Our bank account has been cleared out

[lougle]

Today my DH said 'why do we have no money??'
I told him not to be so ridiculous, because we have been working really hard to save money and build up a buffer in our account. So I looked at our bank account: available balance £14.

Someone has used almost £2000 on Next and Foot Asylum purchases, with a pizza and a dessert order thrown in .

The irony is that I never buy from Next because we can't afford for me to buy new clothes. I only ever buy from charity shops or (very rarely) Primark. So the fraud claim is very easy to prove. That and the fact that the man on the phone from the bank had to tell me what Foot Asylum is .

The transactions were all in the last day or so, and were all made using DH's card. We also had a letter today from Next, addressed to a man we've never heard of, thanking him for advising them if his change of address. So Next have given us a fraud case ID number and have put a block on account applications from our address. The bank fraud team will contact us tomorrow.

How gutting. We're lucky that DD1's DLA gets paid into a different account, so we can use that for a few days and reimburse it when we get reimbursed by the bank. If it got paid into the same account we'd be absolutely done for.

Glad they're sorting it out for you.
Someone once kindly transferred a balance of £3800 onto a credit card of mine. The fraud dept wouldn't give me an indication of how it was done (stolen statement/particular shop/ on line transaction?) and I had to jump through several hoops to prove it wasn't me, as they wouldn't tell me a thing. It took me 3 months to get it cleared.

My ex did this to me. Stole my card details, but not my card, after I had chucked him out (years together and two DC I might add, the filthy lowlife). He used my card details to pay small amounts off bills for several months before I noticed, it amounted to £900 in the end (I know, I'm an idiot).

I'm still trying to get him prosecuted. At first the police said it was just a civil matter and as I'd been refunded by the bank they wouldn't do anything. So currently, I'm embroiled in a complaint to the Independent Police Complaints Commission (very long story but the police have been crapper than crap) and I'm still hoping he'll be done for it.

Sorry for the minor hijack. It's not just faceless arseholes you've never met. Bastards are all around us.

Oh how annoying and upsetting. Hope it gets sorted quick

My BiL once apparently bought a car in Katmandu, despite being in Birmingham!

NFC is Near Field Communications. The technology used for contactless (and Oyster cards).

Personally I'm relatively relaxed about contactless fraud (relaxed enough I am happy to use contactless cards). The maximum possible exposure is £90 (after 3 contactless uses, you have to use C&P to "reset" the card).

Also, contactless can only be used physically at the card terminal. Which - in most shops - is the one area you can guarantee will be covered by CCTV. So not very appealing to a thief. Certainly not as appealing as a live card with it's CV2 intact ....

Oh, didn't know about the 3 uses thing, Lurking. Sensible!

I literally cannot imagine doing anything like this. I'd feel sick with terror. Its like being a burglar, I cant imagine breaking into someones house. IDK how people do it.

Fuckers. Someone once bought football season tickets and merchandise using my card about eight years ago, but the idiot used his real name and home address so I got the money back within days. Last year I got a text from the bank asking me to confirm that I had tried to make a purchase for £500+ on some computer equipment website.

A few years ago a friend was wiped out, £3000 on massive home purchases (expensive TV, etc) two days before she was due to fly for her summer holiday. Fuckers cleared out all of her spending money and she had to beg and borrow from family until she got it back.

It makes me so angry!

The verified by Visa additional security is a good idea but it isn't used by every online site or for telephone orders. They should implement it to be obligatory for online card payments and create something similar for phone orders (which wouldn't require the card holder telling the vendor characters of their password). I'm sure some techno person could come up with something!

Hope you get it sorted soon OP.

after 3 contactless uses, you have to use C&P to "reset" the card

It's actually risk-managed, and may be fewer or more, depending on magic.

For example, you can keep using it as an Oyster Card indefinitely, as the transactions aren't applied until later and there's no on-line verification (nor any way to collect a PIN anyway). So if you can think of a way to spend more than £90 on tube fares before someone notices their card is missing, you'll probably get away with it.

However, the total so far reported in contactless fraud is sixty grand. That's it, nationally. For the simple reason that transactions worth less than thirty quid aren't worth the hassle to criminals, and if they want to obtain small items with the risk of arrest then (your point about CCTV being well made) the best way to do it is to shoplift it. Want a bottle of wine and don't have the dollar, do I (a) use a stolen contactless card and risk prosecution for a bunch of offences involving fraud or (b) tuck it under my coat and walk out, risking a caution for theft if I'm unlucky?

They should implement it to be obligatory for online card payments

Why? It's complex to integrate, slow, not terribly secure and attacks a tiny problem. The banks refund the low levels of fraud. That is way cheaper than implementing complex systems to reduce already low levels of fraud yet further.

Given the ubiquity of phones, it should be possible to devise a system whereby purchases "off grid" or above a certain limit trigger an SMS to a linked phone with a code that the website/checkout operator needs to complete the purchase. Not dissimilar to the current system some banks have of needing to use a card reader to authorise payments to new payees for online banking.

