Fraudulant card use

[mikeford2002uk]

Purchased some model items this week from a well known southern England parts supplier by phone. On the same night my debit card details were used fraudlantly to try to buy some electrical goods amongst other things

 

Obviously not naming names just wondered if anyone else has had any problems this week - ofcourse my card may well have been scanned some time ago and the model shop purchase was just a coincidence - I would obviously like to think so

[Guest baldrick25]

Purchased some model items this week from a well known southern England parts supplier by phone. On the same night my debit card details were used fraudlantly to try to buy some electrical goods amongst other things

 

Obviously not naming names just wondered if anyone else has had any problems this week - ofcourse my card may well have been scanned some time ago and the model shop purchase was just a coincidence - I would obviously like to think so

Did you use the card at a petrol station in the few days before that?

[Kris]

Similar occurrences have been reported before. I don't remember which model shop, or the area that the shop was in. (If I did I would not be naming either) I also can't remember what the conclusions were as to whether it was the model shop at fault or from elsewhere. As has been said it may have been a coincidence that the attempt was made on the same day.

[Guest dilbert]

Some plastic cards on my principal account were cancelled last week by my bank due to fraudulent activity that originated in the UK - where and how this occured is another problem, but it is certainly annoying....

 

in a world where Internet electron generated txns can be cleared in a few seconds and yet when it comes to contesting txns which are obviously fraudulent, the bank insists that I go on a paper trail ; to the local police station and complete legal formalities, then onwards to bank and pick up a pile of forms that I have to complete and post to the bank security agency... in the meantime while some of the txns were stopped, some have also hit my bank account and await a credit (which can take up to sixty days to arrive)... the bank manager has noted my displeasure - we'll see what happens.

 

I have come to the conclusion that using plastic cards for mail order related (telephone or Internet generated) business is total crap - and from now shall use PayPal only... whilst I feel sorry for businesses that get caught up in this type of sh1te (because eventually they pick up the tab), the last time this type of fraudulent activity happened to me, it took three months to clear up.. any business that will not accept PayPal will now find that they will not receive orders from me ...dilbert

[38c]

Only this week I was informed by my bank (Lloyds) that an attempt was made to use my card. £600 plus Ryan Air. My bank stopped it thank goodness.I had purchased some goods from a model supplier just hours before.Now Im getting emails claiming to be form the bank but they go to the spam folder.I want to open them but how do I know they are the real thing.My card never leaves my home and sit in a drawer.

 

Regards Dave

[deltic79]

Some plastic cards on my principal account were cancelled last week by my bank due to  fraudulent activity that originated in the UK - where and how this occured is another  problem, but it is certainly annoying....

 

in a world where Internet electron generated txns can be cleared in a few seconds  and yet when it comes to contesting txns which are obviously  fraudulent, the bank insists that I go on a paper trail ; to the local police  station and complete legal formalities,  then onwards to bank and pick up a pile of forms that I  have to complete and post to the bank security agency... in the meantime while some of  the txns were stopped, some have also hit my bank account and await a  credit (which can take up to sixty days to arrive)... the bank manager has noted my displeasure - we'll see what happens.

 

I have come to the conclusion that using plastic cards for mail order related (telephone or Internet generated) business is total crap - and from now shall use PayPal only... whilst I feel sorry for businesses that get caught up in this type of sh1te (because eventually they pick up the tab), the last time this type of fraudulent activity happened to me, it took three months to clear up.. any business that will not accept PayPal will now find that they will not receive orders from me ...dilbert

 

