Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Credit card fraud - hit twice in two months, including brand new CC account

  • 18-11-2018 4:49pm
    #1
    Registered Users, Registered Users 2 Posts: 30,290 ✭✭✭✭


    I'd welcome any views on what happened my AIB Visa account in the past two months.


    I got my September statement in early October, and noticed a bunch of dodgy transactions in late September. There were about 30 Paypal charges for odd amounts between €20 - €50, some with 2 or 3 charges to the same seller. one even had a small credit refund of €8 odd back to my account! There were also three NOW TV charges, what looked like a subscription fee and 2 x help/support charges. Some were on my September statement, with more continuing onto the October statement. I think this card had been used by Ticketmaster prior to their breach reported over the summer, so I thought that's where the breach may have occurred.



    I reported these to AIB in October, and they did chargebacks and refunded me during October. They also provided new cards with a new account number for myself and the other card holder.


    Two of the Paypal accounts disputed the chargebacks, so AIB sent details of these disputes to me for more information. For one of these, I did a bit more digging. The Paypal a/c is a Canadian rap producer. The fraud transaction was for buying a licence for commercial use of some of their music tracks. The buyer used a non-existing email address based on my name, something like Andrew@Renko.com - so while they bought a licence, they would never have actually got the licence, as it was delivered by mail. It's really hard to see what was the benefit to the buyer of these transactions.


    Now here's the interesting bit - I was checking my account online over the weekend, and found there were two iTunes charges for €6.99 each two days apart in November. I checked my own old iTunes account, and it has NO payment card on it at all. In fact, it has my billing country as United States, which I presume is an indication that it hasn't been used for a transaction for some time. I checked the kids devices and they definitely don't have my card on their account. Their purchase history has nothing in recent months.


    So I've had to cancel the AIB card for a second time, and let them send out new cards with new account numbers, which is a bit of a pain - no card available for a week or so. I've used the new card in a bunch of online retailers (given the time of year), Zara, Next, Virgin and a good few retail outlets, including the local pub, a few restaurants etc.


    So am I just unlucky to be hit twice in two months, or could there be something more sinister going on? Is there any way to trace this?


    And why the hell would someone purchase a music licence that's never going to be delivered with my card? What's in it for them?



    I've used the new card for a fair few online transactions over the month, but all


Comments

  • Closed Accounts Posts: 5,019 ✭✭✭ct5amr2ig1nfhp


    Is your computer compromised? Check viruses, malware etc. including on any iOS, Android or Windows devices. Check every device you have. Once you confirm none of your devices have been compromised, change every password on every account you have online. Make sure not to use the same password twice..


  • Registered Users, Registered Users 2 Posts: 2,755 ✭✭✭niallb


    ...

    And why the hell would someone purchase a music licence that's never going to be delivered with my card? What's in it for them?

    ...

    Nothing - unless they're the person selling the license.


  • Registered Users, Registered Users 2 Posts: 30,290 ✭✭✭✭AndrewJRenko


    niallb wrote: »
    Nothing - unless they're the person selling the license.
    That was my first reaction too. But having approached the sellers directly, I really don't get that impression. They do seem genuine, and are processing the chargeback as I requested.


  • Registered Users, Registered Users 2 Posts: 30,290 ✭✭✭✭AndrewJRenko


    Is your computer compromised? Check viruses, malware etc. including on any iOS, Android or Windows devices. Check every device you have. Once you confirm none of your devices have been compromised, change every password on every account you have online. Make sure not to use the same password twice..
    It's a good point, and not one that I had thought about. I've checked my laptop and all is clear. I'll check the phone later. I'm pretty good for using strong passwords, and I use LastPass to let me use random passwords on all sites.


  • Registered Users, Registered Users 2 Posts: 831 ✭✭✭damon5


    I just put in ....lastpass hacked....... on google search engine and came across some interesting stuff to read,one stating that their gmail and last pass accounts were previously hacked so maybe something to look into.....


