Our bank account has been cleared out

[lougle]

Today my DH said 'why do we have no money??'
I told him not to be so ridiculous, because we have been working really hard to save money and build up a buffer in our account. So I looked at our bank account: available balance £14.

Someone has used almost £2000 on Next and Foot Asylum purchases, with a pizza and a dessert order thrown in .

The irony is that I never buy from Next because we can't afford for me to buy new clothes. I only ever buy from charity shops or (very rarely) Primark. So the fraud claim is very easy to prove. That and the fact that the man on the phone from the bank had to tell me what Foot Asylum is .

The transactions were all in the last day or so, and were all made using DH's card. We also had a letter today from Next, addressed to a man we've never heard of, thanking him for advising them if his change of address. So Next have given us a fraud case ID number and have put a block on account applications from our address. The bank fraud team will contact us tomorrow.

How gutting. We're lucky that DD1's DLA gets paid into a different account, so we can use that for a few days and reimburse it when we get reimbursed by the bank. If it got paid into the same account we'd be absolutely done for.

Sometimes it's strange what they accept and don't. My card was stopped last week when buying children's clothes on line from an outlet I've often bought from before

There are some oddities ... last week my debit card was declined (3 times)( for a phone transaction, despite being used 10 minutes previously. It was when I went to get another card, MrsLH reminded me exactly the same thing had happened with the same retailer last year. Never had any problems since with that card, and have used it since.

my DP had £400 took out of his account for two flights to dubai. if only the tickets came to our address xD they was really good and gave us the money back the same day a

Last year whilst on holiday I bought something at Schipol Airport on my credit card. I decided to check that it had gone through properly by logging in to my account and discovered that the day before someone had bought an easyjet plane ticket, hired a car and caught a ferry to Ireland costing £2k!!! I immediately rang the cc company stating I was on holiday and they put a freeze on my card. All the money was credited back to me and I never heard anything else about the matter.
I hope all goes well for you x

I don't think you'll have any problems getting the money back. The police can investigate but just because you have a delivery address doesn't mean you can prove the occupants were the culprits. Quite often the delivery address will be a block of flats or multi occupancy address with a number of potential suspects. Unless you see the suspect take receipt of the parcel / or find the goods it can be quite difficult. Petrol stations are classic sources for card cloning so you should look out for double swiping - sometimes the device is worn on the belt of the staff member. Really there shouldn't be any reason to hand over a card anymore. Be careful of devices added to cash points but I think these typically have a suspect lurking nearby to watch for your pin. ( although technology could have advanced somewhat). Finally be careful about throwing away letters and bills with your name & address on since these can be used to open lines of credit etc. Burn or shred everything if you can.

It's terrible. I had it done to me and received a call from the bank on the day it happened. I had nearly £2500 on various things like a gaming shop £900 Sony PlayStation online which is why my back phoned as they don't process those things unless you call to say you are using them because of all the fraud. The thing they phoned about firstly though was they had a payment going through for bt when I already have a direct debit set up also a Payment to an electric company with the sane thing. The idiots that were using my stolen details had paid the home phone and electric bills (or rather tried). The guy in the fraud dept said in 20 years he has never seen that. They stopped all payments and paid the small amount that had gotten past then back within a day. Trey gave me a new card but kept that one in the fraud dept just in case and it was used again 6 months later. The case is currently being processed for prosecution.

I had £600 charged to my credit card for Abercrombie & Fitch purchases, all delivered to an address (not mine of course). They still never found the thieves. Also had someone set up a standing order on my account for £800 a month. Fortunately, I didnt have £800 a month coming in, so it was stopped. If the rat had been less greedy, he would have got that first payment at least.

This type of fraud is so very commonplace and these cards are often cloned at petrol stations and cash machines. Card details are then sold via the net by criminal gangs.

Food was ordered at our expense (hope they choked on it) after the fraudsters in CA used some bank to withdraw the maximum amount of cash allowable each day (we were in the UK at the time). Think around £600 was taken over two days. Bank was very good and we were fully refunded within a couple of days. It takes time and effort to sort out however and that is the stressful part.

Some other shyster decided to pay for his university course fees with our credit card. The card was cancelled and the amount taken off the cc bill. I still cannot understand why that was allowed initially however, as that card was only used online and for small purchase amounts. It should not have been flagged up by me.

On a recent Housekeeping thread this little gadget was recommended, and I immediately ordered one (the pink one was on offer).

