We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
I've found a HUGE Tesco/Visa Scam - what should I do now?
KittyKate
Posts: 1,606 Forumite
I often do online orders for Tesco for my dad, as he cannot drive and lives in a small village. I do this every six to eight weeks (he orders a lot!) using his card details (with his permission of course) and my own email address (as he doesn't have an internet connection).
Back in Feb, my dad's account was 'liberated' of over £1000 which was very shocking and upsetting for him, his bank, Barclays, said they had 'no idea' where the money was going to and it took around a fortnight to get all of it back (it had been 'dipped' for £5 then larger amounts like £200, £400 etc had been taken). At the time, my dad noted that the bank were being rather suspicious about the whole affair - not telling him how the money was stolen or where it was going to, and they said the police 'wouldn't do anything'. My dad just wanted his money back, so he didn't call the police (he doesn't like making loads of uneccesary phone calls as he uses a PAYG mobile and no landline).
The only thing he got was £20 from Barclays to cover his mobile calls to them (which it barely did). Generally the staff were evasive, rude and confusing with their 'facts' (to the point where my dad thought they were covering for a thieving member of staff!) He also got a new debit card with new numbers etc so no-one could use the old ones to steal more money from him.
OK so all was fine until 3 weeks ago, the night before I went on holiday, my friend MSN's me saying he's going to send me his CV so I can refer him to my boss. He wasn't sure of my email address but he knew it roughly and had googled it to make sure it was mine (as I go on other sites with it etc). He did verify it was mine but worryingly he also found a page on a site based in Afghanistan (or that area) with a WHOLE LIST of about 100 - 150 names, addresses, debit/credit card details, the security strip number, expiry date, email address and TESCO LOGIN PASSWORD.
From looking at this it seems someone has hacked something, somewhere, I can't say it is Tesco as such as there are American card no's/adresses on there, which makes me think it might be the Visa 'secure' payment site which has been hacked?? I'm not 100% but clearly thousands of pounds have been stolen here (not everyone will have been as lucky as my dad to spot it within hours, and get it back).
I did some digging on google and translating the characters etc and found the person who posted all these details promising 'more to come' (all posted Feb 07 when my dad was robbed). I have ALSO found his full name, telephone number, address, email address etc etc etc.
What should I do - this info is obviously out of date and it is too late for these people but should I still contact the police/Tesco/Visa?
Back in Feb, my dad's account was 'liberated' of over £1000 which was very shocking and upsetting for him, his bank, Barclays, said they had 'no idea' where the money was going to and it took around a fortnight to get all of it back (it had been 'dipped' for £5 then larger amounts like £200, £400 etc had been taken). At the time, my dad noted that the bank were being rather suspicious about the whole affair - not telling him how the money was stolen or where it was going to, and they said the police 'wouldn't do anything'. My dad just wanted his money back, so he didn't call the police (he doesn't like making loads of uneccesary phone calls as he uses a PAYG mobile and no landline).
The only thing he got was £20 from Barclays to cover his mobile calls to them (which it barely did). Generally the staff were evasive, rude and confusing with their 'facts' (to the point where my dad thought they were covering for a thieving member of staff!) He also got a new debit card with new numbers etc so no-one could use the old ones to steal more money from him.
OK so all was fine until 3 weeks ago, the night before I went on holiday, my friend MSN's me saying he's going to send me his CV so I can refer him to my boss. He wasn't sure of my email address but he knew it roughly and had googled it to make sure it was mine (as I go on other sites with it etc). He did verify it was mine but worryingly he also found a page on a site based in Afghanistan (or that area) with a WHOLE LIST of about 100 - 150 names, addresses, debit/credit card details, the security strip number, expiry date, email address and TESCO LOGIN PASSWORD.
From looking at this it seems someone has hacked something, somewhere, I can't say it is Tesco as such as there are American card no's/adresses on there, which makes me think it might be the Visa 'secure' payment site which has been hacked?? I'm not 100% but clearly thousands of pounds have been stolen here (not everyone will have been as lucky as my dad to spot it within hours, and get it back).
I did some digging on google and translating the characters etc and found the person who posted all these details promising 'more to come' (all posted Feb 07 when my dad was robbed). I have ALSO found his full name, telephone number, address, email address etc etc etc.
What should I do - this info is obviously out of date and it is too late for these people but should I still contact the police/Tesco/Visa?
