Credit Card Fraud
Discussion
If you think it's a scam email then forward the message to Re:scam, an AI platform that will reply to the message and play along with scammers.
https://www.rescam.org
https://www.rescam.org
I had some fraudster use £1600 on my Barclay card in sept this year. It was used in Germany.
Barclays called me and flagged it before the transaction was complete. It was still pending but then they let it through for some reason. They did refund me the money after I filled in the relevant forms.
Weird thing is, is that I haven’t used the card for 6months to a year apart from a hire car a month earlier which I did from my pc at home. The same pc I use daily for transactions for work without issue
Barclays called me and flagged it before the transaction was complete. It was still pending but then they let it through for some reason. They did refund me the money after I filled in the relevant forms.
Weird thing is, is that I haven’t used the card for 6months to a year apart from a hire car a month earlier which I did from my pc at home. The same pc I use daily for transactions for work without issue
Red Devil said:
The bits in bold mean diddly squat.
So what if it is the correct e-mail address? If it was a clickable link in the e-mail it could easily be spoofed.
As for the company information in the footer it took me less than 10 minutes to find it all in the public domain. Do you really think a scammer couldn't do likewise?
You are also wrong about it being correct to the letter. For example the registered addresses/numbers are listed at Companies House.
The one for Loyds Bank plc is incorrect: it is missing the four zeros at the beginning. The Cheltenham and Gloucester one is complete tosh. Both rookie mistakes.
The non-geographic post code is hardly a big deal either. It's the undelivered mail one on the reverse of every Lloyds statement envelope!
In amongst many other things, the Lloyds Bank Privacy statement says this.
If we decide to use email to contact you, we will only do this if we have ensured that using email will not put your information at risk, or, if you have requested we email you, that we have explained the risks of sending an "insecure" email and that you are happy to accept that risk.
I don't see any such caveat in the e-mail the OP received.
Btw, care to share with us what your position within Lloyds is? I hope you are aware of this bit from the Privacy statement (my bold)
All our employees are personally responsible for maintaining customer confidentiality.
If @lloydsbanking.com was the address used in the visible From field (RFC.5322), and the account receiving it was a Yahoo one then, due to Lloyds deployment of the DMARC protocol, that domain is provably associated with the email. If a fraudster tried to spoof the domain then Yahoo would delete the email during authentication checks at the perimeter. So what if it is the correct e-mail address? If it was a clickable link in the e-mail it could easily be spoofed.
As for the company information in the footer it took me less than 10 minutes to find it all in the public domain. Do you really think a scammer couldn't do likewise?
You are also wrong about it being correct to the letter. For example the registered addresses/numbers are listed at Companies House.
The one for Loyds Bank plc is incorrect: it is missing the four zeros at the beginning. The Cheltenham and Gloucester one is complete tosh. Both rookie mistakes.
The non-geographic post code is hardly a big deal either. It's the undelivered mail one on the reverse of every Lloyds statement envelope!
In amongst many other things, the Lloyds Bank Privacy statement says this.
If we decide to use email to contact you, we will only do this if we have ensured that using email will not put your information at risk, or, if you have requested we email you, that we have explained the risks of sending an "insecure" email and that you are happy to accept that risk.
I don't see any such caveat in the e-mail the OP received.
Btw, care to share with us what your position within Lloyds is? I hope you are aware of this bit from the Privacy statement (my bold)
All our employees are personally responsible for maintaining customer confidentiality.
https://stopemailfraud.proofpoint.com/dmarc/?looku...
Edited by Dammit on Monday 20th November 07:46
Yesterday, we had an automated call from 'Lloyds fraud department' asking for us to call a number back with the last four digits of our account number.
After a bit of digging, i called back using the number at the bottom of the card and indeed they had stopped the card due to an odd transaction at a take away.
Turns out, we did use that takeaway for the first time and they were suspicious of it.
We banked with Barclays many years ago, and after stiffing us several times (long story and before the internet), we ditched tham for Lloyds.
Must admit, they have been fantastic with the service.
After a bit of digging, i called back using the number at the bottom of the card and indeed they had stopped the card due to an odd transaction at a take away.
Turns out, we did use that takeaway for the first time and they were suspicious of it.
We banked with Barclays many years ago, and after stiffing us several times (long story and before the internet), we ditched tham for Lloyds.
Must admit, they have been fantastic with the service.
bhstewie said:
Page 4.. answer's still the same though.. headers to be sure.
In the absence of DMARC the headers are generally meaningless- only an inferred relationship can be deduced. With DMARC in place, and the mail delivered via a DMARC compliant gateway (for e.g. Yahoo) it is not vital to go into the headers, although you can if you want to.
OddCat said:
So we are suposed to believe that fraudsters, who have the OPs card details, randomly and by pure fluke emailed him at an email address not linked to the card and asked him for the last 4 digits of a card that they already knew ?
Yes. It's like this. A: Every month, let's say that 1 in 100,000 card holders is a victim of fraud. It's happened to many people on this thread (including me after a trip to Spain this Summer), just like the OP. Could be physically cloned, or the details bought from the Dark Web. Victims try to resolve it with the bank and we go on with our lives.
B: Meanwhile, ALL THE TIME, another set of phishing fraudsters are mass-mailing every list they can find. Millions upon millions. Every day. They do one mailshot using Llloyds' details, another with Barclays, another with Santander, etc. Tweak and repeat. All the time cut-n-pasting in the realistic looking details. Because they do not care if anyone takes the time to find the right number to call the bank to check, nor if they write in to the postal address to check. They just want a small proportion of people to send the details asked for.
