Credit card Fraud

Paul_Varjak

I logged onto my bank account today only to find an unauthorised transaction for around £550 that went through two days ago. I rang my credit card company who have now cancelled my card.

Fraudsters also tried a larger transaction yesterday for over £1700 but this would have taken me over my credit limit so the transaction was declined.

Although the fraudster(s) used the same card details (including valid CVV and expiry date) they did not use my name. So, it seems that my card details were not compromised in a previous transaction but my some credit card number generator!

Having contacted both merchants, I now have a delivery address for where the goods were to be despatched and have passed this onto my card company and the Police. Let's hope they catch the culprits!!!

My card company will refund to my account and I have taken the additional step of reducing my credit limit.

borders_dude

Thousands of people do this each day but dont come onto MSE to tell the world.

Credit card fraud is part of modern society, we need to learn to live with it.

Paul_Varjak

Sorry borders_dude if such information about fraud is not useful to but in the fight against crime knowledge of how these crimes work can help protect the innocent. I am the innocent party in this and I am sure you would feel pretty much like I do if you fell victim in similar cicumstances.

You see to fail to notice the purpose of this site and hundreds of other victims have also said on MSE how they have fallen victim. By speaking out the bsnks, credit card companies, payment processors and the government will eventually have to bow to public pressure.

The guy I spoke to at the credit card company says this type of fraud has increased by 200% in amatter of months. So there are two simple steps that can be taken to reduce fraud from credit card number generators. The first is to close any unused credit card accounts and the second is to reduce the card limit on card accounts you do use.

Two weeks ago I realised my card limit was way in excess of what I needed and if I had taken steps then I would not have fallen victim to this crime. So please refrain from making such idiotic comments in future!

ElkyElky

I doubt a credit card generator was used in this situation. The expiry date and CVV isn't tied directly to the card number so if they did generate a valid card number, it would be virtually impossible for them to get the expiry or CVV.

There is no tool or magical way for anyone to get a CVV number by using the credit card number only.

Even if they tried every possible combination of the 3 digit number, they would have to tackle the 4 digit expiry, and try each combination on a retailers website to see if it's valid or not.


Could have been a corrupt credit card company staff member or even a dodgy pin terminal.

Edit: Credit card number generators only generate a random set of numbers according to the algorithm used. The number generated is mostly invalid and could take some time to "find" a valid number, and it could be quite time consuming to test each number with a retailer.

DrScotsman

ElkyElky wrote: »

Could have been a corrupt credit card company staff member or even a dodgy pin terminal.

Isn't the CVV number the number on the back of the card which is not embossed and is not stored on the card itself (stripe nor chip)? Can't be a machine then, unless by dodgy you meant there's a camera underneath it (if that even works)

ElkyElky

DrScotsman wrote: »

Isn't the CVV number the number on the back of the card which is not embossed and is not stored on the card itself (stripe nor chip)? Can't be a machine then, unless by dodgy you meant there's a camera underneath it (if that even works)

Yeah, I don't think it's stored on the cards strip or chip. Someone would have to physically see it to obtain it, unless you've entered it onto a dodgy website.

Fraudsters have came up with some pretty genius ways to obtain such information, it wouldn't surprise me if they are using modified terminals with cameras and such to obtain that sort of information, including the pin number.

bingy_burge

borders_dude wrote: »

Thousands of people do this each day but dont come onto MSE to tell the world.

Credit card fraud is part of modern society, we need to learn to live with it.

A warm welcome to MSE ::

Sorry not all trolls here.

I have luckily never suffered from it but its seems a genuine post to me.

Not like the op is complaining there bank rejected a cheque book from an old acc closed years ago which do seem a waste of board space imo.

Paul_Varjak

ElkyElky wrote: »

I doubt a credit card generator was used in this situation. The expiry date and CVV isn't tied directly to the card number so if they did generate a valid card number, it would be virtually impossible for them to get the expiry or CVV.

I would agree with that. I was just stating what the person in the security department at my credit card company thought how it may have been done. I challenged him exactly on the same point and he insisted card numbers, CCV numbers and expiry dates could all be generated (at least by trial and error)

ElkyElky wrote: »

Could have been a corrupt credit card company staff member...

That is the thought that came to my mind. I made three small online transactions with the same company in the space of two weeks. The third transaction was blocked by the card company and I did think to myself may be someone at the card company then used my card details (or sold on my details) to make a fraudulent transaction. It would then look like I was 'testing the waters' with my 3 genuine transactions so that the blame could be laid at my door when the fraudulent transactions occured.

