Skip to Local Navigation
Skip to Content
California State University, Long Beach
Skip to Content

May 2008

printable version

Next Page

Know Your Rights when Paying By Credit Card: What Can Merchants Ask?

California law limits the collection of personal information by merchants when you pay by credit card. When a consumer pays with a credit card, the merchant cannot record any personal information other than what is on the front of the credit card. (California Civil Code 1747.08) Merchants cannot request or require that the consumer write any personal information, including address and telephone number, on any form associated with the credit cards transaction.

There are exceptions.
A merchant can, in certain limited circumstances, collect personal information including when:

  • The credit card is used as a deposit
  • The credit card is used for a cash advance
  • The personal information is needed for something incidental but related to the use of the credit card. For example, the address to which the purchased product is to be shipped.

Merchants can require a consumer who pays for goods or services to show identification such as a California driver’s license or California ID. But merchants cannot write or record any information from these documents.

Merchants can record the card holder’s driver’s license number or identification card number on any form associated with the transaction if the cardholder pays with a credit card but does not provide the credit card (card not present transaction).

Privacy Rights Clearinghouse www.privacyrights.org

Be Aware and Beware of the Scams

Vishing Expeditions

In “vishing” (short for voice phishing), the latest in ID theft, a scammer posing as a bank or credit-card representative asks you to call a toll-free number to straighten out some mysterious mix-up in your account. When you phone, an automated attendant prompts you to enter your account number or other private information and voila, you've been vished.

What to do.
If you receive such a call or e-mail, phone your bank or credit-card company to find out if the message is for real. If you gave up your data, you should change your account number.

Consumer Reports, February 2007

Grave Robbers

Even in death, we aren’t safe from the fastest growing crime in the United States – identify theft. Criminals are stealing the identity of the deceased in the hopes that their deeds will go undetected longer than when they prey on living victims. Here’s how to guard the identities of those you’ve lost:

  • Don’t include dates of birth or addresses in obituaries.
  • Promptly notify the deceased’s financial institutions about your loved one’s passing.
  • Don’t let mail accumulate in the deceased’s mailbox.
  • Cancel the person’s driver’s license.
  • Send copies of the death certificate to the three major reporting companies: Equifax, Experian and TransUnion. Several weeks later, request a free annual credit report from each bureau at AnnualCreditReport.com and look for fraudulent activity.

USAA Magazine, Spring 2008

Tax Rebate Scams

The Internal Revenue Service warns taxpayers to beware of several current e-mail and telephone scams that use the IRS name as a lure. The IRS expects such scams to continue through the end of tax return filing season and beyond.

The IRS cautions taxpayers to be on the lookout for scams involving proposed advance payment checks. The goal of the scams is to trick people into revealing personal and financial information, such as Social Security, bank account or credit card numbers, which the scammers can use to commit identity theft. At least one telephone scam is using the stimulus payments as bait.

The IRS does not send unsolicited, tax-account related e-mails to taxpayers. For security and other reasons, the IRS never asks people for personal and financial information via e-mail. Additionally, the IRS never asks people for the PIN numbers, passwords or similar secret access information for their credit card, bank or other financial accounts. Since the IRS rarely contacts taxpayers via e-mail, and never about their tax accounts, taxpayers should be cautious about any e-mails that claim to come from the IRS.

How to Spot a Scam
Many e-mail scams are fairly sophisticated and hard to detect. However, there are signs to watch for, such as e-mail that:

  • Requests personal and/or financial information, such as name, SSN, or bank or credit card account numbers, either in the e-mail itself or on another site to which a link the e-mail sends the recipient.
  • Dangles bait to get the recipient to respond to the e-mail, such as mentioning a tax refund or offering to pay the recipient to participate in an IRS survey.
  • Threatens a consequence for not responding to the e-mail such as block access to the recipient’s funds.
  • Gets the Internal Revenue Service name wrong.
  • Uses incorrect grammar or odd phrasing (many of the e-mail scams originate overseas and are written by non-native English speakers).
  • Uses a really long address in any link contained in the e-mail message or one that does not include the actual IRS Web site address. To see the link address, move the mouse over the link included in the text of the e-mail.

The only genuine IRS Web site is “IRS.gov”. All IRS.gov Web page addresses begin with “www.irs.gov”.

Taxpayers who receive an unsolicited e-mail communication claiming to be from the IRS can forward the message to phishing@irs.gov. For more information regarding tax rebate scams visit www.irs.gov.