2023 Credit Card
Fraud Report

The number of American fraud victims has risen to more than 150 million,
up from 127 million in 2021.

Written By: Security.org Team | Published: January 31, 2023


The ease of credit and debit cards and their widespread acceptance by merchants means that the vast majority of payments today are made using something other than cash. In fact, according to the Federal Reserve Bank of San Francisco, about 51 percent of all retail transactions are done using credit or debit cards — only 26 percent are cash.

All these credit and debit card transactions are good news for fraudsters who target these payment methods, and our research finds that credit and debit card fraud is rising. Following up on our 2021 Credit Card Fraud Annual Report, we researched the experiences and credit card habits of more than 1,000 U.S. adults with at least one credit card.

Here’s a look at our key findings:

  • 65 percent of credit and credit card holders have been fraud victims at some point in their lives, up from 58 percent last year. This equates to about 151 million Americans.
  • An increasing number of Americans have been victimized multiple times: in 2022, 44 percent of credit card users reported having two or more fraudulent charges, compared to 35 percent in 2021.
  • Since 2021, the median fraudulent charge has climbed by about 27 percent (rising to $79 this year). This equates to about $12 billion in total attempted fraudulent charges.
  • People who store their credit card information in their web browsers and use the same card for autopay as they do for everyday spending were more likely to be victims.
  • A small-but-significant share of people (12 percent) had fraudulent recurring charges from the same merchant over several months.

Credit Card Fraud is Rising: Nearly Two in Three Card-holders Are Victims

According to our research, 65 percent of people with credit or debit cards have experienced credit card fraud at least once. This is an estimated 151 million U.S. adults, and also marks a considerable increase from our findings last year, which found about 58 percent of cardholders had been victims of fraud.

According to Hari Ravichandran, CEO and founder of digital safety company Aura, credit card fraud continues to increase because of how profitable it is for thieves. “Scammers follow the money and see immense value in credit card fraud and other schemes,” Ravichandran explained. As long as scammers can successfully commit and profit from this crime, it will continue to increase.

How many times have you had a fraudulent charge

Another potential reason why card fraud is rising could be that people are shopping more online. As we’ll explore later, thieves usually don’t need a physical credit card to commit fraud. In other words, online shopping is a risk factor for credit and debit card fraud.

According to one forecast, online shopping could rise by 13 percent compared to 2021, with spending from online shopping hitting a record $1 trillion.

Our research also found another significant risk factor that exposes people’s information to potential theft and fraud: Americans’ online security habits aren’t sophisticated enough to keep up with fraudsters’ tactics.

The Median Fraudulent Charge Has Increased by 27 Percent Since 2021

In 2021, the median fraud charge was $62, but this year, that figure has risen to $79, an increase of 27 percent. This increase could be due to a combination of high rates of inflation and the aforementioned rapid increase in online shopping.

How much was the most recent fraudulent charge

Most victims don’t report their losses to the police: just one in ten victims did so. Our research found that the size of the fraudulent charge may play a role in whether or not victims report it to the police. The average fraudulent charge reported to the police was nearly $400.

Our research didn’t indicate that reporting credit card fraud to law enforcement made you more likely to get your money back. Regardless of whether or not they reported the fraud to the authorities, most people did get their money back once they notified their banks. Twenty-eight percent of victims told us that their banks reversed the charges immediately, and only seven percent of people told us their cases were still open.

That said, credit card fraud is still a crime, and it is beneficial to report incidents of fraud. If everyone reported fraudulent charges to the Federal Trade Commission, authorities would have a much more complete picture of this crime in the U.S.

Prevent Credit Card Fraud With Good Online Habits

Since about two-thirds of all U.S. credit and debit card holders have been victims of fraud, it’s safe to say the average person is well aware that this crime exists. And although it’s increasing, our research shows that many people have poor security habits. However, many people are strengthening their online security.

We asked cardholders about ten security habits (five good and five bad ones). Across the board, bad habits have declined, with some falling significantly. However, good habits didn’t improve categorically.

Only 42 percent of people reported using public WiFi, compared to 55 percent last year. While public WiFi may not be the surefire cyber attack vector it once was, using an unsecured network is still dangerous, especially if your device stores financial information.

And in other good news, fewer people are using the same password for multiple accounts, as that figure dropped by 12 points. This is a wise safety measure to ensure that multiple accounts aren’t compromised in a single breach.

Good credit habits

Bad credit habits

If you realize you have also developed a few bad credit habits, don’t panic. Nearly nine in ten people reported at least one bad habit, and almost two-thirds had two or more. But many people are learning from their past mistakes and preventing future fraud: those who had been fraud victims were more likely in 2022 to report good digital behavior. Victims were more likely to use multifactor authentication or facial recognition to access credit card accounts online.