ElkyElky wrote: »

Edit: Credit card number generators only generate a random set of numbers according to the algorithm used. The number generated is mostly invalid and could take some time to "find" a valid number, and it could be quite time consuming to test each number with a retailer.

The guy I spoke to in the security department at my credit card company told me exactly the same! That is why I then asked him how many attempted fraudulent transactions thee are each day. His response was that he personally deals with 50-60 each day.


What I have now been told by my bank (who also supplies me with the credit card) is that there are name and address checks for online debit card transactions since monies associated with debit cards actually belong to the card holder. In other words, the verification of names/addresses for credit card transactions may be somewhat more lax - depending on the payment processor used by the merchant.

So, maybe it is matter for the innocent party (such as me) to balance the protection given by S.75 of the Cosnsumer Credt Act (1974) for credit card purchases against the seemingly better fraud security for debit card purchases (which, unfortunately, don't have S.75 protection).

Personally, I would only use VISA cards anyway, since I think they are the only debit/credt cards that offer a simple chargeback system.

I am now ceasing my existing VISA credit card and looking for another VISA credit card for online purchases only (where a new Card number is generated for each transaction). Any ideas anyone?

ElkyElky

Paul_Varjak wrote: »

I would agree with that. I was just stating what the person in the security department at my credit card company thought how it may have been done. I challenged him exactly on the same point and he insisted card numbers, CCV numbers and expiry dates could all be generated (at least by trial and error)

I think he was wrong to suggest thats what could have happened. 5-10 years ago, that kind of fraud would have been easy to commit. Once the fraudster found a valid credit card number, they could buy whatever they want.

Even the most determined fraudster wouldn't use this method anymore because of the CVV and expiry numbers. It's very near impossible.

When buying from websites, if you've entered incorrect payment information, merchants don't usually specify which piece of information is incorrect, they just say "Your payment details are incorrect. Please re-check the payment information." or something of the sort. So the fraudster would never know if he got the CVV or expiry correct.

Your banks security department would have known all of that so to even suggest thats what could have happened, the guy you were speaking to clearly doesn't understand how fraud works.

You mentioned they never used your name. I'm quite surprised the transactions were authorised since merchants always ask for the card holders name. Something doesn't add up.

Paul_Varjak wrote: »

am now ceasing my existing VISA credit card and looking for another VISA credit card for online purchases only (where a new Card number is generated for each transaction). Any ideas anyone?

No idea but what you can do is open a basic bank account. Whenever you plan to purchase online, you can transfer the amount you need from your main bank account into the basic account and use that for buying. At least if anyone tries to commit fraud with it, your balance will be £0 and your main bank details will never be exposed to any websites.

Dirty_Dave

borders_dude wrote: »

Thousands of people do this each day but dont come onto MSE to tell the world.

Credit card fraud is part of modern society, we need to learn to live with it.

Many think it won't happen to them or don't even like to think about it so if/when it does happen then it is naturally a shock. I know I wouldn't be like "oh well, it's only credit card fraud, it happens all the time." I'd be mortified and worried what other information they had. I'd probably be rather annoyed and would probably share it with others online and offline.

moonrakerz

Paul_Varjak wrote: »

Personally, I would only use VISA cards anyway, since I think they are the only debit/credt cards that offer a simple chargeback system.

The protection offered is really quite simple - BUT - the banks try to make it difficult so that they can offload as much fraud as possible onto the customer.

If fraud occurs on a Credit Card, the card issuer has to prove that the card holder was to blame. ie: gave someone his PIN, had his PIN written on the card - don't laugh, people do this !!!! This is in the Banking Code which all the card issuers have signed up to.
All the card holder has to do is report the fraud to the card issuer - and DO NOT pay any of the fraudulent amount - it is the bank's problem and their money !
If the bank tries to say it is the customers fault - report the bank to the Financial Ombudsman immediately.

Fraud on a Debit Card is different. This time it is the customer's money that has been used.
There is NO legal duty on the bank to refund this money. However, VISA (and Mastercard are considering this) have a voluntary scheme whereby they will refund the money. BUT - they will do their best to say that it was the customer's fault to avoid paying.
If you do eventually get the money back, fine, but in the mean time you have had to make up the missing money to pay your bills etc.

A far safer way to safeguard you money is NOT to confine your spending to a VISA card but to reduce the use of your Debit Card to an absolute minimum.
Use it in ATMs, Government Websites and possibly big supermarkets. Don't EVER use it in back street garages, shops etc - especially abroad.

The rest of the time use your Credit Card. If you worry about running up a big bill, do what I do; pay for something on my credit card, go home and transfer that amount from your current account to the credit card.