My Credit Card got done (fraudulent transaction)

Status
Not open for further replies.
You are making me happy to be a Westpac shareholder when I see them fixing stuff quickly.
Fortunately BANKING BARBARA did not handle your enquiry!
Fraudsters are really out there and they would even like to get your $31 Million Lotto winnings this weekend.
 
==UPDATE==

Picked up my new cards today.
Same PIN Number as before so l didn't have to go through that process. Activated in store and in about 2 minutes, l was done. Easy as pie.

All in all, it was a pretty painless procedure. One phone call, fill out form, new cards turn up in about 13 days (I didn't check my P.O. Box for a while there and l was up in BNE, but the letter from Westpac was dated 27/12/10) AND it was during busy season. Not too bad from Westpac. I only wish that they had picked up the fraudulent transaction themselves.
 
Had a similar experience with CC Fraud with my CC being used to advertise a job on Seek.com and Careerone...

-$742 later..

Cancelled Cards..

Stat declaration and

New card wait...

Money refunded immediately by Teachers Credit Union after being informed..

All up it was a waste of time and Job Ad was cancelled so they didn't get use of the money anyhow...Thieves are seriously newby to think people won't notice fraudulent transactions! This one was anyhow...

Interesting thing was that they have re-advertised on other websites using the same wording in the Fraud Job ad!

Also had my Internet Banking compromised...

And the TCU picked it up as a Fraud within 12 Hours...

a South Australian Bank Account withdrew $3000 and used my account as I do....

Had to go through the same process as CC and more...

Police Statement and follow up...

As well as Computer checked for Viruses and wiped clean as apparently it may have had a 'Keylocker' Virus that sends details to the sender of what keys you press whilst on the Computer...A Trojan

Now I have Security Tokens for Internet Banking!!! And other safety precautions...

Had a fraud free 5 + years prior doing internet banking.

These less than clever thieves may be on the rise?
 
Score 10,000 Bonus PayRewards Points on your business spend!*
Elevate your business spending to first-class rewards! Sign up today with code AFF10 and process over $10,000 in business expenses within your first 30 days to unlock 10,000 Bonus PayRewards Points.
Join 30,000+ savvy business owners who:

✅ Pay suppliers who don’t accept Amex
✅ Max out credit card rewards—even on government payments
✅ Earn & transfer PayRewards Points to 10+ airline & hotel partners

Start earning today!
- Pay suppliers who don’t take Amex
- Max out credit card rewards—even on government payments
- Earn & Transfer PayRewards Points to 8+ top airline & hotel partners

AFF Supporters can remove this and all advertisements

A couple of observations/comments:

1. Most of my CC business is with Citibank. They are diligent to the point of being annoying with respect to detecting transactions that may be dodgy. They once blocked my card after someone tried to "test" it with a $1 pre-authorization (it was a bogus charge). They beefed up their fraud algorithms 3Q 2010 and I had to call them to request some "de-tuning" on my accounts... I was making long road trips across the US and was getting my card frozen every 400 miles when I filled up at a gas station... That being said I have never paid a dime for a bogus charge (I have had a few), but more importantly, I have also never had a charge-back declined if I get poor service with a merchant, a failed delivery, or other drama.

2. A string of 16 digits is not that hard to crack on most computers these days, heck in China and elsewhere there are human hack factories paying folks to enter 16 digit strings, over, and over, day-in, and day-out. Isn't it amazing what you can do when you only need to pay folks 25 cents a day? I have for many years suggested to VISA and MC that they use strings of alphanumeric characters (0-9, A-Z) to make this scam many more orders of magnitude more difficult. No luck so far.

3. RSA security keys for online transactions. I have an RSA key to use for my online banking, why not one for every CC to use in online shopping carts?

4. Those 3-digit "security codes" on the signature block of your credit card... Again, just 3 numeric digits (0-9), why not alphanumeric (0-9, A-Z)? I have actually received cards with 999, 444, and 789 as the "code"... Returned them for re-issue.

5. A Post Office box is a great fraud prevention tool. Nothing of any import to my financial/personal life gets delivered to my street address.

6. A shredder is a great investment. Pity they cost so much in Australia.

7. RFID cards. If you have one, make sure you have an RFID friendly wallet to carry it in to avoid wireless skimming.

That's my 2 cents.
 
yeldarb8 said:
2. A string of 16 digits is not that hard to crack on most computers these days, heck in China and elsewhere there are human hack factories paying folks to enter 16 digit strings, over, and over, day-in, and day-out. Isn't it amazing what you can do when you only need to pay folks 25 cents a day? I have for many years suggested to VISA and MC that they use strings of alphanumeric characters (0-9, A-Z) to make this scam many more orders of magnitude more difficult. No luck so far.
Click to expand...

A good idea. However, that doesn't address the weaknesses of card numbers. For example, Adelaide airport car parking machine automatically issues a receipt for card payments, hence you may not realise to pick up the receipt. That receipt omits only 4 or 5 digits of the card number. You don't need a hacking factory to run through 10000 combinations.
 
medhead said:
A good idea. However, that doesn't address the weaknesses of card numbers. For example, Adelaide airport car parking machine automatically issues a receipt for card payments, hence you may not realise to pick up the receipt. That receipt omits only 4 or 5 digits of the card number. You don't need a hacking factory to run through 10000 combinations.
Click to expand...

Four missing alphanumerics (0-9,A-Z) is 36^^4 = 1,679,616 combinations... Five missing alphanumerics is 60,466,176 combinations... that's already a much bigger task... but not impossible.

It's amazing to me that such obvious lapses are out there (still). Instead of omitting 4-5 digits they would be better off just showing the last 3 digits. Even with the current numeric system that leaves 10^^13 combinations for a hacker to try. With alphanumerics it's 36^^13 = 4.74x10^^18 combinations. Of course with millions of live account numbers out there they don't need to try nearly so hard but you get the idea...
 
yeldarb8 said:
A couple of observations/comments:



2. A string of 16 digits is not that hard to crack on most computers these days, heck in China and elsewhere there are human hack factories paying folks to enter 16 digit strings, over, and over, day-in, and day-out. Isn't it amazing what you can do when you only need to pay folks 25 cents a day? I have for many years suggested to VISA and MC that they use strings of alphanumeric characters (0-9, A-Z) to make this scam many more orders of magnitude more difficult. No luck so far.

That's my 2 cents.
Click to expand...

I guess Hacking is on the rise and not so difficult for some...Not sure of stats..

In my case the thief used the Virus to collect information I was typing in to my computer...Not sure about my CC information but as the thief had my home address(an extra bill arrived in the mail), the thought is that they accessed it via mail or some transaction I did online as well.

Internet Banking fraud required a password ,only known to me to log in, and the thief acquired it using the virus to track my keys I pressed on my computer...The Virus sent info to the maker and they had my password and all my details...

The Security Token my Banking Institution has provided gives security from these viruses, if ever they can get through my added security again, as the extra password number changes every 30 seconds on the token...

These Security Tokens are the way to go for sure...Teachers Credit Union use them and haven't had any Fraud with people using them for Internet Banking so far.

Alpha and Numerical changes might make it harder for the guessing hackers but in my case the Virus did all the work for them and it would not have mattered what my Card number was...

Banking Institutions are using computer programs the same as the fraudsters to track unusual transactions so it is still a battle against Good and Evil! Only online in our virtual worlds!
 
yeldarb8 said:
A couple of observations/comments:

1. Most of my CC business is with Citibank. They are diligent to the point of being annoying with respect to detecting transactions that may be dodgy. They once blocked my card after someone tried to "test" it with a $1 pre-authorization (it was a bogus charge). They beefed up their fraud algorithms 3Q 2010 and I had to call them to request some "de-tuning" on my accounts... I was making long road trips across the US and was getting my card frozen every 400 miles when I filled up at a gas station... That being said I have never paid a dime for a bogus charge (I have had a few), but more importantly, I have also never had a charge-back declined if I get poor service with a merchant, a failed delivery, or other drama.