The bottom line is security costs, and in the competitive world of banking, no bank will spend any more than the absolute minimum if they can get away with it.

It's actually risk-managed, and may be fewer or more, depending on magic.

Things have developed since I last cared . I suspect with the Oyster situation, TfL will assume the risk, so banks are happy to relax the restriction. Given that CCTV cameras on the tube exceed passengers, it seems a safe bet.

Personally I wish penny-ante stuff like car parks would get with the program, and take NFC. However, I have a feeling they have missed their chance now - using apps to pay for parking is already extant in some places. Why bother spending money to take NFC ?

Bolograph I assumed that without a verified by visa password then no fraudulent payments could be made online. I didn't realise that stopping this wouldn't be worth it.

If the three digit number isn't needed if you're there, why can you not buy anything on line without inputting it?

If the three digit number isn't needed if you're there, why can you not buy anything on line without inputting it?

????

You only need the 3 digit number (CV2) for purchases where you are not in the shop - that is online. For purchases in store, you use Chip & PIN (in the UK).

Oh. .

Thank you

This recently happened to us. Several hundred pounds worth of charges to that GODDAMNED 192.com (they try and find out mothers maiden name etc as it's a key banking security question).

I had this happen twice in the olden days (pre chip and pin). One was a postman who just stole any cards he saw were due to be delivered and used them quickly, having also stolen anything that looked like it might be a PIN notification (and most people e

Oops computer fail. Most people expecting a card don't know exactly which day it's arriving giving them a little while to try it out (and I think this was before widespread card registration over the phone with passwords).

I also had my bag stolen off the back of my bike and the teenage thieves tried the card in a payphone first - this seems to have been the old version of trying a small online transaction. They then paid for something larger (electronics or clothes I think).

Both cases I got everything back.

We mainly use an Amex which has a similar stage to VbV but does not actually ask you for any details. I have no idea how that is supposed to help.

(they try and find out mothers maiden name etc as it's a key banking security question).

Which is why it's a good idea not to use the real thing. Pick a word you like and use that. It's not as if the bank/website will check it ....

I often use a previous street address. Not my childhood one (my dad still lives there!) and not my current one but one from e.g. student days when you had a new address every few months, it seemed like. Easy to remember, but the only real connection with you is going to be on paper.

I don't really get how your MMN is going to be discoverable through 192.com though? Unless you live with your mother and she never married? And if she never did, then you'd use her mother's name not her current surname.

email/sms/phone alerts for 1) transactions over £x 2) if your balance goes below £y Would be a powerful tool to detect (and therefore discourage) fraud.

Also First Direct.

We have chosen not to use Verified by VISA because we read the small print which effectively said that yes it adds a level of security but it also pushes the liability from the bank to the cardholder. In other words, if your card is used online and you have VbV then the bank is more entitled to declare that it's your fault. VbV is not for the consumer's benefit!

We have a little handheld calculator thing for online banking which produces a one-time code based on your PIN and the precise atomic time! Cracking that algorithm would be quite something.

OP - it sounds like you're in a really sticky situation. I hope things are cleared up soon. In the meantime, have you both changed passwords for everything?

I think most cards that are cloned is done via people skimming the card, petrol stations, restaurants etc. Or it is done by call centre people, this could be insurance companies, energy companies, mobile phone operators, the list is endless.

Obviously we have to have some trust that the person in the company we are giving the details to are trustworthy, the majority are, but statistically some will be criminals.

I try to pay online as much as I can, put always check the site is secure before entering details.

not everybody realises that those emails are scams

Very true, I find it easy to spot them but many people don't. I actually think anyone who is teaching kids or elderly/first time users about the internet should teach them about fraudulent emails as soon as they teach about emails in general.

An email can appear to come from anyone; [email protected] or similar, but if you go to the options of the email and;

View Full Headers

You will see the real or redirected email address, it's not always possible to do it but is possible often enough.

Ouch! Glad your bank is cracking on with it OP and hope they restore your money asap.

I got stung for £1,200 but my bank alerted me and got my money back. Apparently was spent on online gambling. The fraud team person said the banks algorithm looks at gender as well as loads of other factors, and the type of gambling I'd appeared to suddenly do was a very male type of gambling... Whatever that means?! I still ponder on what male types of gambling are, not knowing a thing about gambling :)

Sometimes it's strange what they accept and don't. My card was stopped last week when buying children's clothes on line from an outlet I've often bought from before. It was unusual at all and yet NatWest stopped it. I then had 2 transactions and an Amazon order rejected too. I would rather they stopped it when they shouldn't though than not be careful enough so I'm grateful.

The banks are currently considering changing their rules so that the customer not the bank is responsible for these losses by the way. Presently the law is not clear. See www.theregister.co.uk/2016/05/26/bank_fraud_liability_shake_up/