such devices can be hidden in pockets or bags or attached to cashpoints/petrol station card terminals).

Tiny cameras are also sometimes used which can be stuck onto an ATM or petrol station card terminal above the keypad or above the card slot to record user details.

You can protect yourself against skimming devices, by always looking out for odd features on cashpoints. Does the card slot protrude out? Are there small devices stuck or taped on the ATM? These could be signs that there is a skimming device there.

When it comes to preventing your card getting skimmed on the go, you could consider a radio frequency blocking wallet. These can stop your card details being picked up by a card reader hidden in a passing thief’s bag or pocket. You can even buy a cell phone pouch to block radio frequencies and prevent mobile payments. These radio frequency blocking pouches and wallets are particularly useful when visiting crowded places like festivals, night clubs or busy city streets.

Hijacked/fake ATMs

There have been instances of criminals hi-jacking entire ATMs in order to steal card information, or even creating their own ATMs and placing them in areas where people assume they are regular ATMs. This is a very sophisticated form of attack that many people get caught out by when travelling.

You can avoid putting your card into a hijacked or fake ATM by selecting your ATMs carefully when taking out cash. The safest ATMs are those inside banks as they can be tampered with. The least trustworthy types of ATMs are those found in secluded places like back alleys or at the side of a remote petrol station.

Fraudulent online payment gateways

Credit Cards

There are some dodgy websites out there that will try to steal your card information by using non-approved payment gateways. You can usually tell you are using an insecure payment gateway because of one of these red flags:

  • No SSL certificate (The website address begins with ‘http’ and not ‘https’. It also does not have a padlock symbol next to the URL bar)
  • The website does not ask for information such as your billing address
  • The payment gateway takes a while to load/process your payment

Do not enter your card details if you do not trust the website’s payment gateway. It’s worth noting that you should be equally careful about apps and where you download them, as some of these may have insecure payment gateways too.