My Visa card was cancelled by my bank on Tuesday evening when trying to make an online purchase as the Falcon system at the bank had flagged it up as fraudulent and they didn't trust that it was me trying to make the purchase. This is second time I've had my card cancelled in the last 12 months which is annoying but I have other cards to safeguard against such events and against bank systems going down (there's nothing more annoying or embarrassing than scanning your entire week's grocery shop though the till only to have all your cards declined at the checkout because your bank's payment system is down - I now make sure I have a couple of cards from different issuers (i.e. visa and mastercard) and banks). I guessed what was happening and used another card to complete the transaction, just prior to the bank's fraud team calling me. The previous time I had used the card was at Model Rail Live where I made two large purchases with a couple of the traders. This on its own may have caused my account to be flagged as showing unusual activity that was out of character and resulted in it being monitored. I very much doubt any fraud was the result of traders I dealt with and I have no evidence to suspect them. A big problem are the wireless keypads that are poorly encrypted and can apparently be easily intercepted by criminals with the right equipment. Restaurants are particularly prone to this. Perhaps one was at work sat in the car park at Barrow Hill.  More likely my card details were stolen some time ago and having been sold on have just got around to being used fraudulently.

 

 

I would recommend that all online and telephone transactions (i.e. card holder not present transactions) are made using a credit card. Both Visa and Mastercard have very good chargeback procedures in place with banks and being a credit, rather than debit card, means you're very unlikely to be out of pocket during this process as payments are always in arrears (its usually around 50 days from the first date in the billing cycle to the final payment date). Though it does sound like you've been unlucky enough for this to happen. Using a credit card you're more likely to find that you're credited a fraudulent transaction while the enquiry takes place, rather than be credited after the conclusion of any enquiry but again it sounds like your bank has chosen not to do this. Additionally, any transaction over, from memory, £100 has added insurance and protection from Visa and Mastercard (for instance if you've been shopping and your car is broken into and goods are stolen the card issuers will cover purchases over £100, or certainly used to). I'd also recommend that you link your Paypal account to your credit card rather than a debit card or your bank account as this gives you added protection in case your Paypal account gets hacked (if you're as lucky as I am you'll find that you receive an email at least twice a week trying to tempt you to handover your Paypal logon - today's so amateurish it was most amusing  ) . Also, hinted at in an earlier post, petrol stations are renowned for card fraud so I only use a credit card at them and make sure I definitely cover the entire keypad when entering my pin to avoid any overhead cameras picking up my keystrokes (a known danger). Finally, as an aside, with regard to ATMs, those mounted externally at supermarkets are the most frequently targeted by fraudsters so be aware.

 

A lot of the above is common sense, but thought if it helps just one person, it will be useful.

 

 

[F-UnitMad]

The only two times I had this happen to me was before I was on-line..!!

The once my Bank actually called me while the transaction was going through to check it was me buying £500-worth of stuff at Carphone Warehouse... it wasn't. They still let it go through in an attempt to trace the criminals (and cancelled the card immediately after), but I didn't have any problems being refunded.

The second time it happened I found out when using the cashpoint outside the Bank, so I went straight in to report it, and show them I still had the card. The woman at the desk said she had had it happen to her too! If the people who work for the Banks aren't immune, what chance the rest of us..??!!??

[mikeford2002uk]

Thanks for the replies everybody! Advice taken onboard - I usually do use credit cards for online/telphone transactions but in this case (because the sum was quite small) felt that a debit card was more appropriate!I did use the card to withdraw from a ATM 3 days prior to the fraudulant activity but it wasn't used again until the model parts purchase (and that was the only use on that date too). My bank actually spotted the fraud before me (buying a TV at 1am!) and so far, everything I've found has been credited back to me very quickly so I really can't complain about Santander for this.

 

As I say if anyone has purchased any Hornby spares from a Southern England shop recently do check your bank statements online if possible - and as I also say it could well be a horrible coincidence! At least I'm saving money because drawing cash is fraught with all sorts of difficulty at the moment!

[Guest Max Stafford]

Curiously enough, I got a phone call from Egg security yesterday and some cheeky b'stard tried to do a transfer to an HSBC account for 2K+! Still, the Egg boys were switched on enough to spot it as an unusual and moody transaction. I generally only use the card for small on-line purchases and as a result of their vigilance I'm spared a bit of grief, even though my old cards are blocked. The replacements actually arrived today. This is the primary reason I only purchase on-line via credit card and not my bank card. It helps contain anything dodgy and generally keeps it away from my bank account!

