Facebook Fraud

skinnish

I had a message today from my business credit card provider saying 692 eur has been declined due to insufficient balance and when I rung up the credit card company they told me 1200 has been spent and another 1800 odd is still pending with facebook. The card has been cancelled. Im a bit surprised because I used to think this is the most secure card I own due to the fact that any transaction I make online i always get a OTP even for 30p parking but for facebook apparently there is no 3dsecure is what the customer service person told me.

two questions
How hard is it to get the money refunded? Is it a chargeback and does it effect my account in any way?

With this card I have only ever used it online on my laptop and my phone just these two devices and not for atleast 5 months as the pin is blocked apart from putting it into 2 ATM's to try and unblock the pin about a month ago which didn't happen. So my question is mainly what can I/should I do to clean my laptop, is it possible for people to steal information from phones like they can laptops? 

(well thats more that 2 questions but you get my jist..)

any help/advise is highly appreciated 

eddddy

You might get more opinions on Spyware and Malware removal tools on the 'Techie Stuff' board:  https://forums.moneysavingexpert.com/categories/techie-stuff

But bear in mind that scammers can get your card details in many ways. It may be that

• you used the card with an online retailer, and the retailer had a data breach
• you clicked on a link in a phishing email, which took you to a fake website
• you found a fake website in some other way, and tried to buy something through it
• somebody found your card details in your rubbish (e.g. an old letter or old paper statement)
• you entered your card details over a public wifi 

(And with unauthorised payments to sites like Facebook, people sometimes find that it was a family member - maybe a rebellious teenage child, who secretly used a parent's card.)

eskbanker

skinnish said:

The card has been cancelled. Im a bit surprised because I used to think this is the most secure card I own due to the fact that any transaction I make online i always get a OTP even for 30p parking but for facebook apparently there is no 3dsecure is what the customer service person told me.

two questions
How hard is it to get the money refunded? Is it a chargeback and does it effect my account in any way? 

I'd have thought that your call to your card provider was the obvious opportunity to discuss reimbursement, or did you only cover stopping it from getting worse?  Anyway, if you haven't already, contact them again and tell them that you didn't authorise those transactions - they are then obliged to refund them unless they have any reason to believe that you were complicit or negligent....

https://www.fca.org.uk/consumers/unauthorised-payments-account

born_again

You mean that the transactions were not discussed on the call, or that they would get the fraud team to call you?

A bit of advice.
There is not such thing as a secure card, once it has been used. It's details are out there and any retailer having their systems hacked or a dishonest employee noting them down.
OTP means nothing as per above. All that means is you have made the transaction. As you have been told many retailer's do not use the system.

Fingerbobs

In my (admittedly limited) experience with fraudulent card transactions, getting them refunded is no problem. I just had to sign a form to confirm that I didn't authorise the transactions, and the fraudulent amounts were credited straight back to my account. No fuss, and to be honest this was a few years ago - it's probably all on-line these days. In my case, the fraudulent transactions were to "Amazon Digital Downloads" - a small one, followed by a large one. I still have no idea how my card details were obtained by the fraudsters, and I probably will never know.

skinnish

eddddy said:

You might get more opinions on Spyware and Malware removal tools on the 'Techie Stuff' board:  https://forums.moneysavingexpert.com/categories/techie-stuff

But bear in mind that scammers can get your card details in many ways. It may be that

• you used the card with an online retailer, and the retailer had a data breach
• you clicked on a link in a phishing email, which took you to a fake website
• you found a fake website in some other way, and tried to buy something through it
• somebody found your card details in your rubbish (e.g. an old letter or old paper statement)
• you entered your card details over a public wifi 

(And with unauthorised payments to sites like Facebook, people sometimes find that it was a family member - maybe a rebellious teenage child, who secretly used a parent's card.)

The only thing from this list and from reading up on online would be that I used the card at VOXI to buy a plan for a sim the day before this happened. So I'd presume they had a data breach or dishonest employee
this was one of my suspicions and the other was at the ATM where it could have been skimmed although when using the atm i give it a shake and feel before inserting my card but from reading up online they would have needed my billing address which they wouldn't have from skimming the card.

