My credit card has been hacked!

[Slamdoor]

What a bummer. Tried logging into my account today to find my login details didn’t match. Phoned them up and was told to re register which I did to discover that my credit limit had been raised and the last bunch of debits weren’t mine amounting to about 11k. Hot on the phone was I to be told I’d raised my credit limit which I hadn’t. Fraud dept now investigating. No idea how it happened as I don’t let the card out of my sight. Plenty of online transactions though so maybe one of those had been compromised. Security with Avast up to date though so hopefully not at my end. Pissed off though plus card blocked now so using backup until this gets sorted.

[BadgerUK]

The main thing is that hopefully it only costs you inconvenience and not money.

£11k is a lot, I find the credit card companies get spooked very easily these days so am surprised suspicion was not raised.

It has happened to my son while traveling in South America and to myself before and after Xmas where every time I tried to spend more than £100 the transaction was declined, then when I tried again they blocked the card. They wouldn't tell me why.
Then 2 months later they told me my card had been compromised and they were cancelling it and issuing a new card with new credit card number.

How long ago was the first fraudulent transaction made ?
I would be asking why it has taken them so long and how did they allow the credit limit to be raised ?

[JohnnyE]

Register yourself now with noddle.co.uk - it's a free service that was recommended by the police to me when a similar thing happened last year.

That will allow you to fully check your credit file once a month for the next while. Gives you peace of mind at least, that nothing else got compromised.

[VDG]

If you are using Avast CCleaner you may want to read this

Users of a free software tool designed to optimize system performance on Windows PCs and Android mobile devices got a nasty shock this morning when Piriform, the company which makes the CCleaner tool, revealed in a blog post that certain versions of the software had been compromised by hackers — and that malicious, data-harvesting software had piggybacked on its installer program.
The affected versions of the software are CCleaner 5.33.6162 and CCleaner Cloud 1.07.3191.


----

“We estimate that 2.27 million users had the affected software installed on 32-bit Windows machines,” she further added.

LINK

[EJL25]

Have you used hotels.com website?

[Slamdoor]

Have you used hotels.com website?

No

[Slamdoor]

Will keep you posted as to the outcome and hassle. Don’t use avast ccleaner. The first fraud was on the 2nd I discovered. Someone worked quickly. Tosspots.

[blackal]

Have you used hotels.com website?

Is there a bit more to that?

[LuBee]

Experian....another recent security breach!

[EJL25]

Is there a bit more to that?

Hotels.com claimed no such thing has happened, but it was a new card and was only used in Hotels.com site.

Edit. And it actually happened twice!
After the second time haven’t used Hotel.com and my credit card details have been safe.

[BadgerUK]

Experian....another recent security breach!

Do you mean Equifax ?
They have had a major data breach mainly in the USA.

Experian is a different company and they have not suffered any data breach.

https://www.cnbc.com/2017/09/08/equi...-confused.html

[LuBee]

Do you mean Equifax ?
They have had a major data breach mainly in the USA.

Experian is a different company and they have not suffered any data breach.

I stand corrected.....It was Equifax recently but Experian also had a breach in Oct 15. http://www.telegraph.co.uk/finance/m...ta-breach.html

Hotels.com, Intercontinental and Sabre have all had data breaches, loads of hospitality companies have had breaches they're just so lax with credit card details and security.

[catch21]

Find it incredible that in 2017 this sort of stuff can still happen. It's been going on forever, surely they investigate, understand the mechanisms used and close the gaps in the defence? It's hard to imagine that security of cards is still that weak.

[JasonM]

Maybe a email to the card holder whenever a transaction takes place would help, like what happens when you use Paypal. may be a ball ache if you use it a lot but might help should the worst happen.

[bonzo697]

I would report it to Action Fraud and register with CIFAS to ensure they don't use your details to open new accounts. As others have said register with one of the free credit report agencies to get a view of your existing accounts.

[markrlondon]

Find it incredible that in 2017 this sort of stuff can still happen. It's been going on forever, surely they investigate, understand the mechanisms use and close the gaps in the defence? It's hard to imagine that security of cards is still that weak.

I don't think that security of cards themselves is weak. But security of other systems may be weaker, and I also suspect that a lot of breaches are due to inside jobs.