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 6,162 ✭✭✭CollyFlower


    Check here to see if your email has been pawned... https://haveibeenpwned.com/


  • Posts: 0 [Deleted User]


    HaveIbeenPwned is a fantastic resource but it can't tell you if your details have shown up on privately sold Combolists.
    If you're running Windows on anything at home, scan with a few different antivirus. Malwarebytes and Kaspersky are good. Eset too but i'm not sure if they have a free version, probably do.
    If you have an android phone unroot it if its rooted and run a couple scans there too.
    If you're on Apple devices I have no advice, I'm not familiar at all with their products.
    Change all passwords. Highly recommend using a password manager for this.


  • Registered Users, Registered Users 2 Posts: 532 ✭✭✭beechwood55


    Get a Revolut card and use that for all online purchases. Also check all your accounts online every day.


  • Registered Users, Registered Users 2 Posts: 30,290 ✭✭✭✭AndrewJRenko


    Check here to see if your email has been pawned... https://haveibeenpwned.com/


    I was in that list previously from the LinkedIn hack of a few years back, but that password was unique, and not used elsewhere, so it shouldn't impact.

    damon5 wrote: »
    I just put in ....lastpass hacked....... on google search engine and came across some interesting stuff to read,one stating that their gmail and last pass accounts were previously hacked so maybe something to look into.....


    They weren't really hacked - no passwords were breached or revealed.


    Every security advisor I've seen in recent years recommends using a password manager to allow you to have unique, strong passwords for each site, so I'm fairly confident that this is the right way to do.


    I had stored the credit card number in LastPass for convenience when doing online shopping, so I won't do that this time, just to be cautious.


    Get a Revolut card and use that for all online purchases. Also check all your accounts online every day.


    Is the security of Revolut better? I know they get better FX rates, but how does it help security?


    I just realised I would have added both cards that were hacked to Google Pay, and I had used them a bit for contactless payments using my phone.


    Could this be an issue?


  • Registered Users, Registered Users 2 Posts: 2,755 ✭✭✭niallb


    I just realised I would have added both cards that were hacked to Google Pay, and I had used them a bit for contactless payments using my phone.


    Could this be an issue?
    Google Pay generates a virtual card number for each card, so doesn't share your actual card details. It should be very visible if all the dodgy payments came us as Google Pay.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 103 ✭✭edunne2010


    Hello it's possible that your card was comprised using the NFC feature, https://skimsafe.eu/

    A few years ago, while on holidays my credit card was compromised, yet I still had my cards on my person at all times. A friend who was doing a TV report in Sweden passed on the tip, Most new Samsung phones with NFC switched on will detect your card. There is also an app that will display your card's number.

    I would also suggest using an RFID wallet or RFID Card blocker, N26 and Revolut are excellent as contactless/online transaction can been disabled, my bank was also AIB.


  • Registered Users, Registered Users 2 Posts: 34,694 ✭✭✭✭NIMAN


    I had my debit/ATM card scammed twice too. It was a BoI one.

    I had used it for years without any issues, then hit twice in a couple of weeks.

    When I was hit the 1st time, I was on night shift and I got an email from BoI saying they are seeing dodgy transactions, I ignored it for about an hour as I thought it was a scam email itself. Then I checked my account and there was 11 different iTunes debits for the guts of £500 (I have never used iTunes or owned any Apple product).

    I got on the phone to them and they froze my card there and then. They looked into it for a day or two, after speaking to me personally, and then refunded the money.

    They issued a new card and I made the decision to only use my Mastercard for any future online purchases, as it is better protected and I didn't want my current account being cleaned out.

    Inside a week, of no purchases online, same thing happened, iTunes again, this time for only £20 or something, but obviously there were testing. I called BoI straight away and they cancelled the card again. No problems since.


  • Registered Users, Registered Users 2 Posts: 5,132 ✭✭✭malinheader


    My nephew used his AIB debit card last Wednesday in a local shop for a small item. Within an hour AIB contacted him to tell him the said card details were trying to be used in Saudi. The AIB team had noticed this and put a block on the card. So is this the fault of the card machine in the shop.


Advertisement