The coincidence - the one you don't get - is entirely due to the numbers game. B is happening all the time (I get dozens of these emails a month). So you really shouldn't find it so surprising when A happens to the same person.
OddCat said:
What ? The OP just happens to be in communication with Lloyds re a fraud issue on his Lloyds card and he gets a purely coincidental scam email purporting to be from the Fraud Dispute Department ? Thats a little bit too coincidental for me.
The OP said his card was being used by fraudsters and the impression was that the same people were now behind the email (given the him being targetted by two completely unrelated scammers buth in respect of Lloyds is to much of a stretch). Hence they would know his number.
Occams Razor situation here.The email from Lloyds is too specific and relevant to the card fraud issue not to be genuine......
Not so.The OP said his card was being used by fraudsters and the impression was that the same people were now behind the email (given the him being targetted by two completely unrelated scammers buth in respect of Lloyds is to much of a stretch). Hence they would know his number.
Occams Razor situation here.The email from Lloyds is too specific and relevant to the card fraud issue not to be genuine......
Edited by OddCat on Sunday 19th November 21:54
How many scam and spam emails from banks do you get each week?
In May this year had my wallet pick-pocketed in Portugal.
Phoned all the banks and cancelled all the cards.
In late June had lots of charges on a CC for European road tolls, bridges, tunnels, service station food, etc. A couple of hundred Euros I guess.
Got all the money refunded very quickly, but how did they manage to use the card if it had been cancelled?
Phoned all the banks and cancelled all the cards.
In late June had lots of charges on a CC for European road tolls, bridges, tunnels, service station food, etc. A couple of hundred Euros I guess.
Got all the money refunded very quickly, but how did they manage to use the card if it had been cancelled?
Dammit said:
In the absence of DMARC the headers are generally meaningless- only an inferred relationship can be deduced.
With DMARC in place, and the mail delivered via a DMARC compliant gateway (for e.g. Yahoo) it is not vital to go into the headers, although you can if you want to.
Thank you I've only just started playing with DMARC where I work and it's weird how few places seem to send reports but as you say Yahoo are one we get them from.With DMARC in place, and the mail delivered via a DMARC compliant gateway (for e.g. Yahoo) it is not vital to go into the headers, although you can if you want to.
In that case game, set, and match from the sound of it - nice to see a bank actually taking spoofing that seriously.
55palfers said:
In May this year had my wallet pick-pocketed in Portugal.
Phoned all the banks and cancelled all the cards.
In late June had lots of charges on a CC for European road tolls, bridges, tunnels, service station food, etc. A couple of hundred Euros I guess.
Got all the money refunded very quickly, but how did they manage to use the card if it had been cancelled?
Because the banks don't care, it's a business expense, which the customers pay for.Phoned all the banks and cancelled all the cards.
In late June had lots of charges on a CC for European road tolls, bridges, tunnels, service station food, etc. A couple of hundred Euros I guess.
Got all the money refunded very quickly, but how did they manage to use the card if it had been cancelled?
Earlier this year we had a 600 Euro charge on an M&S card. Rang up, went through the discussion, charge was for concert tickets in Netherlands we think. Not down to us. For the record we are paranoid about security on line and written, nothing leaves the house with any traceable details on without being shredded and separated into different streams. The card provider for M&S is HSBC, who as it turns out have a bit of a rrputstion for being unhelpful.
They said that they would stop and cancel the cards, that we would get a call from the fraud investigation department and that we would get declaration forms to be filled in. These forms had to be returned by us within 14 days of the date of this first conversation.
10 days later we had had no call, no forms, so we got back in touch. Oh it takes us 10 days to send the forms out. But we're expected to send them back within the first 14 days? They had no answer to that. Further turned out that they hadn't even stopped the cards, despite saying it would be done immediately. Got it all sorted, and our money, temporarily refunded, at times it seemed like they were just putting up hurdles to trip us up.
Also they didn't want it reporting to the police! WTF! Sod that, reported it, turns out our problem is now part of a much bigger investigation tracing back through Liverpool to Rep of Ireland. Still don't havd any idea how they got the card number.
General impression is that the card provider don't give a stuff that it's criminal activity. Cost of doing the business.
OddCat said:
bhstewie said:
In that case game, set, and match from the sound of it - nice to see a bank actually taking spoofing that seriously.
Do you mean game set and match in the sense of the Lloyd's email being genuine ?But DMARC is sound if it's setup and enforced properly.
James TiT said:
Not so.
How many scam and spam emails from banks do you get each week?
Ermmm......none. Seriously none. I can't remember the last time I received an unsolicited / unexpected email let alone one that I thought might be a scam. And certainly nothing purporting to be from a bank.How many scam and spam emails from banks do you get each week?
Edited by OddCat on Monday 20th November 14:20
bhstewie said:
OddCat said:
bhstewie said:
In that case game, set, and match from the sound of it - nice to see a bank actually taking spoofing that seriously.
Do you mean game set and match in the sense of the Lloyd's email being genuine ?But DMARC is sound if it's setup and enforced properly.
OddCat said:
I'll take that as a yes !
From the information provided yes, I'm still leaning towards it being genuine.But I wouldn't be comfortable saying "Yes you can reply to that" if someone at work simply copied and pasted that text and put that in front of me as the only thing to go off.
bhstewie said:
OddCat said:
I'll take that as a yes !
From the information provided yes, I'm still leaning towards it being genuine.Not to mention incorrect and out-of-date information for C&G. If it's genuine as you say it doesn't inspire confidence in their checking/proof reading methods.
If they are that sloppy, what else might they be deficient about? I guess I'm not as sanguine as you seem to be.
Gassing Station | Speed, Plod & the Law | Top of Page | What's New | My Stuff