A $1.07 charge at a gas station 400 miles from your house. A $0.50 donation to a charity you have never heard of. These are not billing errors. They are probes: tiny transactions that card thieves use to confirm a stolen number is live before they start spending for real. The pattern is so well established that two federal banking regulators have documented it in consumer warnings, and a single settings change inside your bank app can turn every one of those micro-charges into an instant alert on your phone.
How the probe-then-drain playbook works
The Office of the Comptroller of the Currency explains that small-dollar authorizations are used to “test” an account before larger fraudulent charges follow. The FDIC describes the same sequence in its guidance on card-skimming schemes, noting that thieves run low-dollar withdrawals or charges to verify a counterfeit card works before attempting big-ticket transactions. The FTC received more than 2.6 million fraud reports in 2023, with credit-card fraud consistently ranking among the most common identity-theft categories reported to the agency. The probe-then-drain method is a recurring element in those complaints, though the FTC does not break out micro-charge probing as a standalone category.
The probe charges often appear under generic or unfamiliar merchant names. A $0.75 “pending” charge from a vending-machine company you have never used, or a $1.00 hold from an overseas retailer, can sit in a transaction feed for days without drawing attention. That is the whole point. Most bank apps ship with spending-alert thresholds set well above zero, so a $1 test charge generates no push notification and no text. The cardholder sees nothing until a much larger transaction trips the alert, or until they scroll through a statement days later. By then, the thief may have already moved on to the drain phase.
Why dropping the threshold to $0 changes the equation
Lowering that alert threshold to zero dollars forces the app to fire a notification on every single charge, regardless of size. A 50-cent probe that would have slipped by now lights up your lock screen. If you did not make the charge, you can freeze the card, call the issuer, and shut down the operation before the thief moves to the purchases the OCC and FDIC describe.
For debit cards, reaction time is especially critical. Under federal rules outlined by the Federal Trade Commission, a cardholder who reports unauthorized debit-card use within two business days can limit personal liability to $50. Wait longer than 60 days after a statement is sent, and liability can become unlimited. A real-time alert on a micro-charge gives you the earliest possible window to act, potentially saving you from absorbing the full loss.
The setting is usually found under “Notifications,” “Alerts,” or “Card Controls” within your banking app. Some institutions also offer instant card-lock features in the same menu, letting you freeze a card with one tap the moment a suspicious charge appears. The exact options vary by bank, but the core function of setting a custom dollar threshold for transaction alerts is available at most major issuers as of June 2026.
The trade-off: alert fatigue is real
A $0 threshold means every coffee, subway fare, and streaming renewal will generate a notification. For heavy card users, that can mean dozens of pings a day. Some people manage the volume by keeping their phone on vibrate and reviewing alerts in batches. Others find it overwhelming and end up disabling alerts entirely, which erases the benefit.
There is also the risk of desensitization. A fraudulent $1.12 charge buried in a long list of legitimate notifications is easy to skim past. The alert only helps if you actually read it and recognize the charge as unfamiliar. A 2 a.m. text does little good if it sits unread until noon, and a fast-moving thief may have already run several larger transactions by then.
Neither the OCC nor the FDIC publishes aggregate data on how often early alerts actually prevent full account takeovers, and no peer-reviewed study has quantified the protective effect of switching from a default threshold to zero. The logic is regulator-backed and the fraud pattern is well documented, but the precise reduction in risk remains unmeasured as of June 2026. That gap is worth acknowledging, though it does not undermine the core reasoning: you cannot act on a charge you never see.
What to do the moment a suspicious charge appears
Spotting a micro-charge you did not authorize only matters if you act on it fast. Here is what the FTC and banking regulators recommend:
- Lock or freeze the card immediately. Most bank apps let you do this from the home screen or card-management menu without calling anyone. Do this first, then investigate.
- Call the number on the back of your card. Report the unauthorized charge and ask the issuer to open a fraud investigation. For debit cards, doing this within two business days is critical for limiting your liability under federal law.
- Review your recent transactions for other unfamiliar charges. Thieves sometimes run multiple probes across different merchants or in different amounts. Do not assume the problem is limited to one charge.
- File a report with the FTC at ReportFraud.ftc.gov. This creates a record that can support disputes and law-enforcement investigations.
- Request a new card number. A freeze stops new charges temporarily, but a compromised number should be replaced entirely to prevent future attempts.
One free setting change that targets the reconnaissance thieves rely on
A $0 alert threshold will not stop every type of card fraud. Some thieves skip the probe entirely and go straight to a large purchase. Others exploit online transactions where real-time alerts may lag behind the authorization. A determined criminal can also run several big charges in rapid succession before you have time to react, even to the fastest notification.
But this step costs nothing, takes less than a minute, and directly targets the specific reconnaissance pattern that two federal regulators have flagged. It works best as one layer in a broader routine: reviewing statements regularly, using virtual card numbers for online subscriptions when your issuer offers them, and actually paying attention when your phone buzzes with a charge you do not recognize. The thieves are counting on that tiny transaction going unnoticed. A $0 threshold makes sure it does not.
David M. Keller is a finance writer based in Columbus, Ohio, covering personal finance and consumer-focused economic topics. He earned his degree in journalism from Ohio University and began his career reporting on local business and economic trends for a regional media outlet. Since then, he has contributed to a variety of online publications, focusing on clear, practical coverage of topics such as cost of living, debt, and everyday financial decision-making.
