Debit Card Fraud

MalMonroe

Qyburn said:

MEM62 said:

It is interesting that you think it more likely that the security measures of two separate banks were compromised rather than the details being obtained closer to home.      

That sounds sceptical.  However I can't see how the details were learned from home. The transaction was made 150 miles away and the card stays in the desk drawer at home except when it's needed for an Internet login.

Hi, it sounds a bit far-fetched I know but I've been watching the BBC 1 programme 'dirty rotten scammers'. They have 'legitimate hackers' on the programme and they reveal all kinds of things that scammers and hackers can do. They can gain loads of information from people simply from their online presence. If you use social media, or amazon or ebay., etc. Even if you buy anything from the internet as a one off. If you have an internet presence, you can be scammed/defrauded.

Hackers can get your passwords, name address date of birth, NI number, anything. They can even clone you. They don't need to have any debit or credit cards in their possession. They can 'spoof' any bank's phone number to fool people into thinking they are dealing with their own bank. It's scary what scammers and hackers can do and the information they can find. 

So I'd say it's really unlikely to be bank staff - that's really more than their job's worth (unless they were canny scammers trying to defraud very rich folks) - because they can be traced. 

You could do worse than catch an episode of the programme, daft as it sounds. I've found it enlightening. And I though I was fairly savvy anyway. I have discovered otherwise. 

Qyburn

Freezing the Nationwide card stops it working for Internet login via the card reader.

born_again

>>the missus was a recurring Amazon subscription taken from TSB<<

Was a previous card listed on there? 
Does Mrs have a subscription for this, or any family member who at some point may have used card for purchase?

Qyburn

born_again said:

>>the missus was a recurring Amazon subscription taken from TSB<<

Was a previous card listed on there?

There's no way to know whose Amazon account was being paid. All I know is that it wasn't any of ours, and what the statement says which is "Amazon Prime*2C88822O4 CD xxxx" where xxxx is the last four digits of the card.

Does Mrs have a subscription for this, or any family member who at some point may have used card for purchase?

Nobody has an Amazon subscription, and that card hasn't been used for anything other than those fraudulent transactions.  That bank account is basically dormant but you can be sure I went right through the statements right from opening date, and those are the only card transactions.

I can understand the general view that it must have been something that we did to cause this, but I don't have a clue what that could have been. If I knew then at least I could make sure we don't do it again.

phillw

Qyburn said:
I can understand the general view that it must have been something that we did to cause this, but I don't have a clue what that could have been. If I knew then at least I could make sure we don't do it again.

It was something you did. Whether it was using the card somewhere that had a skimmer or just opening the account in the first place.

To make sure it doesn't happen again, don't have a bank account. Though there are down sides to that which are worse.

I would just get transaction alerts and check everything that goes out and complain about anything you don't recognize.

Qyburn

phillw said:

It was something you did. Whether it was using the card somewhere that had a skimmer or just opening the account in the first place.

Which just leaves opening the account in the first place. I've stated quite a few times that the two cards haven't been out of the house. They haven't been used for any transaction other than these fraudulent ones, and (obviously) haven't been put into an ATM or presented to any card machine. So I don't really understand why people keep suggesting things like that might have been to blame.

RG2015

phillw said:

Qyburn said:
I can understand the general view that it must have been something that we did to cause this, but I don't have a clue what that could have been. If I knew then at least I could make sure we don't do it again.

It was something you did. Whether it was using the card somewhere that had a skimmer or just opening the account in the first place.

To make sure it doesn't happen again, don't have a bank account. Though there are down sides to that which are worse.

I would just get transaction alerts and check everything that goes out and complain about anything you don't recognize.

I have just had the same issue and I have posted the details on another thread. See below for a link.

Yes I have opened a bank account, but there is nothing connecting the account number and sort code with the debit card number.
 
RBS don't even put the bank account number on the debit card.

https://forums.moneysavingexpert.com/discussion/6405498/debit-card-fraud/p1

RG2015

@Qyburn, I can empathise with you as you will see from the post above.

It is such bad luck that you and your wife were both victims of fraud. My wife has said she will be more vigilant now.

I was the victim of fraud about 7 years ago. However that time it was a credit card that I had just used in a pub in London. I also recall that it was the early days of contactless and I just gave the card to the bartender for him to scan in his machine by the till.

He only had it for 5 seconds but I have always believed that this was where it was compromised.

I learned my lesson though and accepted that I was pretty careless then.

born_again

Qyburn said:

I can understand the general view that it must have been something that we did to cause this, but I don't have a clue what that could have been. If I knew then at least I could make sure we don't do it again.

Believe me the vast majority of fraud has nothing to do with the person using the card. It is simply details being compromised at some point.
If as you say, it has never been used, then that only leaves brut force attack. Where fraudster have a known working number than keep targeting other card numbers from the working card number.
End of the day. nothing you can do.

Just Amazon Prime is not something that has any benefit to a fraudster. Unless it is just a test on the card.

Just forget about it & get on with life as normal. 👍

RG2015

born_again said:

Qyburn said:

I can understand the general view that it must have been something that we did to cause this, but I don't have a clue what that could have been. If I knew then at least I could make sure we don't do it again.

Believe me the vast majority of fraud has nothing to do with the person using the card. It is simply details being compromised at some point.
If as you say, it has never been used, then that only leaves brut force attack. Where fraudster have a known working number than keep targeting other card numbers from the working card number.
End of the day. nothing you can do.

Just Amazon Prime is not something that has any benefit to a fraudster. Unless it is just a test on the card.

Just forget about it & get on with life as normal. 👍

It is easier said than done to ignore it and it does pique my curiosity.

If Amazon is of no benefit to the fraudster what do they gain? A debit card number with an expiry date.

To be of any use elsewhere they would need the cvv.

It also appears to me that Amazon is culpable for not having better security measures such as cvv, name and address validation.