Barclaycard login details compromised

skybluesaver

Hi all. Hoping you can help as i'm in abit of a state at the moment.
Just logged onto my Barlcaycard & found my online account had been accessed at a time when i was in bed.
I'm very strict with my security, have the latest security suite & updates & the sole account holder.
I've just called customer services to report this & they've reset my account details.
Is there anything else i should be doing?
Your advice would be much appreciated.

hullight

Run a security check on your computer to check for viruses/keyloggers etc.

Try http://free.avg.com/gb-en/homepage

I know you say you have up to date security, do a scan as well.

If you use wireless internet make sure it's secure, maybe change the password just in case.

skybluesaver

Ok. I haven't got wireless as i don't trust the security especially with online banking

Degenerate

skybluesaver wrote: »

Hi all. Hoping you can help as i'm in abit of a state at the moment.
Just logged onto my Barlcaycard & found my online account had been accessed at a time when i was in bed.
I'm very strict with my security, have the latest security suite & updates & the sole account holder.
I've just called customer services to report this & they've reset my account details.
Is there anything else i should be doing?
Your advice would be much appreciated.

Just keep a close eye on the transactions on your account.

It's quite possible that Barclaycard's notoriously flaky website was lying to about the time of the last login, and your account hasn't been compromised at all.

skybluesaver

Thankyou. I'll keep a close eye on all activity. Reset all details now.

VictimOfImpersonation

... and you might want to sign up for a Credit Referency Agency alert service which might let you know if anyone has more than just your Barclaycard details now, and tries to use them to aply for new credit. At the very least I suggest you sign up for one of the free trials to get an immediate look at your own Credit Reference file i.e. at www-dot-creditexpert-dot-co-dot-uk (which is Experian) or www-dot-equifax-dot-com.

I am not saying it has happened this way with you, but fraud against me started off with obtaining an online credit report paid for using a card apparently in my name and registered to my address(probably one of the flakey security prepay mastercards). The CRA which released my entire CR file to the fraudster was Call Credit. I think they have tightened up since, thank goodness. Once the fraudsters bust in to one website they might easily use what they found there to help them bust in somewhere else (so changing your security details might still leave you vulnerable in other ways). Did they for example manage to change your address for billing whilst online (not sure if Barclaycard allow that, but worth checking) - if so, then they might already now be in possession of a Barclaycard bill in your name (but at some new address to suit them) which could help them impersonate you to obtain credit elsewhere. I am sure Barclaycard would have checked such and told you, but these things happen.

In my case, after they got my CR file as an aide memoire, the fraudsters did not bother to change my address as they had obviously found some way to intercept my post anyway. They therefore immediately set about reporting various of my cards lost or stolen and intercepted the new ones as they arrived. From obtaining the CR file, to triggering new cards and intercepting them, to registering the new cards online and starting to spend successfully in electronics stores and ATMs up to the limit was less than 7 days.

I did not find out about the fraudulent (successful) online application for my CR report a whole 3 months later. I spent a long time wondering how the hell I might have been vulnerable, and it turns out that one of the main weak points was my personal data held supposedly securely by a CRA.

Like you, I am very careful with my online security, but sadly those whom we should be able to trust most i.e. the CRAs and the banks are not thesedays as careful as some of us.

izools

Download and install Trusteer Rapport atop your existing internet security if your bank supports it.

I've been using it for a couple of years and it works seamlessly with Firefox and IE, very light on resources, and seems to do the job. Couldn't hurt

VictimOfImpersonation

For added online protection I agree with Izools. I use Rapport for all Internet sites that require the use of passwords even MSE and webmail, not just banks. It certainly stops you in your tracks if you enter a sensitive password from one site into another e.g. phishing website by mistake, and since it somehow does that (and warns "You are about to enter password used previously in the Barclaycard website into a new website - are you sure you wish to continue?") I believe it confounds some types of keylogger trojans by somehow blocking the way the keylogging is recorded/hijacked.

Once you have marked a website as protected by Rapport (there is a little unobtrusive box with an arrow in it that sits continuously at the end of your browser address drop down box) it remembers it irrespective of whether you delete cookies etc. and on a safe protected website the box turns a reassuring green before you enter any data.

You do however on some sites need to protect twice, because the initial webpage entry screen may be on a separate server to subsequent pop-up pages. The second server can very easily be protected by clicking on the aforementioned address box on the first occasion the pop-up window appears.