Anyway this is a big shout out to the guys and girls at Egg for a job well done!

 

Dave.

[Accurascale Fran]

Wow, seems to be a lot of this happening this week. I have been done over too, and it looks like it was a UK model shop too. Investigations are ongoing at the moment and info has been handed over to the police. Seems the ones who done me over were none too smart in the end. I dont want to say too much as it has yet to be 100% confirmed but right now all the evidence in hand is stacking up that way. A real shame, but spineless thiefs should always be punished.

[Gwiwer]

A lot of dubious activity does take place and it goes on all the time. Basically the two words "Buyer Beware" apply to all transactions. Often when a business is implicated it turns out to be a single rogue member of staff and without the sanction or knowledge of the business owner at all.

 

There may well be 128-bit encryption for online purchases but that alone does not prevent your details being harvested at some point, sold on for illicit gain and then misused for further gain. Guess who can end up wearing the cost? At least a decent proportion of those times will be flagged as "unusual activity" however and the posts above indicate that the financial institutions concerned can and do instantly step in at times if they receive an alert.

 

I operate two credit cards. One is never used for online purchases and the other only for those. They link to different accounts. I also use an EFTPOS (or debit) card but only for over-the-counter transactions and cash withdrawals. None has ever given me a problem. I do however take a moment to call the card company before I make an overseas trip or a large or out-of-character purchase and they have always thanked me for doing so. Once or twice they have rung back later to confirm it was me as well. Top marks.

 

It takes only a few minutes (once any call queue is cleared) to advise them that you might be making purchases in Liberia and Peru over the next six weeks when you normally only purchase from Liverpool but they do appreciate the calls and it adds to your own peace of mind.

[Tim Chambers]

Thanks a lot for the post mikeford- I guess I've been lucky so far with no problems with card use, but from now on it's credit card for 'phone and t'internet use! Many thanks to all contributors too, what an incredibly useful resource is RMWeb! Best wishes, Tim.

[Guest Dave.C]

I have a card that is not linked to my main bank for internet use.

 

 

There was an attempt to use it last week in which the fraudster got the expiry date wrong which tends to suggest that the number had been bought at some stage.

 

 

Bless the bank, they sent messages to both my home and mobile numbers to check authenticity.

 

 

[Accurascale Fran]

A lot of dubious activity does take place and it goes on all the time. Basically the two words "Buyer Beware" apply to all transactions. Often when a business is implicated it turns out to be a single rogue member of staff and without the sanction or knowledge of the business owner at all.

 

 

This is very true, and I am thinking this is what has happened in my case, especially since the shop itself has had some very positive testimonials (including on here). It was my first time buying from them, and alas, will also be the last. Sad state of affairs. The way i operate my online purchasing means that their is never a massive amount of money in the account to be nicked, and my money has since been returned in full, but its still bloody annoying!

[MarstonVale]

had someone in the US try and put through $2. Had a call from my bank asking if i had made this purchase. They stopped the card and didnt authorise the payment. Must have been a test to see if it would go through, then probably try a bigger purchase. I reckon the card company has had data lost or stolen for this to come about and to effect so many modellers!

[Dalesman]

In addition to the above, some useful points to bear in mind as well:

 

1) Always make sure that your bank/credit card company has up to date contact numbers for you - so many people forget to do this when moving;

 

2) If your bank offers it, set up text/e-mail alerts that tell you if there is an overseas transaction, also if your balance drops below a specified amount (which happens to me when I go near a model shop!!!);

 

3) If you are going abroad even for just a weekend, let your bank know. They can put a "holiday flag" on your account for the dates you will be away that stops you being stuck abroad with no access to cash or means to pay your living costs!

