Credit Card Fraud..Barclays

Ali195

Ali195

Ali195

Associate
Joined
30 Sep 2008
Posts
2,065
So on Monday I find multiple Meta, Facebook advertisement charges on my credit card, a few quid each occurrence. No biggie. The Barclays fraud line even called me, fantastic. So account is frozen and new card dispatched.

New card arrived today, damn thing was still stuck to the letter when ANOTHER bunch of transactions are pending for advertisement chargers, all for today. What the heck I’m thinking?

Call the line and explain I thought old card number was blocked and considering I’ve not even looked at the replacement card number, let alone enter it into any device, I’m at a loss to explain how these new transactions could come about.

Was told these likely “reoccurring transactions were passed onto your account”. Not a clue how that works because you’d assume the same old, cancelled card number would be rejected. Anyway, they’ve cancelled this fresh card and….will send me another one.

I mean, one wonders how long this could go on for. Am I to expect it to happen again in a few days? The guy on the phone was essentially a robot, reading from a script to the point I recognised the words exactly as the first time I called.

So yeah. Good job I’ve got a backup credit card with another firm because if it happens a 3rd time I’ll just close the account.

Anyone else had this reoccurring issue before? What a palarver.
 
Ali195 said:
So on Monday I find multiple Meta, Facebook advertisement charges on my credit card, a few quid each occurrence. No biggie. The Barclays fraud line even called me, fantastic. So account is frozen and new card dispatched.

New card arrived today, damn thing was still stuck to the letter when ANOTHER bunch of transactions are pending for advertisement chargers, all for today. What the heck I’m thinking?

Call the line and explain I thought old card number was blocked and considering I’ve not even looked at the replacement card number, let alone enter it into any device, I’m at a loss to explain how these new transactions could come about.

Was told these likely “reoccurring transactions were passed onto your account”. Not a clue how that works because you’d assume the same old, cancelled card number would be rejected. Anyway, they’ve cancelled this fresh card and….will send me another one.

I mean, one wonders how long this could go on for. Am I to expect it to happen again in a few days? The guy on the phone was essentially a robot, reading from a script to the point I recognised the words exactly as the first time I called.

So yeah. Good job I’ve got a backup credit card with another firm because if it happens a 3rd time I’ll just close the account.

Anyone else had this reoccurring issue before? What a palarver.
Click to expand...
IIRC there is a loopyhole in the charge system where because your card number can change but is still linked to the account number some charges do have teh ability to "reoccur" until manually shut down by the bank (as it would be a big issue fi say your council tax DD or your insurance got cancelled just because your card number changed).

It's likely those transactions were approved before the new card was sent out, and thus got through in the time window between the new card arriving and the old preauthorised charges expiring (IIRC if you say book a Tesco delivery for 2 weeks time they'll authorise the transaction when it's booked and claim on it when they finalise the order, same with pre-orders for product and pay at pump).

I would have hoped Barclays would have put a blanket ban on any transactions from the services you had already let them know were dodgy, and only allowed the funds to be taken if you then confirmed it*, but if it was pre-authorised before the card was cancelled it could be that it wasn't possible as they may have already been processing.

At least if it's your credit card (Barclaycard?) that's had it's number compromised it doesn't normally affect your actual bank balance, it's one of the reasons I only use my Bank card online to pay my Credit Card (and these days do it in the app). for everything else online I use a credit card as I've had my credit cards compromised repeatedly in the past due to hacked retailers (I think I had one card replaced about 3 times in 2 years).



*In the same way they do for other unusual transactions or at random (I had to authorise an IIRC amazon purchase the other day for about £25, first time in ages it wanted me to do that).
 
Werewolf said:
IIRC there is a loopyhole in the charge system where because your card number can change but is still linked to the account number some charges do have teh ability to "reoccur" until manually shut down by the bank (as it would be a big issue fi say your council tax DD or your insurance got cancelled just because your card number changed).

It's likely those transactions were approved before the new card was sent out, and thus got through in the time window between the new card arriving and the old preauthorised charges expiring (IIRC if you say book a Tesco delivery for 2 weeks time they'll authorise the transaction when it's booked and claim on it when they finalise the order, same with pre-orders for product and pay at pump).

I would have hoped Barclays would have put a blanket ban on any transactions from the services you had already let them know were dodgy, and only allowed the funds to be taken if you then confirmed it*, but if it was pre-authorised before the card was cancelled it could be that it wasn't possible as they may have already been processing.

At least if it's your credit card (Barclaycard?) that's had it's number compromised it doesn't normally affect your actual bank balance, it's one of the reasons I only use my Bank card online to pay my Credit Card (and these days do it in the app). for everything else online I use a credit card as I've had my credit cards compromised repeatedly in the past due to hacked retailers (I think I had one card replaced about 3 times in 2 years).



*In the same way they do for other unusual transactions or at random (I had to authorise an IIRC amazon purchase the other day for about £25, first time in ages it wanted me to do that).
Click to expand...
The saga continues, a 3rd round of meta/facebook advertising charges, each time to the new issued card number I’ve not even seen.

They’ve cancelled the 3rd card on its way out and now, after me pushing “how do we actually stop this? Break the cycle..”, they’ve shutdown the account so it has no credit limit, just a balance I owe and now, presumably nothing will work.

After some further logical pushback from me they explained an agreement with certain merchants to forward transactions to the new card number, but now I’m stuck of course because every few days few quid goes out. What’s worrying it some people online with the same issue reported hundreds, thousands for this meta, facebook adv charges. Thank goodness is just a few quid.

I mean, even if they somehow ‘reactivate’ my account, I don’t see how it resolves the underlying issue. I see myself paying off the few hundred (legit balance) then closing the account.
 