[MB2]

Maybe a email to the card holder whenever a transaction takes place would help, like what happens when you use Paypal. may be a ball ache if you use it a lot but might help should the worst happen.

Amex does this - I have a pop up message on my phone via the App every time my card is used.


Sent from my iPhone using TZ-UK mobile app

[blackal]

Amex does this - I have a pop up message on my phone via the App every time my card is used.


Sent from my iPhone using TZ-UK mobile app

That would appear to be a worthwhile measure!

[Andrzej]

So does my Monzo card - only on line, and very good abroad.

[PhilipK]

I don't think that security of cards themselves is weak. But security of other systems may be weaker, and I also suspect that a lot of breaches are due to inside jobs.

Indeed - security is about People, Process and Technology. The Technology is pretty well sorted, so most breaches are down to poor Processes or dishonest People.

[Cyclone]

So does my Monzo card - only on line, and very good abroad.

Sorry just to confirm, the Monzo mobile app sends you a notification for each transaction? The reason I ask is I'm considering switching to Monzo. Cheers

[walkerwek1958]

I was on the receiving end of credit card fraud last year, I use my card very infrequently and I was fairly certain I knew where it had originated from but I couldn`t prove it. In the end I let it go, took my refund and forgot about it, my wife persuaded me not to confront the staff at the shop where I`m 99.9% certain it occurred. York retail outlet, Ben Sherman shop, I remember the young scroat who served me.

My answer to the problem was simple: stop using credit cards. If I buy anything I pay with cash, and I don't buy stuff online. I deal with a couple of watch parts suppliers and that's all I do with the credit card. If I eat out at restaurants I always pay with cash. If I fill my car up I pay with cash Minimise the risk, it's the best way. Unless you need the credit what's the point in using a card?

Paul

[reggie747]

Unless you need the credit what's the point in using a card?

With respect Paul, my well earned wife, who needs no credit, purchases 99% of what she buys with a credit card.
Month end, bill comes in and gets boxed off like clockwork. It suits her not to be juggling cash around at the till, anywhere really.
Purchases have some kind of added protection in the event of a muck up also.
The way the companies are now, the card owner never gets whacked in the event of a fraud. Kill the card off and send a new one. Simples.

[Jim M]

I travel much for work and have it happen at least once a year.

Last year Christmas Eve I get two calls from American Express and Capital One Visa asking if I am buying $10,000 worth of Microsoft products and $10,000 0f Apple products. Lousy timing but ''no'' answer ended any fraud and new cards were sent.

Only problem I have now is the cards have to be sent to billing address. I used to be able to have them federal expressed to Hotel I was staying at when they were comprised during business travel.

Fortunately my providers watch for fraud due to past history. Small hotels are main culprit I suspect. Timing is always close to staying at non chain local hotel at some out of way place I am visiting.

I will get calls when purchasing a watch to verify I am making purchase. Never had a problem getting charges not made by me removed from accounts.

[Andrzej]

Sorry just to confirm, the Monzo mobile app sends you a notification for each transaction? The reason I ask is I'm considering switching to Monzo. Cheers

It certainly does, as you actually do it! Plus comprehensive monthly breakdowns.

[senwar]

Unless you need the credit what's the point in using a card?

Paul

What an odd (well daft really) comment.

I have had many holidays, hotel stays and other benefits just by using my credit card (airline, hotel points etc). I pay it off in full every month and receive additional insurance on purchases. I've just had 5 nights in Palm Springs for free due to the points I'd built up with IHG for example.

Many people use cards for this very reason. Purchase protection alone is worthy enough of why to use a credit card.

[Mick P]

What an odd (well daft really) comment.

I have had many holidays, hotel stays and other benefits just by using my credit card (airline, hotel points etc). I pay it off in full every month and receive additional insurance on purchases. I've just had 5 nights in Palm Springs for free due to the points I'd built up with IHG for example.

Many people use cards for this very reason. Purchase protection alone is worthy enough of why to use a credit card.

Most shops prefer payment by card for security reasons. Even pubs now prefer contactless payment. Cash is becoming outdated and whilst not hackable, it is frequently forged.

