We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Warning- Barclaycard possible security risk.
Options
Mrs_Money
Posts: 1,602 Forumite
in Credit cards
My Barclaycard credit card has recently been used fraudulently, a few transactions went through, but fortunately not the really big one. I now have to wait for a new card as, of course mine has been cancelled. I was not informed of this fraudulent transaction - or the fact that my card had been cancelled and had to find out the worst way (days after the fraud) when I went to do the shopping.
However, the really alarming security risk here is that the fraudster was able to log in to the "My Barclaycard" section of Barclaycard's website - something that I have never done (and there, possibly is the security weakness). I don't use this to manage my credit card - never saw any need to and nor did my DH for his card.
The Barclaycard fraud team assured me my details must have been gleaned from some paper details that had fallen into the wrong hands (not from me - I keep all securely or cross-shred everything) BUT bearing in mind, the fraudster was able to change the address on my account, the phone number and insert an email address, we were concerned.
So, my DH decided he would register his card with the site - just to see how many details were needed to do so. Plus he thought if he registered it might stop any future fraudulent activity!
He discovered they need the credit card number (obviously), expiry date, holder's birthdate, the 3-digit security code from the back of the card and credit limit!
So - how did anyone get hold of all those details and log in as if they were me?
We could rack our brains for years and still not come up with the answer - and Barclaycard are not going to admit there may be a weakness in the system - makes you think though - may be it could be the best idea to register with the site - I just thought other people should know.
However, the really alarming security risk here is that the fraudster was able to log in to the "My Barclaycard" section of Barclaycard's website - something that I have never done (and there, possibly is the security weakness). I don't use this to manage my credit card - never saw any need to and nor did my DH for his card.
The Barclaycard fraud team assured me my details must have been gleaned from some paper details that had fallen into the wrong hands (not from me - I keep all securely or cross-shred everything) BUT bearing in mind, the fraudster was able to change the address on my account, the phone number and insert an email address, we were concerned.
So, my DH decided he would register his card with the site - just to see how many details were needed to do so. Plus he thought if he registered it might stop any future fraudulent activity!
He discovered they need the credit card number (obviously), expiry date, holder's birthdate, the 3-digit security code from the back of the card and credit limit!
So - how did anyone get hold of all those details and log in as if they were me?
We could rack our brains for years and still not come up with the answer - and Barclaycard are not going to admit there may be a weakness in the system - makes you think though - may be it could be the best idea to register with the site - I just thought other people should know.
0
Comments
-
Well, one could intercept the card in the post, and then reseal and deliver? I'm pretty sure the bit of paper that surrounds the card gives the credit limit.
That only leaves the DoB to get - I understand these are quite easy to come by.
Just a thought!0 -
Well, I take your point about cards in the post but this card is fairly old - it would have had to have been intercepted around 3 years ago!
Plus, the real issue for me is the problem with the "My Barclaycard" site - don't know quite what could be done - but it all seems too easy to get fraudulent access to!0 -
It maybe someone you know0
-
~Or more likely that your computer has a virus and somebody has been farming your personal details from it.
Next in line would be the OP falling for a phishing scam.
I have been with Barclays for years and have never ever been the victim of fraud.0 -
michael1983l wrote: »~Or more likely that your computer has a virus and somebody has been farming your personal details from it.
Unlikely to find the credit limit on the PC.michael1983l wrote: »I have been with Barclays for years and have never ever been the victim of fraud.
So?michael1983l wrote: »Next in line would be the OP falling for a phishing scam.
You've obviously made your mind up how this happened.0 -
michael1983l wrote: »~Or more likely that your computer has a virus and somebody has been farming your personal details from it.
Next in line would be the OP falling for a phishing scam.
I have been with Barclays for years and have never ever been the victim of fraud.
Never say never
I have had a Barclaycard for 35 years 
, and last Sunday the Fraud Dept. phoned to say I had been a victim of credit card fraud. I would hazard a guess that you have not been with Barclaycard for as long as me. There is still time, watch your back 
Never put tables and chairs in the same room.
If they congregate together for any length of time, they will inevitably hatch plots against you and your pets.
Rohan Candappa0 -
chattychappy wrote: »Unlikely to find the credit limit on the PC.
So?
You've obviously made your mind up how this happened.
That is because those two types of fraud cover about 90% of all fraudulent activity. If you receive paperless statements, they will arrive on your computer. If you have made a loan or credit application on your computer they sometimes ask for your credit limits of your cards. Stop being so defensive and have your computer checked out for viruses, it won't do any harm will it?
And the point about myself not having and fraud on any of my barclaycard accounts that I have held for over a decade means that their system cannot be so open to fraud as you suggest.0 -
Someone at the post office that has got hold of the details on the statement. Once you have the address then its possible they can fidn the other details. having statements printed gives many opportunites for things to go wrong. Online banking with the right passwords is more secure.0
-
Mrs Money you said "a few transactions went through"
How? because when i made 2 transactions recently barclaycard was straight on the phone asking if i did them or not0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.8K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.8K Work, Benefits & Business
- 598.7K Mortgages, Homes & Bills
- 176.8K Life & Family
- 257.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards