All major banks and credit unions have iOS apps, and many have increasingly useful websites. You don't need an iPhone 6 or 6 Plus to use these apps, but it's a neat dance between Passbook, Apple Pay, and the apps when everything is aligned.
I recently got an American Express card for hotel points. After adding the card to Apple Pay, which resulted in an email confirming enrollment, I also installed the Amex app. The app works with Touch ID as a nice added benefit. On Amex's website, I added the option for the company to notify me whenever a charge exceeded $200.
Whenever I make a charge, a push notification appears. It's rather reassuring to click Submit on a website, and seconds later see a confirmation on my iPhone lock screen. With my fraud setting thresholds on the website, I also receive an email alert for "card not present," which includes all online orders.
Every bank and credit union's options are different. If yours doesn't offer mobile, push, or email alerts about odd behavior, you should pester them, and explain how competitor X has such a notification.
Financial institutions should--and I expect some will soon--expose one of their fraud markers that they currently don't: location. I'd be happy to geofence my card-present spending, and say if the card is truly present or used via Apple Pay (a form of physical presence) outside of that area, it should require additional approval. Likewise, I want to approve my first transaction with any online site. Those two measures alone would vastly reduce fraud (a cost to banks and consumers) and hassle (mostly born by consumers).
Apple Pay fraud isn't in your hands, and it's not fraud with Apple Pay. You can stay alert with iOS and email, and head off card theft, whatever its origin.
Sign up for CIO Asia eNewsletters.