MSE News: Bogus mobile top-ups could spell greater fraud danger

sugarmuffin

Geoffo_M wrote: »

I don't understand this either. I think that now these crimes are not reported to the police, and it's left to the banks to sort out, there is no incentive on O2 to improve their security. After all, as it stands, they stand to win as they attract fraudsters to "acquire" their products.

Hi guys, I reported mine to the Police and they gave me a log number. Maybe if more of us did this, we might get somewhere

withabix

I got scammed with this two weeks ago on my Barclays Connect card:

1 @ £30 to O2
2 @ £50 to Vodaphone

jrgart

I can see I am not alone here. Had an 02 30.00 prepay decducted from my account last month. I wouldn't have actually known about this, but when I had payments rejected Halifax confirmed they had put a block on my account because of two suspicious transactions of £5.00 each. Then I noticed this prepay transaction.


Like others here, I am concerned about how my details were taken. I am extremely careful about having my card safe. I did read somewhere that this was likely through card skimming on ATMs - this is the only way I could see my details being taken.

withabix

O2 are effectively complicit to the scam becuase they don't use Verified by Visa/Mastercard service on their website.

I assume Vodaphone must be the same as well.

Because of this defect ob the websites, all the thieves need is your card number CVV and expiry date.

My main suspicions lie with Litt***oods, although my card was possibly compromised at a Ba**elo hotel in Fuerteventura - the ONLY place my card was used on a holiday I was on two weeks before these transactions took place.

bankmanager

sazziecee wrote: »

Am off the phone now, they are sending me some forms so they can investigate it on my behalf, and are also sending me a new card out.

Off out tonight for a family meal so gonna have to go to town to get cash out over the counter which is a pain, but at least I don't have any more cheeky beggars topping up their mobile using MY money.

Anyone have any idea how it happens? My card never leaves my bag and I only use it at supermarkets and to pay online bills for catalogues etc. Although I have used it at petrol station "pay at pumps"

grrrr some people! am just glad I am having a "tight" month and so checked every transaction this month

Very likely that a post office worker could have scanned the details whilst it was in transit, then delayed using them so as not to be suspicious.

VVV_2

I have also been a victim of this...

5th May £30 MIPAY TALKMOBILE T BROOKWOOD SUR
1st April £30 MIPAY TALKMOBILE T BROOKWOOD SUR
16th January £30 O2 (UK) PREPAY SLOUGH
9th October £30 O2 (UK) PREPAY SLOUGH

So that was £120 over a period of 6 months.

Canceled my card today and the banks fraud team are investigating it.

horleygirl

I too have been scammed on my HSBC current account for £30 to 02(UK) Ltd prepay Slough on 5 May 09. Fraud dept. of HSBC said my Maestro card details were actually used at 6.30 am on 1 May 09. I usually check my online account nearly every day but have been on holiday this week. The same thing happened to me on my John Lewis Mastercard last October. I am so security conscious that it must be dishonest staff during purchases or clearing houses in banks or call centres. Never use a debit card at petrol stations only a few shops and ATMs for cash. Only use Verified by Visa on the internet now on encrypted sites. Have also posted my details on Watchdog. Let's hope something gets done, as the banks seem keen to point the finger at all of us and we have the inconvenience of waiting for a new debit or credit card to come through. What sentences do these scammers get? A smack on the wrist and promise not to do it again? I have had my cards compromised 4 times in the last year and they have been in my wallet at the time. Fortunately, I have been refunded the losses.

Blah99

I rarely venture out of the investment forum, but spotted this thread today whilst posting on the Natwest/Moneysense topic.

I can give you an explanation as to what's happening here. First, your cards are not being "cloned" (ie: skimmed) in the traditional sense. This is not happening because you've used your card in a tampered ATM, or because a shop assistant has skimmed your card whilst taking a payment. It's also not Paypal's fault, or any of the other companies that have been mentioned.

The cause of this issue is to do with how purchase transactions are validated by some retailers, and a piece of software fairly well known in the fraud world. I won't explain exactly what it is on a public forum, but it exploits how credit and debit cards are issued. As you know, all credit and debit cards have the same structure of data on them. This is a common standard known as ISO7812, and it defines how the data is structured and stored. Using certain techniques and software fraudsters are able to generate huge numbers of card details, which they then use in test transactions to check validity.

This is the cause of the O2 purchases people are seeing. Whilst it is possible that your card has been skimmed and this has happened, it's unlikely. A known working card wouldn't be used against a tiny test transaction - it would be hit for a significant amount, because it's "known good".

The bad news is that you have to get your card changed (so that the account number etc changes). The good news is that this is not identity theft, and people aren't running up charges on your credit that you can't see.

Hopefully that helps people. O2 are somewhat at fault for having a poor purchase authentication mechanism, but if it wasn't O2 it would be someone else (remember when Jeremy Clarkson published his details as supposed proof against ID theft, and someone still managed to send a payment to a charity from his account).

kidd78

I've just checked my account today and only spotted the 02(UK) Prepay Slough £30, I am with o2 for broadband and my wife has a o2 pay as you go phone but she never tops her phone up more than £10 at a time.
I am very concerned about this and noticed the money was taken out after I used the Tesco Pay at the Pump machine.
Im going to contact the bank and o2 about this first thing. Does Maestro reinburst for fraud payments? oh yes I am with HSBC and I do have a paypal account.

I only stumbled on this by doing a google search.

Very annoyed if its the pump pay machine as I usually check if theres any "stuck" on card scammer and even the cash machines too. :mad:

24th April 09 - O2(UK)PREPAY - £30.00

dazzaofdagenham

Having been a victim here..

Where is the money going ? Surely O2 know what phones are being topped up by this fraud money ?

Are they stopping these numbers ?

darren