Credit card fraud - hit twice in two months, including brand new CC account

AndrewJRenko

I'd welcome any views on what happened my AIB Visa account in the past two months.


I got my September statement in early October, and noticed a bunch of dodgy transactions in late September. There were about 30 Paypal charges for odd amounts between €20 - €50, some with 2 or 3 charges to the same seller. one even had a small credit refund of €8 odd back to my account! There were also three NOW TV charges, what looked like a subscription fee and 2 x help/support charges. Some were on my September statement, with more continuing onto the October statement. I think this card had been used by Ticketmaster prior to their breach reported over the summer, so I thought that's where the breach may have occurred.



I reported these to AIB in October, and they did chargebacks and refunded me during October. They also provided new cards with a new account number for myself and the other card holder.


Two of the Paypal accounts disputed the chargebacks, so AIB sent details of these disputes to me for more information. For one of these, I did a bit more digging. The Paypal a/c is a Canadian rap producer. The fraud transaction was for buying a licence for commercial use of some of their music tracks. The buyer used a non-existing email address based on my name, something like Andrew@Renko.com - so while they bought a licence, they would never have actually got the licence, as it was delivered by mail. It's really hard to see what was the benefit to the buyer of these transactions.


Now here's the interesting bit - I was checking my account online over the weekend, and found there were two iTunes charges for €6.99 each two days apart in November. I checked my own old iTunes account, and it has NO payment card on it at all. In fact, it has my billing country as United States, which I presume is an indication that it hasn't been used for a transaction for some time. I checked the kids devices and they definitely don't have my card on their account. Their purchase history has nothing in recent months.


So I've had to cancel the AIB card for a second time, and let them send out new cards with new account numbers, which is a bit of a pain - no card available for a week or so. I've used the new card in a bunch of online retailers (given the time of year), Zara, Next, Virgin and a good few retail outlets, including the local pub, a few restaurants etc.


So am I just unlucky to be hit twice in two months, or could there be something more sinister going on? Is there any way to trace this?


And why the hell would someone purchase a music licence that's never going to be delivered with my card? What's in it for them?



I've used the new card for a fair few online transactions over the month, but all

ct5amr2ig1nfhp

Is your computer compromised? Check viruses, malware etc. including on any iOS, Android or Windows devices. Check every device you have. Once you confirm none of your devices have been compromised, change every password on every account you have online. Make sure not to use the same password twice..

niallb

AndrewJRenko wrote: »

...

And why the hell would someone purchase a music licence that's never going to be delivered with my card? What's in it for them?

...

Nothing - unless they're the person selling the license.

AndrewJRenko

niallb wrote: »

Nothing - unless they're the person selling the license.

That was my first reaction too. But having approached the sellers directly, I really don't get that impression. They do seem genuine, and are processing the chargeback as I requested.

AndrewJRenko

Jaelynn Greasy Stone wrote: »

Is your computer compromised? Check viruses, malware etc. including on any iOS, Android or Windows devices. Check every device you have. Once you confirm none of your devices have been compromised, change every password on every account you have online. Make sure not to use the same password twice..

It's a good point, and not one that I had thought about. I've checked my laptop and all is clear. I'll check the phone later. I'm pretty good for using strong passwords, and I use LastPass to let me use random passwords on all sites.

damon5

I just put in ....lastpass hacked....... on google search engine and came across some interesting stuff to read,one stating that their gmail and last pass accounts were previously hacked so maybe something to look into.....

CollyFlower

Check here to see if your email has been pawned... https://haveibeenpwned.com/

HaveIbeenPwned is a fantastic resource but it can't tell you if your details have shown up on privately sold Combolists.
If you're running Windows on anything at home, scan with a few different antivirus. Malwarebytes and Kaspersky are good. Eset too but i'm not sure if they have a free version, probably do.
If you have an android phone unroot it if its rooted and run a couple scans there too.
If you're on Apple devices I have no advice, I'm not familiar at all with their products.
Change all passwords. Highly recommend using a password manager for this.

beechwood55

Get a Revolut card and use that for all online purchases. Also check all your accounts online every day.

AndrewJRenko

CollyFlower wrote: »

Check here to see if your email has been pawned... https://haveibeenpwned.com/

I was in that list previously from the LinkedIn hack of a few years back, but that password was unique, and not used elsewhere, so it shouldn't impact.

damon5 wrote: »

I just put in ....lastpass hacked....... on google search engine and came across some interesting stuff to read,one stating that their gmail and last pass accounts were previously hacked so maybe something to look into.....

They weren't really hacked - no passwords were breached or revealed.


Every security advisor I've seen in recent years recommends using a password manager to allow you to have unique, strong passwords for each site, so I'm fairly confident that this is the right way to do.


I had stored the credit card number in LastPass for convenience when doing online shopping, so I won't do that this time, just to be cautious.

beechwood55 wrote: »

Get a Revolut card and use that for all online purchases. Also check all your accounts online every day.

Is the security of Revolut better? I know they get better FX rates, but how does it help security?


I just realised I would have added both cards that were hacked to Google Pay, and I had used them a bit for contactless payments using my phone.


Could this be an issue?

niallb

AndrewJRenko wrote: »

I just realised I would have added both cards that were hacked to Google Pay, and I had used them a bit for contactless payments using my phone.


Could this be an issue?

Google Pay generates a virtual card number for each card, so doesn't share your actual card details. It should be very visible if all the dodgy payments came us as Google Pay.

edunne2010

Hello it's possible that your card was comprised using the NFC feature, https://skimsafe.eu/

A few years ago, while on holidays my credit card was compromised, yet I still had my cards on my person at all times. A friend who was doing a TV report in Sweden passed on the tip, Most new Samsung phones with NFC switched on will detect your card. There is also an app that will display your card's number.

I would also suggest using an RFID wallet or RFID Card blocker, N26 and Revolut are excellent as contactless/online transaction can been disabled, my bank was also AIB.

NIMAN

I had my debit/ATM card scammed twice too. It was a BoI one.

I had used it for years without any issues, then hit twice in a couple of weeks.

When I was hit the 1st time, I was on night shift and I got an email from BoI saying they are seeing dodgy transactions, I ignored it for about an hour as I thought it was a scam email itself. Then I checked my account and there was 11 different iTunes debits for the guts of £500 (I have never used iTunes or owned any Apple product).

I got on the phone to them and they froze my card there and then. They looked into it for a day or two, after speaking to me personally, and then refunded the money.

They issued a new card and I made the decision to only use my Mastercard for any future online purchases, as it is better protected and I didn't want my current account being cleaned out.

Inside a week, of no purchases online, same thing happened, iTunes again, this time for only £20 or something, but obviously there were testing. I called BoI straight away and they cancelled the card again. No problems since.

malinheader

My nephew used his AIB debit card last Wednesday in a local shop for a small item. Within an hour AIB contacted him to tell him the said card details were trying to be used in Saudi. The AIB team had noticed this and put a block on the card. So is this the fault of the card machine in the shop.