The card was added and then transactions from started small from 20 euro building up to 750 euros. I dont use facebook and not even too sure what these payments could be for.
I understand about the teens but theres no kids in my house although I have had several contractors in but after thinking about it realised there was no way they could have had access to this card   

skinnish

eskbanker said:

skinnish said:

The card has been cancelled. Im a bit surprised because I used to think this is the most secure card I own due to the fact that any transaction I make online i always get a OTP even for 30p parking but for facebook apparently there is no 3dsecure is what the customer service person told me.

two questions
How hard is it to get the money refunded? Is it a chargeback and does it effect my account in any way? 

I'd have thought that your call to your card provider was the obvious opportunity to discuss reimbursement, or did you only cover stopping it from getting worse?  Anyway, if you haven't already, contact them again and tell them that you didn't authorise those transactions - they are then obliged to refund them unless they have any reason to believe that you were complicit or negligent....

https://www.fca.org.uk/consumers/unauthorised-payments-account

i spoke to them about this at around 1am last night and the fraud team werent around. he did say they would do a chargeback and fraud team would call me back within working hours. I wasnt sure if this was something he just said or if it was actually the case because I find that sometimes rather than people tell you I dont know they make up an answer and give it to you. e.g. the person i spoke to said there is 3 transactions of 750 euro which are pending and wont be processed because the card has been blocked/cancelled which i didnt believe because the transactions already been made and having checked today they have all gone through 

the main reason I was worried is about 6-7 years ago "my card" was used to take out cash from a credit card  and capitol one's fraud guy said someone must have taken your card withdrew the cash over 4 days and then put it back into your wallet without you realising and also would have known your pin and I had to pay back about a 1000 pounds although they were "very generous" and didnt charge me cash withdrawal or interest. This was highly unlikely unless someone picked locks came in when i was sleeping and then done the same to return the card and somehow hypnotised me to get the pin, or they just hypnotised me when I was outside my house and did not need to use their lock picking skills

Because of this I was a bit worried hence I jumped on here just to get more info 

skinnish

born_again said:

You mean that the transactions were not discussed on the call, or that they would get the fraud team to call you?

A bit of advice.
There is not such thing as a secure card, once it has been used. It's details are out there and any retailer having their systems hacked or a dishonest employee noting them down.
OTP means nothing as per above. All that means is you have made the transaction. As you have been told many retailer's do not use the system.

they would get back to me within working hours

I understand theres no thing as a secure card now, but just a bit baffed as to how someone as big as facebook doesnt use 3dsecure

skinnish

Fingerbobs said:

In my (admittedly limited) experience with fraudulent card transactions, getting them refunded is no problem. I just had to sign a form to confirm that I didn't authorise the transactions, and the fraudulent amounts were credited straight back to my account. No fuss, and to be honest this was a few years ago - it's probably all on-line these days. In my case, the fraudulent transactions were to "Amazon Digital Downloads" - a small one, followed by a large one. I still have no idea how my card details were obtained by the fraudsters, and I probably will never know.

I suppose all we can do is geuss how details were obtained.

Thanks you everyone for your replies as always much appreciated 

mazzetti

One thing which might improve the security of your card is to do what I do which is scratch the CVV off the back - obviously you need to either remember it or write it down somewhere at home in case you need it

 this means that cannot be used online if stolen etc

And if you are really super-paranoid the other thing you can do is to get an electric drill and drill through the last four numbers of the card so that they are also not knowable - obviously don't drill near the chip

I have done both of these to my card and used it for years with no problem

D3xt3r5L4b

mazzetti said:

One thing which might improve the security of your card is to do what I do which is scratch the CVV off the back - obviously you need to either remember it or write it down somewhere at home in case you need it

 this means that cannot be used online if stolen etc

And if you are really super-paranoid the other thing you can do is to get an electric drill and drill through the last four numbers of the card so that they are also not knowable - obviously don't drill near the chip

I have done both of these to my card and used it for years with no problem

Amazon doesn’t ask for the CVV number when adding a or paying with a card