I've been frauded!

Soldato
Joined
2 Nov 2013
Posts
4,394
Got a text from my credit card supplier today saying I would receive another text from a specified number about a potential fraudulent transaction. Swiftly followed by the promised text.

A bit of an odd way of doing things, which immediately has you wondering whether the texts themselves are the fraud attempt. But I went (via their own app, not those texts) to their help, a chat bot, which replied to me raising the question of fraud notifcations with a message saying "If you've received a text, it is genuine". I could see the same transactions on the app too.

So I replied to confirm they're not mine, but they are not open until tomorrow, when I will get a call. Presumably they'll have to replace the card.

I'd be interested to know how it's been done though. I have apparently hired two electric scooters, and posted two parcels - all in Albania. They would have needed all the numbers from the card I think. I haven't bought anything over the phone for ages. Web transactions should be secure. So how have they got the lot, including the security digits?

I certainly can't complain about their reaction - the warning, and them locking down my card, happened pretty much immediately.
 
Sorry to hear that but at least it was a CC and not a debit card.

Web transactions are only secure if the underlying applications are patched and up to date, could be script injections, data leaks, its rife now.

At least you’ve got it secured, there’s many victims out there.
 
Sounds like they are doing their job, so just a bit of inconvenience for you. Interesting that it was done over text though.
When I was done, I had a phone call, then phoned them back on official number to confirm. That was Nationwide. It was a few years ago now though.
With that particular card, it had never even been used by me!
 
Last edited:
I've been with RBS for donkey's years and its always been Text Message based their fraud checking system; I used to get a weekly Monday text message saying my card had been blocked as they couldn't understand how someone could use their card at Costa Coffee in Edinburgh Airport and then Europcar at Heathrow Airport in the space of 2 hours........ and had I made those transactions....
 
Last edited:
My wife's Barclay card had the same thing happen about 2 months ago, then last month my Nationwide credit card had the same thing. I thought the texts were fake too until I checked the app and confirmed everything.
 
I had it the other day with mine again. Second time in 2 years on the same credit card account. Card got locked down whilst I was abroad as well which was annoying. Being abroad was not the issue though. Someone ordered fast food in London somehow using my card details. Joy.
The initial wave of texts and automated calls left me wondering if they in themselves were the scam, so I always just call my credit card company directly to discuss it.
I tend to use credit card for when I pay somewhere new or as a one off, for the added protection. I expect some website somewhere, is getting harvested with attacks unbeknown to the owners.
 
My partner has the same thing happen a couple years back with a Sainsburys credit card. She barely used it, had the card in her possession, yet it was used to buy hundreds of pounds worth of takeaway somewhere else in the country.

Same process - text messages followed by a check on the banking app showed the transactions pending. Then a call to the fraud line.

Immediately refunded by the bank but left us wondering how they were able to make the transaction.
 
They would have needed all the numbers from the card I think. I haven't bought anything over the phone for ages. Web transactions should be secure. So how have they got the lot, including the security digits?
as mid_gen said, web transactions aren't necessarily secure - if your laptop/browser has been compromised (maybe phones are less prone) with malware etc,
or, had you used the card physically where someone just recorded the details ?
presumably timing of the card misuse may indicate when card was compromised.
 
Had the call this morning. As expected, new card being sent. Will take a week to get here apparently!
Even more annoyingly, the guy (who was lovely otherwise) constantly said 'yourself' when he just meant 'you'.
 
SMS can be intercepted, should not be used for 2FA.
Not so much intercepted, but it's possible someone can clone your SIM, and they don't need access to your phone to do it.

I only use mobile 2fa for stuff I don't care about.

Password managers and my main Google/Microsoft accounts are secured with a pair of Yubico FIDO keys, and printed and stashed recovery codes. Definitely do not use SMS/phone for securing password managers and the like.
 
Hmm I had something similar happen a few years ago my bank actually called me saying there was a potentially fraudulent transaction someone was trying to purchase something in Thailand, I said I'd never been there in my life. It was fine and got blocked and I got a new card. That was a debit card incidently. I know how it happened though - a trojan/keylogger whatever you want to call it.
 
Back
Top Bottom