 

4) Avoid checking your accounts online at a shared computer (Internet Cafe and such), as these are known to be targeted by organised crime gangs. If you must use a shared computer, make sure nobody can oversee you entering your log-on details and at the end of your session, clear all password details and saved forms;

 

5) Always use a cross-cut shredder or better when disposing of your personal details, even shred old bank/credit cards as fraudsters have been known to be able to read the chip from a card cut up with scissors;

 

6) Go to your bank's official website and read up on the recommended security precautions!

 

Better safe than scammed!

 

Chris

[tetsudofan]

I review the details of my credit card on a regular basis and noted last Monday that there was an unaccounted balance of £1.00 on the account.

 

On Wednesday the VisaCard Fraud people phoned to verify a couple of recent transactions on the account - a £1.00 charge from Google and £30.00 from Vodaphone both of which were not originated by me. The account was frozen and a new card etc. is in the post. Not sure if it's related but I did get some diesel from a Shell station on October 18.

 

The same thing happened a year or so ago with a couple of small transactions - again involving a mobile phone shop. Obviously fraudsters like to use mobile phone shops.

 

Last year got a phone call from Very (the new Littlewoods) to confirm that I had opened an account with them and arranged to have a £700 delivery sent to an address in South Wales (whilst I live on the SouthEast coast!!). I told them I had not and that was the last I heard from them. No credit details were involved in this transaction but somebody had got hold of my name, address and date of birth and opened an account on my behalf.

 

Whilst it's annoying that this is all going on it's good to know that the credit card companies/store account companies are getting more on the ball and spotting and confirming unusual looking transactions.

 

Keith

[Gwiwer]

The small-value transaction is a very good indicator of fraudulent intent. Very few of us use cards for such small amounts as 1 or 2 units of our local currency, certainly not of another currency. Most card issuers will immediately pick these up and refer to the cardholder.

 

The intent is to see if the details the fraudulent user has actually work before attempting a much larger purchase. If they do then chances are they might get away with a hefty cash withdrawal; if the small amount is blocked then they probably bin your card as a secure one of no value to them.

 

If the harvested (read "stolen" if you like) details were used for a large transaction straight off it can lead to the offender being identified at point of use if the transaction is declined. That is not what they want!

[Garry D100]

I have come to the conclusion that using plastic cards for mail order related (telephone or Internet generated) business is total crap - and from now shall use PayPal only

 

Don't assume PayPal is any better.

 

I have had 2 cases of fraud on my PayPal account in the last 18 months.

Money was sent from my PayPal account without me knowing.

Even the receiver emailed me to question it.

PayPal sorted it all out in my favour in both instances, but don't assume its anymore secure than any other electronic payment method, becuase from experience...its not.

 

Three things I do to help though.

 

1. My Paypal account is only linked to my credit card. I no longer allow PayPal to debit my current account.

2. I keep my credit card limit low. I used to have something silly like £6k but brought it down to a few hundred. Thats all I need and it stops any larger unauthorised amounts going through.

3. On Paypal there is an additional feature not a lot of people know about. To help with keyboard recorders getting your user id and password, it can also send a unique pin to your mobile phone.

This is new each time you generate it, so if someone has your id and password, they would also need your mobile phone.

[Lady_Ava_Hay]

A big problem are the wireless keypads that are poorly encrypted and can apparently be easily intercepted by criminals with the right equipment. Restaurants are particularly prone

 

Not quite. Restaurants are notorious for allowing card details to be leaked. They are sometimes paid to do it and there is a card reader somewhere that is literally logging your card details from a a mobile phone SIM that is in the card reader. Apparently, it is so difficult to prove as a crime that it is rarely reported. At the same time, and it also applies to petrol stations that go this route, the CC clearers are aware of these sites and monitor their transactions so that your card is in a reporting phase so that they can pick up unusual activity. Remember that your online transactions are coming from the same place all the time. these fraudsters are forced to use public sites and these are readily identifiable as are the transactions that they attempt to do. They are always big ticket and easily sold on merchandise.

