Advanced search

Mumsnet has not checked the qualifications of anyone posting here. Free legal advice is available from a Citizen's Advice Bureau, and the Law Society can supply a list of local solicitors.

Warning to all on line shoppers - not a joke!!

(67 Posts)
putthehamsterbackinitscage Sun 03-Jan-16 21:00:19

If you shop on line with supermarkets or others who store your card details - think again!!

Like many regular posters, I have been using on line shopping for groceries for 2-3 years ....

My card details were stored for ease of use, and the ocado website simply charged my card with no input needed from me....

Then my account got hacked and it's apparently all my problem... They won't cancel a fraudulent order for £2k even though it hasn't been delivered and I have had to cancel my card and will now have the fun of sorting out the mess with my card provider, sorting out all the other stuff that will get messed up by this and being without cards for the next 2 weeks...

Please think about this - delete your card details and don't save them....

And consider switching to companies that verify card details for every transaction....

Bakeoffcake Sun 03-Jan-16 21:05:49

That's dreadful. I never store my card details on websites for that reason.

Where did the £2k of food go to?

putthehamsterbackinitscage Sun 03-Jan-16 21:12:23

It hasn't gone anywhere yet...

I spotted it before the order changes cut off but Ocado won't cancel it - they will only "pass it on" to their finance team for them to look into...

AnchorDownDeepBreath Sun 03-Jan-16 21:16:38

That's just a precaution - the finance team will review how the order was placed (checking if it was on the same device/in the same location as you usually are, how many log-in attempts were made, if they got access through an API, if Verified by Visa was used, etc).

They will then cancel the order and change your Ocado password, once they've verified that it wasn't you. They usually remove all associated card details as long as there are no legit outstanding orders, too.

I hope the bank are quick and efficient at dealing with this. Do you think it's just your Ocado account that was hacked? Do you have Verified by Visa set up? Keep an eye out for Continuous Authority payments, which will still be paid even if your card is cancelled.

ceeveebee Sun 03-Jan-16 21:23:14

Ocado app doesn't use "verified by visa".
This is quite scary. I always store card details as its much quicker. Assumed that if a new address was set up etc I'd get an email or text so would know straight away. They need to tighten up on this.

Why won't they let the order be cancelled, has the cut off time for editing already passed?

User543212345 Sun 03-Jan-16 21:23:24

The same happened to me before Christmas - which is an excellent time to be sans bank cards. The fraud department did eventually cancel the transaction - over £1000 of low end booze which was ordered a few minutes after the email address, password, delivery address and telephone number were changed but only after I spent 3 phone calls tearing my hair out with them refusing to take it seriously.

Once they cancelled the order they refused to reset the details on the account to my original email and a new password so I am locked out of my own ocado account - which has my personal details on it like my telephone number, address etc - and told me I'd have to set up a whole new one. I have, as yet, not bothered and doubt I will.

I called as the changes to my account were happening, as I was caught in a flurry of emails and told the operative that my account was being hacked and it needed to be frozen/stopped and she kept telling me I needed to speak to my bank - because they are the ones who deal with my Ocado account. Honestly, she was worse than useless. I was baffled as I don't think I'm the first person ever to have their account hacked and I'm sure that there should be protocol to follow.

As hamster says be careful about storing your card details. I haven't stored my new ones anywhere and am pissed off that I have to learn them again

TLDR: Ocado are bastards, don't shop with them. Don't store your card details online.

Gunting Sun 03-Jan-16 21:23:45

Don't they need to add your security number even if the card has been stored?

Gobbolinothewitchscat Sun 03-Jan-16 21:25:54

oMG. I'm cancelling my Ocado account

ceeveebee Sun 03-Jan-16 22:04:37

They don't ask for security number - it's a massive flaw isn't it?

HanSolo Sun 03-Jan-16 22:10:37

Don't you have to type in your acid password when you place an order? (or is that what was hacked?)

Pipbin Sun 03-Jan-16 22:15:10

Did they hack your Ocado account then?

Pipbin Sun 03-Jan-16 22:15:59

You do have to put in a password to create an order, and I know on the iPhone app you have to use Touch ID.

Pipbin Sun 03-Jan-16 22:17:45

Why won't they cancel it? Can you not get into your account to cancel it?

putthehamsterbackinitscage Sun 03-Jan-16 22:18:01

To clarify, Exactly same situation as sweary...

Called them when I got a text to say my order was placed and could be edited till 5pm - I hadn't placed order so checked immediately ...

They don't require security code or anything when you place an order, won't cancel it and won't reset my account...

I'm locked out, have cancelled cards and am currently fuming as they are really not interested in helping at all - even tried to tell me they don't store card details - so I suggested they read their own website...

Really would recommend anyone who has account removes any payment details so nothing can be taken automatically...

This will probably screw up smart pass and reserved though so you might have to give those up too...

putthehamsterbackinitscage Sun 03-Jan-16 22:19:03

Password was hacked... Customer services again say it is my fault - I must have been phished - but. I haven't ....

Headmelt Sun 03-Jan-16 22:20:07

Call your card company and report it as fraudulent activity so they won't pay out

putthehamsterbackinitscage Sun 03-Jan-16 22:20:27

Ceeveebee - exactly...

There is no security at all apart from email address and password - and passwords are easily hacked

Pipbin Sun 03-Jan-16 22:22:02

Have you contacted the police? This is serious fraud?

Did you use the same password for anything else? If so then change the password for that too. If they have got into your Ocado account then they will know your address and email address.

putthehamsterbackinitscage Sun 03-Jan-16 22:23:03

Headmelt - have done that but because Ocado took a pre-authorisation on a £1 transaction at checkout, they can still present the transaction and then we have to report as fraud once it has happened...

And in the meantime, we will have bill of £2k to deal with to avoid interest/default until it is accepted as fraud and claimed back from Ocado

justfivemoreminutes1 Sun 03-Jan-16 22:32:17

Thanks for the warning and sorry this has happened to you. I've just removed my stored card details from waitrose x

Pipbin Sun 03-Jan-16 22:41:09

Did you not get an email saying that the order had been placed, or did they change your email address too?

ceeveebee Sun 03-Jan-16 22:41:24

Pipkin - you don't have to use Touch ID on the app. If you have a phone with Touch ID it will ask you for it, but if it fails (as I often do as I can never seem to get my thumb at the right angle!) then it just asks for password. And the passwords are not strong - I've had the same very weak password on there for over 10 years, never been asked to change it and it doesn't even require alpha-numeric.

ceeveebee Sun 03-Jan-16 22:42:23

Sorry, Pipbin not Pipkin!

Ditsy4 Sun 03-Jan-16 22:43:05

Wow! Scary for you. That is awful. Thank you for warning people.
I buy mine on the way home so don't use it but will pass it on to friends. Hope you get it sorted quickly.

cdtaylornats Sun 03-Jan-16 22:44:17

Contact your bank - tell them Ocado appear to be about to attempt a known fraudulent transaction on your account. Make sure they know Ocado do not have permission.

Join the discussion

Registering is free, easy, and means you can join in the discussion, watch threads, get discounts, win prizes and lots more.

Register now »

Already registered? Log in with: