Their insurance company eats it with the premiums the CC company pays them.
Thanks.
The most likely scenario is:
- You used your card’s magstripe in a POS compromised by malware and the mag stripe information was stolen (probably not a chip transaction, as the CVV1 needed for the mag stripe isn’t in that)
- The stolen card information was bundled into groups based on the zip code/state of the infected POS it was taken from and listed on a carding forum/website where they sell stolen credit cards
- Some low level thief bought your card information from the carding website and wrote out the mag stripe information to a new card of some type. Then they went in person and used the card at a retailer that does not have chip activated.
- Because level #3 happens in person, they buy credit cards stolen reasonably nearby because those are less likely to trigger fraud alerts from the provider right away, meaning they can buy more.
- As a corollary to #4, it means that the more people doing #3 in areas you often use your card, the more of this you will see. In areas where there are few people buying from the carding forum, your credit card won’t see as much fraud even though it was stolen in step 1
Edit to add: - Your Credit card provider was probably already aware of the breach in #1 and thus was already on the lookout for the fraud pattern that shut it down so quickly.
POS = Point of Sale, the cash register or credit card terminal that you swiped your card at.
The Wawa stores I go to (in the Philadelphia area) do not read the chips.
Not for that small amount-- they just write if off.
We all wind up paying for it eventually…
I had my credit card stolen and they ran up nearly $3,000 in twenty minutes. BoA had me file a police report and sign a statement (notarized) that I knew nothing of the transactions.
I got the charges off the card immediately and removed permanently in days. The next billing cycle BoA conveniently raised my interest rate on the CC. So I would’ve wound up paying for it anyway.
I have never used a chip cc yet. I have even traveled to large cities like Chicago, NY, LA and SF and never used it, so I can’t say how common it is.
As for how they got it, well it’s most likely a low paid worker who writes numbers down and sells them in batches. It’s my understanding from people I’ve worked with they can get about 10 cents to a quarter per number.
[Note: I work with a charity that helps people get off public aid, so a lot of my clients have had records and were inside before, that is how I know]
As one of them said, when I asked how they smuggle contraband into prison, “security is only as good as the least paid employee.”