It's genuinely brilliant. One swipe obliterates name/address blocks on letters or delivery notes so you can recycle the letter without needing to shred first.

Very distressing, this sort of experience really shakes your trust in the whole banking / online system. It is very hard to get to the bottom of How it happened, where did the fraudsters get your details. Years ago someone stole my card details and went on a spending spree. It probably would have been a while before I noticed (not always diligent about checking account, joint account where same amount goes in and out each month). Luckily the bank noticed and contacted me. It was just bizarre the things that had been paid for, like £5 phone top up, and £12 to a charity. I found myself thinking for god's sake, it's stolen money, at least treat yourself a bit! The single major purchase was a £100 home delivery shop from Asda - the bank was hopeful of catching the thieves as they had presumably had the groceries delivered to their home address!! If it is not your fault (eg you haven't lost your card or something similar), then the bank should refund the stolen money to your account.

I assumed that without a verified by visa password then no fraudulent payments could be made online. I didn't realise that stopping this wouldn't be worth it.

It makes keylogger attacks much more powerful, because once you have the VbV passphrase you will be able to bypass other security checks. Keylogger malware is the number one attack.

They've credited our account . They've credited it with just under £1600, so I'm assuming that the rest of the transactions hadn't actually gone through and have just been deleted before they do, but I'll add it all up properly later.

We have a little handheld calculator thing for online banking which produces a one-time code based on your PIN and the precise atomic time! Cracking that algorithm would be quite something.

sec.cs.ucl.ac.uk/users/smurdoch/papers/fc09optimised.pdf

Section 4.1 might give you pause for thought.

Thanks Bolo - chilling stuff. Ours is the next generation though.

Ours is the next generation though.

Oh, there's trouble wherever you look. Consider:

www.cs.ru.nl/~rverdult/Designed_to_Fail_A_USB-Connected_Reader_for_Online_Banking-NORDSEC_2012.pdf

Two questions:

How do you know it's really your bank calling you? It's common for thieves to ring and ask stuff like date of birth.

And, how can they pinch a credit card and use it in shops if they don't have the PIN?

SooBee61 they give you information that only they would know and they ask you information that only you would know.

Second question: They bought everything online so no PIN needed.

And, how can they pinch a credit card and use it in shops if they don't have the PIN?

Hmm. A worrying number of places, particularly takeaways and places with substantial mail order or "call and collect" businesses,, put through all transactions as card not present, even when the card manifestly is present. That means I can use a stolen card and the victim's address (which if, for example, I've stolen their wallet or handbag I almost certainly have) but take the goods away with me.

they give you information that only they would know and they ask you information that only you would know.

Hmm. I would immediately offer to phone back on the number on the back of the card, hang up, and use a mobile to call them.

The first time I spoke to the fraud Dept. I phoned them. Then when I was on the phone to the police using the landline, the fraud Dept phoned to speak to DH on my mobile. But I could hear him speaking to the woman and recognised her voice, so I wasn't worried.

re they a bit thick how do they recieve the goods if the card is linked to the ops address

They do a deliver to a different address and not the billing address.

They then deny all knowledge of the delivery if they get caught.

There as a programme on the TV about it a couple of years ago - it was fascinating.

Where I live I receive a text message as soon as there is any activity on my account or any of my cards. It happens in the blink of an eye from the time the transaction is started to the time it ends. I can be putting my card back in my purse and the message has already arrived.

Its such a simple system.

I have had two incidences, years apart, where a new card has been issued, is sitting in my house unopened and yet has been used for fraudulent purchases.

Hmm. A worrying number of places, particularly takeaways and places with substantial mail order or "call and collect" businesses,, put through all transactions as card not present, even when the card manifestly is present. That means I can use a stolen card and the victim's address (which if, for example, I've stolen their wallet or handbag I almost certainly have) but take the goods away with me.

Not if the CV2 number isn't present.

There was a program about online bank fraud last night on ITV (3) at 22.20. Might be interesting to view on catch up. I tried to record it but my Youview box isn't working

Where I live I receive a text message as soon as there is any activity on my account or any of my cards.

There's a good literature on how people tend to ignore warnings which are too frequent. I have about 50 direct debits on my various accounts, and use various cards several times a day. Under that welter of notifications you would tune them out. It has to be more risk-based than that: large transactions, transactions to new recipients, that sort of thing.