However, certain bad habits were more common among previous fraud victims, including using the same card for everyday spending as they do for autopay accounts. This is risky because it means card numbers are stored in multiple places. Using the same card for autopay and everyday spending also creates more hassle for people if their card is stolen since they will have to update their information on every single autopay account.

Be aware of recurring fraud charges

Though it wasn’t as common as one-time fraudulent charges, 18 percent of all fraud victims said they’d noticed unauthorized recurring payments, meaning one from the same merchant that showed up monthly or yearly.

In many cases, recurring charges are connected to gas stations via skimming (more on that in a moment). Still, recent research has exposed a sophisticated scam involving a fake network of websites functional enough to look real and credit card numbers purchased on the dark web.

According to researchers, scammers schedule small, recurring charges similar to what consumers might pay for popular subscription services. They reason that an average person might not notice them at all.

The good news is that despite the sophistication of this particular scheme, consumers are more likely than they were in 2021 to review their credit card statements regularly. But remember that it’s important not just to give statements a cursory glance but to dig into each payment, especially from merchants you don’t recognize.

Of course, even payments to merchants you do recognize can be dangerous. Gas pumps are notorious locations for scammers to place credit card skimmers, which are designed to look like regular credit card readers. How can you tell the difference?

  • Inspect the reader to ensure it’s intact. If it looks to be in some state of disrepair, such as if it’s bulging in one place or if two edges don’t align, that could be a sign scammers inserted a skimmer. Try giving the reader a slight bump or wiggle before inserting your card.
  • Look for a valid security seal that has not been tampered with (here’s how a damaged seal looks).

Adult sites and gaming sites were other popular sources of fraudulent transactions, likely due to their popularity — according to one estimate, adult websites account for 13 percent of all websites on the internet.

Account alerts can prevent losses

Regularly reviewing your credit card statements is helpful, but getting alerts in real-time is even better, as it’s often possible to stop the payment before it is fully processed. Overall, about 59 percent of cardholders told us they had alerts enabled. Credit card providers can often send alerts to your email or mobile phone if they detect suspicious transactions. You may also receive notifications with the details of every purchase made with your card.

When did you notice charge on account

Among users who had credit alerts activated, 38 percent were notified of the attempted fraudulent transaction within minutes — compared to just four percent without notifications. Account notifications can empower you to take early action in case of fraud or even stop unauthorized transactions from being completed.

Six Simple Steps to Prevent Credit Card Fraud

  1. Review your bank and credit card accounts regularly. Look for any suspicious or unauthorized purchases (and report them). Get in the habit of reviewing your credit report annually, too, for any unauthorized activity.
  2. Beware of phishing scams, which are becoming more sophisticated. Scammers and cybercriminals will use email, phone, or text to send messages that appear to be from a trusted source that contains malware or a link to a fake site designed to steal your information. They might say your Amazon account is locked, FedEx needs to send you information about your delivery, or your Netflix bill is late.“Cybercriminals have become increasingly creative with social engineering to prey on unknowing victims,” Ravichandran warned. “They will often use urgency to trick consumers into sharing sensitive information without giving a second thought. In these situations, it’s best to use any sense of urgency as a signpost to take a step back and think about the source’s trustworthiness.
  3. Don’t store credit card info in your browser or on websites; only let Google or Paypal “remember” your card number. Taking a few extra minutes to type in your credentials with each transaction can help keep your information secure.
  4. Try Apple Pay or Android Pay when making purchases since the merchants cannot see your financial information, and two-factor authentication is typically required to complete transactions.
  5. Subscribe to an identity theft protection service that keeps track of your credit and PII in several criminal and financial areas.
  6. Use public WiFi connections with caution and avoid making purchases while using public networks. Others on these insecure networks may be able to access your information. Make sure your home WiFi network is password-protected.

Conclusion

Our research indicates that while Americans are making some strides, the average consumer has some work to do regarding the security of their credit and debit card accounts. As scammers become increasingly skilled and sophisticated with their schemes, individuals will need to improve their digital security.

As our data revealed, credit card fraud is an increasingly profitable crime, and it has evolved with technological advances. Credit card holders can protect themselves by staying vigilant online, locking down their personal information, and fighting back against scammers with technology.

Methodology

In November 2022, we conducted an online poll of 1,003 U.S. adults about their credit and debit card habits, including whether fraudulent charge attempts had ever impacted their accounts. All study participants had at least one debit or credit card.  Thirty-one percent were aged 18-29, 44 percent were 30-44, 17 percent were 45-60, and six percent were 61 or older. Fifty percent were male, and 50 percent were female.