Debit Card Skimmed

Hippodrome Song Owl

My debit card has been skimmed and used a few times for non-Euro payments on something called Bolt. Thankfully I realised within a few hours and froze the card and subsequently phoned AIB to cancel it. It's under €50 gone so not overly concerned about getting it back, but it's an awkward time of year to get it sorted. Money transferred to my other account with a card hasn't been processed due to bank holidays, so things are pretty tight for a few days except for credit card.

AIB couldn't give any indication of where or how this likely happened, just that it will be investigated within the next fortnight.

I'm concerned about using my other cards in the same locations now though in case it happens again. The card hadn't been used at all for full week, then was tapped in the local chipper on Friday evening and the fraudulent activity started a couple of hours later. A week previous it was tapped in the local Aldi, and tapped in the local convenience store and used to withdraw cash at their in-store ATM. Apart from that it was only used online in major retailers such as Tesco and M&S over the previous 6 weeks.

The ATM is probably the most risky I think - is that where it likely happened? But I'm now worried about using cards in Aldi and the local shops! Any insights here on how skimming usually occurs these days? Should I avoid using my other cards locally, or how quickly would an issue like this be sorted out and retailers notified?

Jim2007

Generally speaking when cards are cloned they are sold on the dark net rather than being used locally... So if your card has been used locally you might want to start to look closer to home and in particular who could have accessed your card. Do you leave your belongings unattended at say a sports facilities, at work, a shared residence and so on....

I'd suggest you cancel and replace all your cards and turn on all security features for each card.

mondeoman72

Isnt bolt a taxi app?

Hippodrome Song Owl

https://www.boards.ie/discussion/comment/121555227#Comment_121555227

Thanks, but you have misunderstood my post - apologies, it was quite long winded.

The fraudulent transactions are all on something called "Bolt dot eu". But they are non- Euro transactions and that's how I realised there was an issue - AIB texting me to tell me what percent above the ECB FX rate they would charge for "my" non-Euro transactions.

The other transactions I listed are the places I used the card - an attempt to try understand where it was likely to have been compromised and am now concerned about the same happening to any other card I may use in the same locations.

There's no way anyone else has had access to my cards.

Donald Trump

In theory, someone could clone your card if they stood close enough to you with a reader.

The reality is likely simpler. Your card details were probably harvested months ago.

kirk.

https://www.boards.ie/discussion/comment/121555342#Comment_121555342

Wouldn't be the first time Jim misunderstood something

He'll probably post some other self important mantra and close the thread

mountain

Bolt.eu has been the cause of my card getting cancelled too, AIB did refund the money.

Hippodrome Song Owl

https://www.boards.ie/discussion/comment/121555396#Comment_121555396

Any idea how your card was compromised and used on Bolt?

Google suggests it is a taxi app as suggested above, but also perhaps for food delivery. The transactions are all fairly small amounts ranging from under €5 to €25.

My main concern now is that my other cards will also be compromised if used in local shops. I can't see where else this could have happened unless it was online at Tesco, M&S or Next.

mountain

I don’t,

I had to cancel AIB debit card 2 times, both because of bolt charges,

it’s a drag, as I’d no card while waiting for new card to be posted out

zg3409

Do you use your debit card online? If so the device you used, phone or laptop may have a virus, or any website you used it on may have a virus on the site.

If you only used it in stores, any of the staff or card machines or back end computer systems may be dodgy and be keeping a record of each card used.

Banks profile fraud to try help locate the source and notify the business and block other cards used there.

fritzelly

Had similar happen after a trip to Croatia - ~€1000 euro charge for an uber (flagged as fraud by the bank and denied), immediately suspected Uber as only signed up for it while in Croatia.

Tried to think when if ever the card had been out of my sight as very careful in that respect

Contactless are pretty much 100% safe (unless someone is near with a machine to charge) since they don't transmit your details so can't be copied that way - anyone swiping your card, atm etc are a very different story

Handy with the likes of Revolute et al that you can block the magnetic stripe for payments

Hippodrome Song Owl

https://www.boards.ie/discussion/comment/121555471#Comment_121555471

Yes it is used online frequently, but only ever on major retailers. My phone, laptop, or ipad being the cause of the problem would be a big concern. I'll look in that now, thanks.

If contactless is safer then the only times the pin has been used in the past few months is at the ATM in the local convenience shop on Friday 22nd Dec (a week before the fraud), and at my hairdressers a fortnight previous. It's actually a rarely used card in person.

I think the shop ATM may be the riskiest thing I've done with it, and I feel most suspicious about that. But funnily enough, my hairdresser hasn't been able to take card payments due "technical issues" for the previous four visitsbefore that last one (I've actually posted about that here in the cash or card threads as it's a massive pain having to get cash out) so that makes me wonder if something could be up there either.

I have a barely used Revolut account, but no card.

