Login | Register
PistonHeads » Gassing Station » General Gassing » Speed, Plod & the Law
Personal banking fraud
SearchMy Stuff
My ProfileMy PreferencesMy Mates RSS Feed
1
Reply to Topic
Author Discussion

REALIST123

1,636 posts

23 months
[report]
[news] 
Tuesday 7th August 2012 quote quote all
Deva Link said:
A lot of them are inside jobs.
This.

Last year I had my current account hacked, about 2.5k spent on debit card.

Turned out that just before, the bank received a letter signed with a signature very like a ten year old one of mine on file with the bank advising of a new address, in some East London block of flats and changing the phone numbers on record.

Unbelievably, the bank complied without checking.

A day or two after another letter was received asking for a new debit card which was duly sent, followed by a new PIN.

My branch manager showed me scans on screen of both letters.

Then the spending started.

The bank refunded without any delay, we even waited until the final two fraudulent transactions hit the account, when they were immediately refunded.

Closed the account and set up new, never learned anything from the banks security team about what had happened but both my branch manager and I believe that a bank employee was involved.

graemel

4,595 posts

87 months
[report]
[news] 
Tuesday 7th August 2012 quote quote all
This has happened to by business partner a few times. Local petrol station to work. Eventually they got nicked. For online stuff I only use a credit card with a low credit limit. Anyone using the new chip card that you can attach to your phone. Put mine through a shredder. The card that is.

Gareth79

2,628 posts

116 months
[report]
[news] 
Wednesday 8th August 2012 quote quote all
sugerbear said:
Despite what some will claim, you cannot clone a chip transaction (think of a sainsbury/tesco terminal where you dip the card rather than swipe)
Small point - some of the chip & pin devices have a magstripe integrated and it's impossible to use the chip function without it being swiped. I have noticed that many of these have now been phased out though, especially in petrol stations!

Also interestingly, the basic card data (number, account holder's name etc) is transmitted unencrypted prior to the card authentication cycle, so anybody who is able to tap the data lines from the card can still collect plenty of information, possibly even still enough to make a functioning magstripe card.

CAPP0

Original Poster:

5,988 posts

73 months
[report]
[news] 
Wednesday 8th August 2012 quote quote all
sugerbear said:
Just out of interest were the transactions UK/Europe based or USA. Most likely fraud involves reading the mag stripe at a compromised terminal (or ATM) then sending the details to your sidekick in the US who clones the magstripe and go on a spending spree.

Despite what some will claim, you cannot clone a chip transaction (think of a sainsbury/tesco terminal where you dip the card rather than swipe) because the chip generates a unique cryptogram (checked by your card processor) for each transaction and you cant make a magstripe card from the details of a chip transaction because the details are different.

Might have been a magstripe transaction in the UK but in those cases generally the merchant takes the hit, not the bank.
The bank didn't state, just gave me the names of the merchants. The only one I'd even heard of was Crew Clothing, can't remember what the others were, and the card account is now closed so I can't see them either!
1
Reply to Topic