0
Comments
-
I wonder if this is why accounts keep getting blocked when ordering?Maybe theyve picked up on this?Personally id inform them even if they say they know0
-
What should I do - this info is obviously out of date and it is too late for these people but should I still contact the police/Tesco/Visa?
Well what have you got to lose? Somebody might take the issue seriously.
Also why not tell a journalist, Watchdog or C4 News maybe, they would love something like that if there is clear evidence that big companies have been careless with their customers details. Some publicity might lead to someone getting called to account.Joe
As through this life you travel,
you meet some funny men
Some rob you with a six-gun,
and some with a fountain pen0 -
-
-
I'd suspect that you may have possibly have a keylogger or trojan on your PC , seeing you have been the only one doing online shopping for him, the details you see are probably a collation of some of the infected PC's details that have been gleaned as a taster for people to buy the information
as a matter of urgency I'd follow posts 1 to 4 of this thread on the forum
http://forums.moneysavingexpert.com/showthread.html?t=133269
if need be open up a new thread over there for me to check things later on 9at the end of post 4 it tells you how to post a hijackthis log for me to look atEx forum ambassador
Long term forum member0 -
Afghanistan....interesting. I think its scarey but Afghanistan doesnt have telecommunications to deal with ID fraud/broadband or any means to use the fraud card in Afghanistan.
Sounds like someone in the military is making use of this.....
Call the police.0 -
Having personal and recent knowledge of telecommunications in Afghanistan I can confirm they DO have the IT capabilities for this type of internet fraud.
Also having personal and current knowledge of the UK military in Afghanistan, I can confirm that IT available to our military is either military secure systems that do not interface with the civilian internet systems or welfare systems to enable contact with family and friends which are firewalled and protected to ensure they cannot be used for the type of activity described here.
The statement regarding it being activity by our military is an uninformed opinion and is wrong.
Our military are doing a difficult enough job - this type of unfounded comment is ridiculous in the extreme.0 -
Dave_Brooker wrote: »More like clear evidence that big companies customers have been careless with their own details....
Excuse me? I was purchasing groceries for my father using the supposedly secure Tesco website (which thousands of other people use on a daily basis).
I was not careless in any way. I have an IT degree and am more than capable of keeping myself safe. My PC and connection are perfectly secure. The information gleaned was NOT in the format I usually type it, moreover it looked like it had been pulled from some sort of database.
And my father being refunded the stolen £1000 is NOT recompense for the time, trouble and worry of the bank being so offhand with him. You can't be compensated with your own money :rolleyes:
Thankyou everyone else for your insights. I will contact the police tomorrow morning (as, living in a city centre, I am aware they have other things to do on a Sunday night!) and pass on all the info I have. I hope no-one else falls victim to this.0 -
Excuse me? I was purchasing groceries for my father using the supposedly secure Tesco website (which thousands of other people use on a daily basis).
Which is more likely, the entire Tescos database being compromised and ending up in Afghanistan, or a few slack people losing their data due to trojans keyloggers etc?The money, Dave...0 -
smileypigface wrote: »Having personal and recent knowledge of telecommunications in Afghanistan I can confirm they DO have the IT capabilities for this type of internet fraud.
Also having personal and current knowledge of the UK military in Afghanistan, I can confirm that IT available to our military is either military secure systems that do not interface with the civilian internet systems or welfare systems to enable contact with family and friends which are firewalled and protected to ensure they cannot be used for the type of activity described here.
The statement regarding it being activity by our military is an uninformed opinion and is wrong.
Our military are doing a difficult enough job - this type of unfounded comment is ridiculous in the extreme.
Yeah you might be right.
But since you've spat your dummy out read the following .
I just cant see an Afghan who cant even read English, walking into a secure interent cafe parking his goat and cow outside and then commiting a spot of ID Fraud from Tesco.
Secondly I didnt say OUR military did this did I? How many foreign military sources are there in Afghanistan......you tell me since you were there.
Since you have recent working knowledge of telecommunications of Afghanistan can you tell me who installed it there?.....questions....or is it TOP SECRET!0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.7K Banking & Borrowing
- 253.4K Reduce Debt & Boost Income
- 454K Spending & Discounts
- 244.7K Work, Benefits & Business
- 600.1K Mortgages, Homes & Bills
- 177.3K Life & Family
- 258.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards