My Santander debit card was cloned and an attempt was made by the scammer to purchase goods on line

Canadoug

My Santander debit card was cloned and an attempt was made by the scammer to purchase goods on line. The scammer actually called me saying he was from Santander and asked for my pass code, to which I put the phone down on him (Indian Male).
He rang a further 3 times at 1 minute intervals then one minute later I got a OTP request message from Santander asking to approve a transaction of £324 from ASDA.
How could my cloned card details be linked to my OTP request number?

MorningcoffeeIV

He was using your card details, so the OTP has to go to the number you registered.

It wouldn't be very secure if anyone could choose to have the OTP sent to their own number.

Canadoug

How did he link my phone number to my card details?

grumbler

Cloned card = physically cloned, a duplicate. Apparently impossible.

Only you know how somebody could get your card details (this is pretty common) together with your phone number, but I think many online retailers ask this information when you order something.

Anyway, if you haven't done this yet, call Santander ASAP, cancel the card and request a new one.

Canadoug

Ok Santander were informed and have stopped my card and will issue a new one.
As for suggesting only I know how my card details and my phone number could have been obtained is not answering my question and seems to be suggesting that I already know the answer! 
I think the card details were probably taken while paying fore a coffee and cake.

grumbler

Canadoug said:

As for suggesting only I know how my card details and my phone number could have been obtained is not answering my question and seems to be suggesting that I already know the answer!

a) Somebody close to you

b) Some online company that you gave all this information to.

c) A scammer bought your stolen (card details + e-mail address) and then sent you a phishing e-mail that you failed to detect.

d)...

...

Canadoug said:

How did he link my phone number to my card details?

If he knows both, there is no need to 'link' them unless you have several mobile numbers. The question has to be "How did he know...?"

TadleyBaggie

Canadoug said:

I think the card details were probably taken while paying fore a coffee and cake.

That's very unlikely unless this coffee and cake place asked for and were given your phone number. 

My money would be a website leak that had both your credit card details and phone number.

Canadoug

I actually don't know, thanks.
My concern now is that a scammer could do the same again with the new card details as they have linked my phond number to a Santander card.

Canadoug

TadleyBaggie said:

Canadoug said:

I think the card details were probably taken while paying fore a coffee and cake.

That's very unlikely unless this coffee and cake place asked for and were given your phone number. 

My money would be a website leak that had both your credit card details and phone number.

Unfortunately I have no idea.

Stargunner

Canadoug said:

I actually don't know, thanks.
My concern now is that a scammer could do the same again with the new card details as they have linked my phond number to a Santander card.

The scammer doesn't have your new card details. Only you know who you have given both your phone number and card details to. Another possibility could be that you have some sort of spyware on your PC/laptop that is monitoring every keyboard entry that you make. 

Slinky

Surely the Santander system just sends the verification code to the phone number they have on file for you. Isn't that one of the points of 2 factor authentication?