2. A string of 16 digits is not that hard to crack on most computers these days, heck in China and elsewhere there are human hack factories paying folks to enter 16 digit strings, over, and over, day-in, and day-out. Isn't it amazing what you can do when you only need to pay folks 25 cents a day? I have for many years suggested to VISA and MC that they use strings of alphanumeric characters (0-9, A-Z) to make this scam many more orders of magnitude more difficult. No luck so far.

3. RSA security keys for online transactions. I have an RSA key to use for my online banking, why not one for every CC to use in online shopping carts?

4. Those 3-digit "security codes" on the signature block of your credit card... Again, just 3 numeric digits (0-9), why not alphanumeric (0-9, A-Z)? I have actually received cards with 999, 444, and 789 as the "code"... Returned them for re-issue.

5. A Post Office box is a great fraud prevention tool. Nothing of any import to my financial/personal life gets delivered to my street address.

6. A shredder is a great investment. Pity they cost so much in Australia.

7. RFID cards. If you have one, make sure you have an RFID friendly wallet to carry it in to avoid wireless skimming.

That's my 2 cents.
Click to expand...

Excellent info here to avoid the thieves taking your money and just inconvenience of sorting it out...and RSA keys would be the way to go for Credit Card transactions online.
 
Oneworldplus2 said:
+1
security tokens are definitely a good layer of protection. My bank only allows them if you need to do larger transactions. I will inquire again and see what they say.

Here is a useful website, UK, but worth a quick look if people need some info on protection.
Click to expand...
NAB has SMS security for online banking. They also used to have an automatic internet banking password lock, when you logged out it would lock your internet banking password until you called with phone banking to unlocked it. Phone banking password being different from the internet banking password effectively giving 2 factor verification. But it became an absolute pain to unlock the internet banking password when they implemented a voice response system - "unlocking internet banking", "do you want to register for internet banking" :evil:
 
My sister is with HSBC and they use RSA keys for online banking too. They also have an adequate multi-currency account but the fees can be high and they play the "everything goes through AUD$" game on currency conversions... so USD$ to GBP is USD$->AUD$->GBP and thus they make double the forex buy/sell spread, plus a transaction fee... ouch. The big 4 mainline banks really need to get the RSA keys.
 
Well, mrsdoc got hers done.

~$4000 of transactions at Coles in Melbourne (we're in Brisvenice).

Credit union Card - cancelled and charges suspended, new card arriving shortly.


They must have noted the card was being used for something other than shoes and handbags.....
 
docjames said:
Well, mrsdoc got hers done.

~$4000 of transactions at Coles in Melbourne (we're in Brisvenice).

Credit union Card - cancelled and charges suspended, new card arriving shortly.


They must have noted the card was being used for something other than shoes and handbags.....
Click to expand...

Doc one of my favourite mantras is "a girl should never skimp on her hair or on her shoes"! :p :p
 
I got ripped off three weeks ago. 4000 bucks worth . All flight bookings 2 with Malaysian & 4 with Emirates by some clown in Egypt. I have only used this card once online and that was with Malaysian Airlines early in March 2010. :?: All good though, I was refunded immediatelyi
 
hmmm, its all happening!
just got my NAB statement and it seems that while I am here in Adelaide, i'm also flying around Argentina!!!!!!!
$4,835.91 transaction on the statement with Aerolineas Argentina (sp?) so I rang NAB who were initially sceptical because of the travel bookings I have been making, but when I explained I have never been to Argentina and have no plans to travel there, and then I described the Adelaide weather to him and let him listen to the local ABC on the radio, he agreed it was suspicious :o
They called back about 20 mins ago and said that yes, it was a "fraudulent transaction" and they would reverse the charge. They will not replace the card yet unless they see more "suspicious" activity on it.
I'll think about that for 24 hours, but I think I'll get a new one - the only hassle are all the ongoing monthly deductions I have for the business. It will be a PITA.
He did ask why I didn't pick it when when I check my statement online and he was a little put out when I said I had better things to do, and that was why they sent me a statement, and that was why I thought they had security measures in place to prevent this.
In reality, I do not have time to and check my transactions every bloody day:(
 
FlyboyAl said:
He did ask why I didn't pick it when when I check my statement online and he was a little put out when I said I had better things to do, and that was why they sent me a statement, and that was why I thought they had security measures in place to prevent this.
In reality, I do not have time to and check my transactions every bloody day:(
Click to expand...

