Many of us use credit or debit cards for the convenience of cashless shopping. However, scammers are constantly finding ways to steal card details to cover their own expenses. This can happen without needing a physical card, such as during online transactions or over the phone. These types of scams are so common that the banking industry refers to them as Card Not Present (CNP) frauds.

Typically, when a card is used, the merchant collects the card details from the owner and shares them with the payment processor to complete the transaction. These details include the card number, expiration date, three-digit card verification value (CVV), as well as the customer’s billing address and name.

Scammers use various methods to steal these details and make transactions without having the physical card. By the time the card owner notices the unauthorized charges, the scammer has often already received the product or service they purchased.

Genuine use of a card presents an opportunity for a scammer to intervene and steal the information.

1. Hacking of corporate data – Cybercriminals break into the systems of retailers, hospitals, or any other organization and steal credit card information. Back in 2013, scammers broke into the network of the U.S. retail giant Target and stole credit card information from 40 million cards. 
2. Buying data on dark web – Scammers frequently sell stolen credit and debit card details on the dark web, offering them to other fraudsters at low prices. These cards are often obtained through hacking into organizations or brute-forcing systems. The scale of such theft is massive, with millions of compromised cards circulating on underground marketplaces. Victims often remain unaware until fraudulent transactions appear on their statements. 
3. Direct theft from customers – Sophisticated phishing attacks trick card users into submitting their card details through emails or fake websites. Whenever using your card, thoroughly verify the vendor and watch for signs of spoofing, where someone pretends to be an official merchant. 
4. Card skimming – Data on most credit cards is designed to be read by machines, either through magnetic strips or embedded chips. Fraudsters often impersonate legitimate vendors or banks, stealing card details while making you believe you're dealing with a genuine source. In some cases, even official ATMs have been found fitted with skimming devices by scammers, capturing card details from anyone using the machine.
5. Public Wifi - Since public Wi-Fi networks lack security, it becomes easier for fraudsters to obtain your personal and sensitive information
6. Spyware: Scammers  can install spyware on the devices of unsuspecting users to steal sensitive information. One of the most common ways is a social engineering tactic to trick people into downloading these malicious softwares themselves. 

• Contact your bank immediately if you believe you are a victim of Card Not Present (CNP) fraud. They may be able to stop or reverse the transaction. 
• Ensure you have all the necessary information to prove that you are a victim of this fraud. 
• Keep monitoring your credit and debit card statements to check for any suspicious transactions

To protect yourself from Card Not Present (CNP) fraud, it’s important to be cautious when sharing your card details online or over the phone. Using apps like Truecaller can help identify unknown callers and block potential scammers, adding an extra layer of security. Make sure to enable multi-factor authentication (MFA) for your cards, and monitor your credit card statements regularly to spot any suspicious transactions. Avoid using public Wi-Fi when making payments and always verify websites before shopping. If you suspect fraud, contact your bank immediately.