Expert warns of holiday credit, debit card ID theft

December 4, 2014 Latest Print Print

With the holidays coming up and all of the shopping that will be taking place, people need to be aware of identity theft and the point-of-sale breaches happening at various retailers.

Professor Al Heitkamper, head of the cyber security program at OCCC, explained how to minimize the chance of identity theft and gave examples of retailers where point-of-sale breaches have occurred.

Retailers such as Staples, Dairy Queen, Home Depot, Target, K-Mart and P.F. Chang have all been victims of point-of-sales breaches, Heitkamper said.

“A point-of-sale breach occurs when you are using your debit or credit card at a terminal (ATM, gas pump, etc.) that someone has previously hacked,” he said.

Heitkamper said the hacked slider — the place where you swipe your card — sends your card information to third a party so they have all of your card information.

Hackers use “skimmers” over ATM card slots so every time a person swipes their card, their information goes not only where it is supposed to go, but also to the hacker, he said.

Heitkamper said retailers are working toward better cyber security and avoiding theft by using software that helps block off ports and firewalls.

“Good security is good business,” he said.

However, Heitkamper said, avoiding point-of-sales hacks altogether is virtually impossible.

He said running utilities all day, such as Windows XP, is not smart when trying to protect your identity.

Hackers search for errors on systems and as soon as they see the vulnerability present, they take advantage of it, Heitkamper said.

In the past, he said, most ATMs used Windows XP, but that is no longer supported, because it was too vulnerable to hackers.

Heitkamper said using a credit card rather than a debit card is best because credit card consumers are only liable for $50. If your debit card is hacked, the hacker could wipe out your entire bank account or your financial institution may put a hold on all of your money.

“Anytime your identity is stolen, call the FBI or the Federal Trade Commission and file an identity fraud report,” he said.

There also are multiple identity theft protection services that will cover any unauthorized use of one’s address, bank accounts, credit or debit cards, loans, public records and also one’s Social Security number, Heitkamper said.

He said a couple of identity theft protection services that will protect your important information are LifeLock, TrustedID, Identity Force and ID Patrol.

Heitkamper said these companies offer fraud alert reminders, identity theft insurance, lost wallet protection and also can give you access to talk to a fraud specialist.

For more information, Heitkamper can be reached by email at or by calling 405-682-1611, ext. 7494.

Write a Reply or Comment