Last edited:
Changing your card won't stop any subscriptions being charged, it will just go to the new card/number. This is nothing new and how it's supposed to work.
 
andybird123 said:
assuming you don't use facebook for anything, have you asked them to just block all payments to facebook/meta
Click to expand...
Not in that way no, no market place, certainly not advertising.

Also got 2FA enabled for the longest time and anytime re-logging into a device (which is very rare because I only ever use it on my phone), I receive “was this you?” emails. I changed my password the other day just to be careful but FB doesn’t have my card details regardless.

So yeah, I guess we’ll see what happens now because honestly it seemed like Barclays couldn’t just block Meta/FB. But if it happens again, I’ll escalate then tell them to close the account if they still can’t specifically block this firm.
 
Ali195 said:
Not in that way no, no market place, certainly not advertising.

Also got 2FA enabled for the longest time and anytime re-logging into a device (which is very rare because I only ever use it on my phone), I receive “was this you?” emails. I changed my password the other day just to be careful but FB doesn’t have my card details regardless.

So yeah, I guess we’ll see what happens now because honestly it seemed like Barclays couldn’t just block Meta/FB. But if it happens again, I’ll escalate then tell them to close the account if they still can’t specifically block this firm.
Click to expand...
I suspect the delay is basically they'd already pre-authed some of the stuff as I think it can last for up to 14 days, in theory anything after the fraud was reported should no longer be able to create an authorisation, but the old ones may still be valid (as otherwise every single transaction on the card would be declined which makes is hard for legitimate retailers).
So if the first items was Monday it's unfortunately well within the 7 days that is IIRC a standard length of time for a pre auth to last.

I would sincerely hope that they have the ability to block specific companies/types of services, as I know going back 25 years (and continuing for many years) people were having issues getting their legitimate subscriptions to online games to work as some card card issuers saw things like "EA Games" and would automatically block people's Ultima subs every single month until the user either contacted the card issuer or manually restarted the sub, thus creating a new authorisation (I know a few people who changed bank because of it, they were fed up of losing a couple of days play literally every month).

Chances are some retailer you've used, especially if you've been abroad/buying stuff online from a store with outdated payment backends has been compromised and that's where they've got your number from.

One of the problems with card fraud is that there is a certain flexibility in how much detail the retailer needs based on how much they're willing to risk losing, and some will go with far fewer checks to "make it easier" for people to buy from them, but on the flip side the card companies are meant to have systems in place to spot fraud pattens and act pre-emptively before the transaction either by requiring additional authentication or blocking it by default.
in the past Barclaycard have rung me/contacted me to say "We're aware of an issue involving your card, we've already cancelled it and you should receive a new one in the next 3 workings days", and I've lost track of the number of times they've asked me to to do the "verified by visa" thing or sent me a message asking "are these transactions yours".

If it keeps happening with the new new new card I would possibly look at submitting an official complaint with Barclays asking why their system is allowing known fraudulent transactions through, as the chances are the people you're talking to are front line staff who don't have much information/ability to look into things.
IIRC if you make a complaint and you're not satisfied with the answer you can escalate it (but simply making an official complaint should get a full answer).
 
Last edited:
Coincidental thread. My Barclaycard was compromised on Friday…..they seem to have caught it early, thankfully.
 
Last edited:
Werewolf said:
I suspect the delay is basically they'd already pre-authed some of the stuff as I think it can last for up to 14 days, in theory anything after the fraud was reported should no longer be able to create an authorisation, but the old ones may still be valid (as otherwise every single transaction on the card would be declined which makes is hard for legitimate retailers).
So if the first items was Monday it's unfortunately well within the 7 days that is IIRC a standard length of time for a pre auth to last.

I would sincerely hope that they have the ability to block specific companies/types of services, as I know going back 25 years (and continuing for many years) people were having issues getting their legitimate subscriptions to online games to work as some card card issuers saw things like "EA Games" and would automatically block people's Ultima subs every single month until the user either contacted the card issuer or manually restarted the sub, thus creating a new authorisation (I know a few people who changed bank because of it, they were fed up of losing a couple of days play literally every month).

Chances are some retailer you've used, especially if you've been abroad/buying stuff online from a store with outdated payment backends has been compromised and that's where they've got your number from.

One of the problems with card fraud is that there is a certain flexibility in how much detail the retailer needs based on how much they're willing to risk losing, and some will go with far fewer checks to "make it easier" for people to buy from them, but on the flip side the card companies are meant to have systems in place to spot fraud pattens and act pre-emptively before the transaction either by requiring additional authentication or blocking it by default.
in the past Barclaycard have rung me/contacted me to say "We're aware of an issue involving your card, we've already cancelled it and you should receive a new one in the next 3 workings days", and I've lost track of the number of times they've asked me to to do the "verified by visa" thing or sent me a message asking "are these transactions yours".

If it keeps happening with the new new new card I would possibly look at submitting an official complaint with Barclays asking why their system is allowing known fraudulent transactions through, as the chances are the people you're talking to are front line staff who don't have much information/ability to look into things.
IIRC if you make a complaint and you're not satisfied with the answer you can escalate it (but simply making an official complaint should get a full answer).
Click to expand...
Thanks a lot for the above, wasn’t aware of the pre-auth factor, but I guess even self service petrol stations do this, with the held 1p (or something like that).
 
I had similar last year where even the new credit card sent out was compromised before I had received it, which is obviously physically impossible. It's because as said above, it gets linked with recurring payments to allow a continuation of payments to subs. It's to stop you having to update card details and keep things working. Good for companies that still want your money, not good if you ever get hacked. I recall it being google/apply pay that someone had tried to setup on it and they were buying random stuff in America.
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom