How to prove credit card fraud???

born_again

They investigated and said the transactions were made via our IP address and on at least one transaction we were sent a security code from our phone to confirm. 

IP address alone is not enough to decline as fraud.
But adding when a security code has been sent & used is. Same with any transaction that went via VbV or Mastercard secure.
The only way a fraudster could get code would be either someone ringing & asking for it, or a sim swap, but you would lose mobile access then.

phillw

COIAHLGW said:

If they are correct that these transactions really did come from your IP address, is there a computer in the house that may have malware on it that needs to be scanned?
Also, ask MBNA what the IP address that the transactions came from, so you can independently verify that yourself.

I'm intrigued how they know it came from your IP address as most ISPs randomly assign IP addresses. I'd ask them for the proof of that, it's always best to not confirm any payments that any were legitimate in case you are wrong. Get them to provide evidence first 

Do you know what the money was spent on and for where? They have to provide you with those details (sometimes that prompts people to remember that the transactions are real). Which credit card issuer was it? Were the payments authorised in an app?

I would make a complaint that their fraud system did not detect an unusual pattern of transactions and they did not contact you to confirm that the transactions were valid.

They obviously aren't going to want to refund you, but tell them that you are confident that you didn't make the payments and that it was the banks lax security that allowed the payments to go through. Sometimes they will provide "proof" and try their luck, if you didn't make the payment then stay firm. If they don't budge then ask for a deadlock letter

I've had cards blocked and had to phone them, I've had phone calls from card issuers. The weirdest was when they blocked my card and I phoned them to get it unblocked but they wouldn't accept that it was fraud. I had to calmly explain to them that it was their fraud detection system that had alerted me to the fraud.

Nasqueron

phillw said:

COIAHLGW said:

If they are correct that these transactions really did come from your IP address, is there a computer in the house that may have malware on it that needs to be scanned?
Also, ask MBNA what the IP address that the transactions came from, so you can independently verify that yourself.

I'm intrigued how they know it came from your IP address as most ISPs randomly assign IP addresses. I'd ask them for the proof of that, it's always best to not confirm any payments that any were legitimate in case you are wrong. Get them to provide evidence first 

Do you know what the money was spent on and for where? They have to provide you with those details (sometimes that prompts people to remember that the transactions are real). Which credit card issuer was it? Were the payments authorised in an app?

I would make a complaint that their fraud system did not detect an unusual pattern of transactions and they did not contact you to confirm that the transactions were valid.

They obviously aren't going to want to refund you, but tell them that you are confident that you didn't make the payments and that it was the banks lax security that allowed the payments to go through. Sometimes they will provide "proof" and try their luck, if you didn't make the payment then stay firm. If they don't budge then ask for a deadlock letter

I've had cards blocked and had to phone them, I've had phone calls from card issuers. The weirdest was when they blocked my card and I phoned them to get it unblocked but they wouldn't accept that it was fraud. I had to calmly explain to them that it was their fraud detection system that had alerted me to the fraud.

The days of ever changing IPs are gone, it's very common for always on devices like a fibre router to have the same IP - they refresh them every so often and if your device is online, it simply keeps it. A reboot is unlikely to change it, heck, even disconnecting it for a few days you can get the same IP reassigned in some cases. It's certainly not proof of fraud alone but equally claiming it wasn't fraud because your IP was picked up by a scammer is equally not proof. OP also won't have any proof that was their IP at the time or not at the time

Jimby509

born_again said:

They investigated and said the transactions were made via our IP address and on at least one transaction we were sent a security code from our phone to confirm. 

IP address alone is not enough to decline as fraud.
But adding when a security code has been sent & used is. Same with any transaction that went via VbV or Mastercard secure.
The only way a fraudster could get code would be either someone ringing & asking for it, or a sim swap, but you would lose mobile access then.

At the time in Oct I was trying to buy online car insurance and did try and use this card.  There was one company who gave a cheep quote but every time I tried to pay it came up declined.  In the end I used a different company.

If I did use a security code to validate one of the transactions it would have been for this, but was led to believe that the transaction declined.  But I certainly did not do this 9 times over the period of one month.  No excuse but with so much happening in life/work/family I did not pay the usual attention.

There were 4 transactions for £500 each over the period of 24h alone to a company panamawebfactory.com I emailed them and they know nothing about us or the transactions.  They are a Spanish language site that sells web domains???

My 14 year old son is very into computers and tech has downloaded a lot of software and apps, I have a horrible feeling this all stems from that.  But he would not knowingly do this.

One other thing is that our online access to view MBNA account was blocked by MBNA.  They must have thought something was wrong?  Yet the transactions were permitted.

Thanks again for your help everyone.

TheSpectator

Jimby509 said:

born_again said:

They investigated and said the transactions were made via our IP address and on at least one transaction we were sent a security code from our phone to confirm. 

IP address alone is not enough to decline as fraud.
But adding when a security code has been sent & used is. Same with any transaction that went via VbV or Mastercard secure.
The only way a fraudster could get code would be either someone ringing & asking for it, or a sim swap, but you would lose mobile access then.

My 14 year old son is very into computers and tech has downloaded a lot of software and apps, I have a horrible feeling this all stems from that.  But he would not knowingly do this.

This screams red flag and not sure why it's taken till now to provide that key peice of information.

Unfortunately being 'into computers' doesn't mean they are sensible on what they are downloading. Have you scanned the computer for viruses//malware?

Olinda99

This is a key piece of information - he could easily have software on his pc that facilitates key logging and indeed even buying things using your card if details have been captured.

Your son's PC is presumably on the same router as everybody else and therefore would have the same IP address

Jimby509

Thanks for your input. 

It is at the back of my mind that he may have downloaded something that has caused this.  However he would not have done this intentionally or taken card details himself.  That's not a biased dad talking, he really wouldn't.

I am worried that disclosing the point that some malware or fraudulent app may have been downloaded to MBNA will invalidate any claims I have.

I genuinely just don't know.

Olenna

Nasqueron said:

phillw said:

COIAHLGW said:

If they are correct that these transactions really did come from your IP address, is there a computer in the house that may have malware on it that needs to be scanned?
Also, ask MBNA what the IP address that the transactions came from, so you can independently verify that yourself.

I'm intrigued how they know it came from your IP address as most ISPs randomly assign IP addresses. I'd ask them for the proof of that, it's always best to not confirm any payments that any were legitimate in case you are wrong. Get them to provide evidence first 

Do you know what the money was spent on and for where? They have to provide you with those details (sometimes that prompts people to remember that the transactions are real). Which credit card issuer was it? Were the payments authorised in an app?

I would make a complaint that their fraud system did not detect an unusual pattern of transactions and they did not contact you to confirm that the transactions were valid.

They obviously aren't going to want to refund you, but tell them that you are confident that you didn't make the payments and that it was the banks lax security that allowed the payments to go through. Sometimes they will provide "proof" and try their luck, if you didn't make the payment then stay firm. If they don't budge then ask for a deadlock letter

I've had cards blocked and had to phone them, I've had phone calls from card issuers. The weirdest was when they blocked my card and I phoned them to get it unblocked but they wouldn't accept that it was fraud. I had to calmly explain to them that it was their fraud detection system that had alerted me to the fraud.

The days of ever changing IPs are gone, it's very common for always on devices like a fibre router to have the same IP - they refresh them every so often and if your device is online, it simply keeps it. A reboot is unlikely to change it, heck, even disconnecting it for a few days you can get the same IP reassigned in some cases. It's certainly not proof of fraud alone but equally claiming it wasn't fraud because your IP was picked up by a scammer is equally not proof. OP also won't have any proof that was their IP at the time or not at the time

It's not as simple as that as CGNAT is becoming increasingly common on fibre and mobile internet connections - so multiple unconnected people will have the same external IP address. 

Even if this isn't the case, unless someone specifically has a static IP address then they do get altered if the ONT/ router is offline for a period of time or various types of general network maintenance take place. 

Olenna

Jimby509 said:

Thanks for your input. 

It is at the back of my mind that he may have downloaded something that has caused this.  However he would not have done this intentionally or taken card details himself.  That's not a biased dad talking, he really wouldn't.

I am worried that disclosing the point that some malware or fraudulent app may have been downloaded to MBNA will invalidate any claims I have.

I genuinely just don't know.

The burden of proof is on MBNA but any instances of 2FA definitely strengthen their case for negligence. 

You could run anti-virus (windows defender is built-in and anti-malware (e.g. free malwarebytes) on all PCs but I would tempted to re-install windows and factory reset any phones for peace of mind.