[Slamdoor]

The credit card company contacted me today and went through the statement to isolate the fraudulent transactions. Seems new cards to replace short dated ones were intercepted by someone in the post office as I never received them. They must do voice analysis of recorded conversations as they confirmed that the voice requesting a limit increase wasn’t mine. Hopefully this’ll get sorted now.

[JasonM]

The credit card company contacted me today and went through the statement to isolate the fraudulent transactions. Seems new cards to replace short dated ones were intercepted by someone in the post office as I never received them. They must do voice analysis of recorded conversations as they confirmed that the voice requesting a limit increase wasn’t mine. Hopefully this’ll get sorted now.

Surely the security questions should have prevented the phone call request working? Obviously not.

[Andrzej]

Most shops prefer payment by card for security reasons. Even pubs now prefer contactless payment. Cash is becoming outdated and whilst not hackable, it is frequently forged.

A previous client of mine has a restaurant in West London, and does not take cash, only card payments, and advertises as such. In a small business, there are a whole series of reasons not to take cash - security, time, cost.

[Mr Pointy]

Veering somewhat off topic there is a going to be a very significant change in the way online purchases are made & authorised which will potentially shift the burden of any losses due to fraud from the online vendor to the customer, ie us. Currently the vendors have to make arrangements to process credit card transactions & these come with very stringent security requirements, or at least they are supposed to. There is a new web API being implemented called the Payment Request API which will move the point of contact with the credit card companies from the online store to your browser. Since the store is no longer involved in the payment process, they can no longer be held responsible for any fraud.

https://www.bleepingcomputer.com/new...ave-passwords/

As Clarkson might say, what could possibly go wrong.

[Glamdring]

Earlier this year my Natwest card was refused at Sainsbury's. Embarrassing. I paid with my debit card instead. I received a text message saying my card had been used fraudulently and should contact this particular number. Obviously I didn't, I went and found the right number from Natwest's site. It had been the right number but there you go. They'd spotted an attempt to use my card fraudulently to the value of a fiver so they'd blocked and cancelled it. A few days later I got a new card, job done, quite efficient really.

[JasonM]

I got a text from Nationwide asking me to get in touch as they suspected a fraudulent transaction had occurred, please contact us on bla bla bla. As above I ignored it for hours, got a second one through and then Googled the number and it was legit, a couple of small test purchases had been taken, I was impressed with their security service.

[steptoe]

I was on the receiving end of credit card fraud last year, I use my card very infrequently and I was fairly certain I knew where it had originated from but I couldn`t prove it. In the end I let it go, took my refund and forgot about it, my wife persuaded me not to confront the staff at the shop where I`m 99.9% certain it occurred. York retail outlet, Ben Sherman shop, I remember the young scroat who served me.

My answer to the problem was simple: stop using credit cards. If I buy anything I pay with cash, and I don't buy stuff online. I deal with a couple of watch parts suppliers and that's all I do with the credit card. If I eat out at restaurants I always pay with cash. If I fill my car up I pay with cash Minimise the risk, it's the best way. Unless you need the credit what's the point in using a card?

Paul

Rub out the three number security code on the back of the card and memorise it.

That way if using it in an over the counter transaction the person can't see the security code and use the details online fraudulently at a later date.

[Alpha4]

I use a credit card with a lowish limit to make online purchases. It also has the benefits of free purchase insurance and payment protection. Better than using a debit card, as the only limit would be the amount I have in my current account.

Although, it would not help if the fraudster could raise the spending limit through poor issuing bank security. I just have to hope that my bank would be more security conscious about raising the CC limit - they've been pretty good in the past on fraud attempts.

[David_D]

If you are using Avast CCleaner you may want to read this

LINK

I read that at the time. It's very worrying when an apparently trustworthy source is used to deliver malware.

I had my credit card hacked somehow a couple of years ago. A furniture company from down South had received a phone order using my details. The purchaser was going to collect the furniture (presumably unusual in iteslf) and had asked that a receipt not be posted to avoid "unnecessary" paperwork! Fortunately, the furniture company had my address (which the scammer must have given) and sent me a letter asking me to contact them. It all worked out OK and neither the retailer nor I lost out.