 

These restaurants and petrol stations are nearly always within a few months of ceasing to trade. They lose their credit card licence and open up a week or two later under 'new' ownership.

 

if you're as lucky as I am you'll find that you receive an email at least twice a week trying to tempt you to handover your Paypal logon - today's so amateurish it was most amusing

 

Luck is the wrong word. You almost certainly have some sort of Trojan or key logger in your computer. This is how they know you are logging on to PayPal but the PayPal security prevents them from seeing or being able to capture your log-in details. They will also know of your interests by which sites you log on to.

[60B]

 

Last year got a phone call from Very (the new Littlewoods) to confirm that I had opened an account with them and arranged to have a £700 delivery sent to an address in South Wales (whilst I live on the SouthEast coast!!).

 

Funnily enough, something similar happened to me a few months back. RBS were very good about it all. Its only happened the once. I'm always wary about credit card machines as the staff have acess to most if not all the details required to pilfer money.

[bennyboy]

One partial solution to the problem which I use, is to buy one of those credit cards that you "charge up" with just the amount of money that you want to spend, so at worst if thieves do get your card numbers they can't spend more than a few quid on your card. Paypal used to do one, they aren't accepting any new applications for it anymore, but I'm sure there are other ones available.

[Gwiwer]

Funnily enough, something similar happened to me a few months back. RBS were very good about it all. Its only happened the once. I'm always wary about credit card machines as the staff have acess to most if not all the details required to pilfer money.

 

There comes a time when you have to trust someone. It simply isn't possible to carry out financial transactions in complete electronic anonymity and the closer we get to that the less secure we are thanks to the activity of hackers, data miners and the like. Bank staff are scrutinised and screened very thoroughly but can still be the source of a leak of information.

 

I also have access to the personal details of others enabling me to misuse their cards for personal gain. That is an essential, though small, part of my job which is not connected with banking in any way. In order to verify the caller I need name and address and I then require card number and expiry date. I also require two more pieces of information; if I discussed the full details here I might be in breach of contract. But payments cannot be made until this information is provided and verified so the caller must place their trust in the professionalism and integrity of the person they are speaking with.

[jonhall]

There have been several suggestions on here about splitting purchases across accounts, I wonder if the banks have ever considered issuing multiple cards for one account.

 

In my imagined program you would have one card for fuel - could only be used in you home country and only in a petrol retailer (not sure how easy that would be to filter) perhaps instead with a limit that you could set to relfect the size of your tank, you set a limit of £x per transaction.

 

The second card could be a 'weekly shop' that could only be used in supermarkets in your home country, and again the limit would be set based on your usual spending pattern, a large family would have a different maximum than a single person.

 

the third card would be a 'big-ticket' card, only used if you are buying something expensive, with maybe a minimum transaction limit, but perhaps requiring a more thourough verification process.

 

You could extend this to internet only cards, or overseas cards, or this place looks a bit dodgy phone me to confirm cards.

 

Cloning a card would limit what that data could be used for. If the 'fuel' card was cloned (and that where I think mine was done 18m ago) then at least it couldn't then be used for buying £900 of euro's at a Post Office.

 

Jon

[Jenny Emily]

The thing is that you can be as careful as you like, and criminals can still get hold of the details. A number of years ago I received a statement for my credit card that showed it maxed out to the £1500 limit. I felt this was quite hard, given that I had never used the card in ten years of having it (it was for emergency use) The card remained in my purse.

 

The amount was for renewal with a big insurance provider for two different sets of car insurance. My bank were a little irritating at first (asking all the usual thicko questions like "Are you sure you haven't let some-one else use it?" - like I make a habit of renewing complete strangers' insurance premiums). I percevered and - as it turned out - it was the bank's call centre that had been the source of the problem, with one rogue employee who had been selling account details on the sly. The money was, of course, refunded in full and I still have the grovelling apology letter somewhere. But it shows that no matter how careful you are, there is a way for criminals to get your details.