Fraud

Annabelle3670

I am really hoping someonecan help me as I just have no idea where to turn.

At the end of February/beginning of March the bank contacted me to say there was suspicious activity on my account, numerous orders had been made to Lets Eat and a number had not been stopped by the bank.  I had an issue whereby they had failed to log this and it resulted in a complaint being raised and several weeks before I got the money back but that is a separate matter.

Further to this my Netflix, Amazon and several other accounts were hacked, there were many many attempts to hack my email but luckily I had turned on 2 step verification and just today I received an email from microsoft reporting suspicious activity on my account so it is still ongoing.

At the beginning of March I received a lengthy email from The North Face saying that following a purchase I made from them in December my details had been part of a data leak.  It seemed to me obvious where the problems had came from and I emailed them to explain what was happening to me but they simply said it was nothing to do with them and any data that had been leaked would not have caused this.  It seems very coincidental and why would they inform people of a data leak if there was absolutely no risk.  I am just not sure where to go from here as it just seems to be going on and on.

Help!

mr_stripey

Are you certain the call from the bank was actually from the bank? And not some phishing attempt?

eDicky

Was your purchase from The North Face made using the same card that has now been used fraudulently?

Zanderman

Your assumption that the North Face problem is the cause is quite a leap of logic.

Have you any evidence of that at all. Other than NF wrote to you (and presumably thousands of other customers) about a data breach in December? If that was the cause 1000s of others would have similar problems and it would, by now, probably, be acknowledged.  But that hasn't happened and NF have told you it wasn't that sort of data breach - so it seems (from the info you've given) to be nothing to do with that. 

I would be worrying more about the Let's Eat orders in Feb and March and look for a cause immediately prior to that. The email and subscription account hacks attempts are not necessarily anything to do with financial fraud so could be another matter entirely..

MattMattMattUK

Annabelle3670 said:

I am really hoping someonecan help me as I just have no idea where to turn.

At the end of February/beginning of March the bank contacted me to say there was suspicious activity on my account, numerous orders had been made to Lets Eat and a number had not been stopped by the bank.  I had an issue whereby they had failed to log this and it resulted in a complaint being raised and several weeks before I got the money back but that is a separate matter.

Further to this my Netflix, Amazon and several other accounts were hacked, there were many many attempts to hack my email but luckily I had turned on 2 step verification and just today I received an email from microsoft reporting suspicious activity on my account so it is still ongoing.

Have you changed ALL your passwords, and are they now totally different to previous passwords as well as each other, with no similarities, as well as all being individually unique? Have you also turned on 2FA for everything that offers it?

Annabelle3670 said:

At the beginning of March I received a lengthy email from The North Face saying that following a purchase I made from them in December my details had been part of a data leak.  It seemed to me obvious where the problems had came from and I emailed them to explain what was happening to me but they simply said it was nothing to do with them and any data that had been leaked would not have caused this.  It seems very coincidental and why would they inform people of a data leak if there was absolutely no risk.  I am just not sure where to go from here as it just seems to be going on and on.

Unfortunately trying to make that link is nearly impossible, passwords are unlikely to have been leaked in plain text and in general your data will already be online in many forms, from multiple data leaks (some of which might not even know happened), from phishing etc. 

This kind of thing is unfortunately part of life, so we just have to make ourselves secure against it. 

IvanOpinion

Check your email at https://haveibeenpwned.com/, it may highlight other instances of data leaks. 
It may be very difficult to prove which leak resulted in a hack.
Good to hear you are using MFA, currently that is one of the best defences against hacking.

PRAISETHESUN

As above, you won't be able to stop the data being misused once it's out there in the world, and you likely won't be able to conclusively prove that a specific data breach is the cause of your recent fraud activity, but you can take steps to protect yourself moving forwards:

Change all passwords, and don't recycle them - I find using password manager software to help you makes this trivial. Good luck brute-forcing 99 character randomly generated passwords
Set up 2FA/MFA for everything that supports it

I'd also be making sure you regularly check your credit files, from all 3 CRAS - Experian, Equifax and TransUnion - to make sure no-one is taking out credit fraudulently in your name. The CRAs also offer the option of adding a password to protect your credit files, - it will slow down legitimate credit applications, but will protect you against fraudulent ones. I'd probably also contact your banks and ask them to issue new debit/credit cards as a precaution.

Annabelle3670

Thank you everyone, I appreciate the feedback