I think I also had a more recent issue which the credit card company must have identified. It's a pain having to change card details but at least I've not lost out financially and I don't mind on occasion when the card provider calls to validate a transaction.

The lesson I learned was to reduce credit limits to what is required. They always end drifting up, unrequested, to some amount I'd never have cause to use.

[seffrican]

Indeed - security is about People, Process and Technology. The Technology is pretty well sorted, so most breaches are down to poor Processes or dishonest People.

I'd say you're an optimist. Most places, most of the time, all three are as primitive as can be.

Most shops prefer payment by card for security reasons. Even pubs now prefer contactless payment. Cash is becoming outdated and whilst not hackable, it is frequently forged.

The costs of handling cash are surprisingly high. Those Securicor vans aren't cheap to run, and even a small trader is losing time/money while making their bank deposit at the end of the day.

[AKM]

Hotels.com claimed no such thing has happened, but it was a new card and was only used in Hotels.com site.

Edit. And it actually happened twice!
After the second time haven’t used Hotel.com and my credit card details have been safe.

I've had fraudulent transactions made on a replacement card before it even arrived in the post. The envelope arrived seemling unopened. It was a card that I almost never use.

Sent from my XT1562 using Tapatalk

[markrlondon]

I've had fraudulent transactions made on a replacement card before it even arrived in the post. The envelope arrived seemling unopened. It was a card that I almost never use.

Inside jobs.

[walkerwek1958]

What an odd (well daft really) comment.

I have had many holidays, hotel stays and other benefits just by using my credit card (airline, hotel points etc). I pay it off in full every month and receive additional insurance on purchases. I've just had 5 nights in Palm Springs for free due to the points I'd built up with IHG for example.

Many people use cards for this very reason. Purchase protection alone is worthy enough of why to use a credit card.

Some of us don`t spend enough to make the points etc worth bothering with.

Nothing daft about the comment, they're nowhere near as necessary as people like to think.

I take credit card fraud personally, I'm 99% sure I know where it happened in my case and I blame the one of the scroats in the shop. I can`t believe how people just shrug it off, it's fraud, it's robbery.

As for contactless payment, that's trouble waiting to happen. Stick to cash, it's far simpler.

Paul

[reggie747]

Some of us don`t spend enough to make the points etc worth bothering with.

...they're nowhere near as necessary as people like to think.

Well you won't spend enough if all you use is cash ?

It's not about them being necessary, it's about the convenience.

[alexaff]

Some of us don`t spend enough to make the points etc worth bothering with.

Nothing daft about the comment, they're nowhere near as necessary as people like to think.

I take credit card fraud personally, I'm 99% sure I know where it happened in my case and I blame the one of the scroats in the shop. I can`t believe how people just shrug it off, it's fraud, it's robbery.

As for contactless payment, that's trouble waiting to happen. Stick to cash, it's far simpler.

Paul

I've seen more fake bank notes in my time than I've seen card fraud.

Stick to cards ;)

[walkerwek1958]

Most of the folks who brag about 'free this, free that' amass the points because they travel/ spend on company business! OK, I suppose that's a perk of having to spend your life working/ travelling........I vaguely recollect working myself in the distant past and you've got to grab all the advantages you can. It's like the folks who used to brag about air miles.......big deal you lucky boys.

Far too easy for people to run up debts using credit cards, they encourage irresponsible spending........ but they are a convenient way of running up debts so I guess that's a plus.

I don't know what people have got against cash, beats messing around with cards......... and when you're wallets empty you go to the minibank and fill it up again.

Paul

[alexaff]

Most of the folks who brag about 'free this, free that' amass the points because they travel/ spend on company business! OK, I suppose that's a perk of having to spend your life working/ travelling........I vaguely recollect working myself in the distant past and you've got to grab all the advantages you can. It's like the folks who used to brag about air miles.......big deal you lucky boys.

Far too easy for people to run up debts using credit cards, they encourage irresponsible spending........ but they are a convenient way of running up debts so I guess that's a plus.

I don't know what people have got against cash, beats messing around with cards......... and when you're wallets empty you go to the minibank and fill it up again.

Paul

I use a debit card Paul. Basically cash in card form.