Spot on.
My Westpac card only got picked up once 'I' called 'them'. So much for cyber security and it's measures that they constantly tell us about, it seems to be marketing huff 'n' puff. I also got charged a "overdraft fee" too, even though it wasn't my fault. FlyboyAl, check your statement to make sure that they don't do the same to you. It's all good when you hear stories about "Insert Bank here" calling customers if they just did a 5k shopping spree at JB-Hifi/Harvey Norman, but the offshore front seems to need a little bit more attention I think. IMO, security tokens should be mandatory for ALL Internet transactions, end of story.
 
Sorry to bring up an old thread, l just got informed (via SMS from Westpac) that my Westpac Earth Gold has 'been compromised' (...again!). Good timing, l'm in Budapest for another month, LOL. Karma you say, hey, l've been good...

I'm having a great year, second time for my Earth Gold's and my BoQ got 'compromised' about a month ago.
 
Both NAB and Citibank have been very strict with my purchases.
Even though I have been in San Fran for a week spending on my Visa small purchases it wasnt until I bought a Macbook Book Air that I got a call from them.
And my Amex ... lets say say thats rather full at the moment.
:p
 
Last edited:
Rarely use my Qantas Amex card, purchased a flight ticket on my Ipad using the Iphone Personal Hotspot
via Bluetooth, 14 November. Used the IPhone hotspot in holiday accommodation, Broadbeach.
This was the first transaction made since 28 October on the card.

17 November at 0136 & 0235 received SMS's/Emails from Amex advising to contact them
due to possible irregular charges.

Only know that the first charge was with Holiday Extras UK for 13.24 GBP. Next few charges
they stepped up to thousands of dollars. Amex were excellent picking these charges up.

Anyone know if it's possible to glean credit card details whilst pairing Iphone/Ipad via Hotspot/Bluetooth?
It's the only incident I can put this down to as I haven't handed the card over a counter.
 
ksthommo said:
Rarely use my Qantas Amex card, purchased a flight ticket on my Ipad using the Iphone Personal Hotspot
via Bluetooth, 14 November. Used the IPhone hotspot in holiday accommodation, Broadbeach.
This was the first transaction made since 28 October on the card.

17 November at 0136 & 0235 received SMS's/Emails from Amex advising to contact them
due to possible irregular charges.

Only know that the first charge was with Holiday Extras UK for 13.24 GBP. Next few charges
they stepped up to thousands of dollars. Amex were excellent picking these charges up.

Anyone know if it's possible to glean credit card details whilst pairing Iphone/Ipad via Hotspot/Bluetooth?
It's the only incident I can put this down to as I haven't handed the card over a counter.
Click to expand...


Maybe.
When my Earth CC got compromised, Westpac was informed by Mastercard that they had had a security leak/hack and l was lucky enough to be in that group.
 
Status
Not open for further replies.

Become an AFF member!

Join Australian Frequent Flyer (AFF) for free and unlock insider tips, exclusive deals, and global meetups with 65,000+ frequent flyers.

AFF members can also access our Frequent Flyer Training courses, and upgrade to Fast-track your way to expert traveller status and unlock even more exclusive discounts!

AFF forum abbreviations

Wondering about Y, J or any of the other abbreviations used on our forum?

Check out our guide to common AFF acronyms & abbreviations.

Recent Posts

Currently Active Users

... and 27 more.
Total: 1,503 (members: 77, guests: 1,426)
Back
Top