[senwar]

Most of the folks who brag about 'free this, free that' amass the points because they travel/ spend on company business! OK, I suppose that's a perk of having to spend your life working/ travelling........I vaguely recollect working myself in the distant past and you've got to grab all the advantages you can. It's like the folks who used to brag about air miles.......big deal you lucky boys.

Far too easy for people to run up debts using credit cards, they encourage irresponsible spending........ but they are a convenient way of running up debts so I guess that's a plus.

I don't know what people have got against cash, beats messing around with cards......... and when you're wallets empty you go to the minibank and fill it up again.

Paul

I’m certainly not ‘bragging’ about free this and free that. I explained benefit I have using a card. The primary benefit is the additional insurance.

Cash is fine for day to day stuff but anything over a tenner I stick on a card and pay it off either at bill time or sometimes as soon as it appears on my statement. No danger of ‘running up debt’

My mum still prefers cash over anything even direct debits.

[Kingstepper]

Most of the folks who brag about 'free this, free that' amass the points because they travel/ spend on company business! OK, I suppose that's a perk of having to spend your life working/ travelling........I vaguely recollect working myself in the distant past and you've got to grab all the advantages you can. It's like the folks who used to brag about air miles.......big deal you lucky boys.

Doesn't have to be company business - I've amassed hundreds of thousands of Avios on (modest) personal spending.

[Glamdring]

The insurance you get with every purchase is worth carrying a card. The credit card company are equally liable with the seller for any failure in the transaction at any point. They will pay you back if the seller goes bust.

[markrlondon]

The insurance you get with every purchase is worth carrying a card. The credit card company are equally liable with the seller for any failure in the transaction at any point. They will pay you back if the seller goes bust.

Indeed. This is a substantive reason to use credit cards that goes over and above mere convenience.

Nevertheless, cash is king. I prefer to use it wherever possible where I don't need Section 75 protection.

[Jim M]

Haha, As a father of four and grandfather of one I did do all my 2016 Christmas shopping on Amazon paying only with AMEX points so it does have an extra added benefit to it for offset to misery of long term business travel these days!

Most of the folks who brag about 'free this, free that' amass the points because they travel/ spend on company business! OK, I suppose that's a perk of having to spend your life working/ travelling........I vaguely recollect working myself in the distant past and you've got to grab all the advantages you can. It's like the folks who used to brag about air miles.......big deal you lucky boys.

Far too easy for people to run up debts using credit cards, they encourage irresponsible spending........ but they are a convenient way of running up debts so I guess that's a plus.

I don't know what people have got against cash, beats messing around with cards......... and when you're wallets empty you go to the minibank and fill it up again.

Paul

[TimeThoughts]

I was on the receiving end of credit card fraud last year, I use my card very infrequently and I was fairly certain I knew where it had originated from but I couldn`t prove it. In the end I let it go, took my refund and forgot about it, my wife persuaded me not to confront the staff at the shop where I`m 99.9% certain it occurred. York retail outlet, Ben Sherman shop, I remember the young scroat who served me.

My answer to the problem was simple: stop using credit cards. If I buy anything I pay with cash, and I don't buy stuff online. I deal with a couple of watch parts suppliers and that's all I do with the credit card. If I eat out at restaurants I always pay with cash. If I fill my car up I pay with cash Minimise the risk, it's the best way. Unless you need the credit what's the point in using a card?

Paul

Just to add a similar story.

A few years back I was out in London for a meal & few pints with my brother and my father. We went to a bar near Soho and I went to get a round and realised I needed to go to an ATM. All nearby were out of service so I went back to the bar and put the round of drinks on my debit card, but in error I used a new credit card that I happened to have in my wallet (instead of my debit card). For some reason the lad behind the bar took ages to process the transaction and he kneeled down at one point which caught my attention.

Anyway, 3 days later I got a call (from Barclays) asking; did I just try to make a 'high value purchase' in East London. No says I, fine says they, replacement card arrived and I followed up with a call; someone tried to purchase clothing in East London valued at nearly £1000.

I explained to the bank that I had only used the card once, I explained where and when I used it and how the lad was arsing about with the card and I was happy to make a report to the police etc.

To my shock; bank said they were not interested in progressing that avenue and they considered the matter closed...