Am I safer using credit card and paying it off each month? I usually never use credit card and only have it for emergencies.

mountain

https://www.boards.ie/discussion/comment/121555471#Comment_121555471

Use card online a bit, odd that on both occasions it was bolt that was the charge.

fritzelly

https://www.boards.ie/discussion/comment/121555623#Comment_121555623

What usually happens is a few small charges to see its working and if flagged then a big big purchase

golondrinas

I use Bolt in Spain. Much cheaper than local taxis. If you use them they offer discounts if they haven't heard from you for a few days.

Example run to Malage Airport

50 yoyos normal taxi

Bolt 25

Qrt

typically taxi apps would require you to verify adding the card to their payment methods through the respective bank app, I know that’s been the case with mine.

personally, I never use by debit card online, credit only. just lowers the possibility of the above happening

Atlantic Dawn

There seems to be a lot of make it up as they go along from the banks on fraud, the conditions they put in your way for legitimate transactions don't seem to be followed in lots of these fraud cases and they put the ball back in your court to answer whether fraud occured or not where their internal systems should have shot them down from the outset. Additionally the details they provide you about what fraud occured, from what country, who's names were on flights booked, taxis booked, vouchers booked etc etc should all be revealed by them so you can provide them to the Gardaí for investigation to the theft.

Hippodrome Song Owl

https://www.boards.ie/discussion/comment/121560071#Comment_121560071

Yes, although the sums taken are thankfully small, I have to say my dealings with AIB didn't inspire confidence.

The man on the phone was distracted and chatting to people in the background - it took 5 attempts for him to accurately record my card number. And assuming these transactions are online and not using a physical clone of my card with pin, why did they go through without requiring authentication in the app?

Hippodrome Song Owl

https://www.boards.ie/discussion/comment/121558966#Comment_121558966

While I can switch to using credit card if it's safer, I feel this is most likely to have happened during an in-person transaction and not online. If it happened online then it is either Tesco, M&S, or Next that is compromised.

Qrt

https://www.boards.ie/discussion/comment/121562313#Comment_121562313

Statistically and technically it’s very unlikely to have originated from an in person transaction. Always exceptions though. Did you hear anything from the bank?

delboythedub

https://www.boards.ie/discussion/2058329023/debit-card-skimmed

Had a problem last June my card details were breached ie someone got my Pin Number and tried to go on a spending spree. Bank of ireland were quick to spot it and suspended my card. In fact they phoned me before i spotted the problem and i thought it was a scam call and I hung up on the phone call. I quickly called them back when I went into my account and they were nicer to me than I was to them on the previous call. They sent me a new card and all is well. Odd that I use PayPal / Revolute for most purchases and this happened

Hippodrome Song Owl

https://www.boards.ie/discussion/comment/121564340#Comment_121564340

I haven't heard anything from AIB, but as of this morning the fraudulent transactions changed from Pending to Processed. My new card hasn't arrived yet either, though it is visible in the app so fingers crossed it's here by Friday.

I'm surprised to hear online transactions on reputable websites are more risky than in-person. I always thought ATM withdrawals outside the actual bank were the riskiest - and that is something I did a week before this happened. It's something I usually never do, but needed cash to put in Christmas cards last minute on Fri 22nd Dec and withdrew from local shop's ATM.

I wish AIB could provide more info though. I'm so worried this will happen again now on another card. But I will use credit card now if that's more protected. Just feels weird to be using credit unnecessarily. I never even had a credit card until very recently.

Qrt

https://www.boards.ie/discussion/comment/121566333#Comment_121566333

It’s not even the reputable websites part, it’s online in general. The Electric Ireland data breach is case and point.

There are so many variables I doubt AIB will fully get to the bottom of it either, but they’ll do they investigation anyway.

Hippodrome Song Owl

The fraudulent transactions were refunded today. So at least that's something.

Hippodrome Song Owl

Concerning Update:

My new card arrived a week ago but has not been used at all yet either online or in person as I decided to switch completely to using credit card. There are no payments coming out of this account other than mortgage, which is DD, so the new card details have never been given to any company or organisation.

I just had another fraudulent non-Euro transaction for Bolt appear on my account.

I have frozen my card and will contact AIB as soon as I can.

How is this possible??

fritzelly

Phone or Pc hacked?

Account hacked?

Hippodrome Song Owl

https://www.boards.ie/discussion/comment/121602828#Comment_121602828

How would they get the card details though if I haven't even taken it out of the envelope yet? And the card details aren't fully visible on the app. I haven't logged into online banking on any other device in nearly a year.

AndrewJRenko

https://www.boards.ie/discussion/comment/121602737#Comment_121602737

Something similar happened me five years ago, with an AIB credit card being hit twice over a few months.

https://www.boards.ie/discussion/2057930248/credit-card-fraud-hit-twice-in-two-months-including-brand-new-cc-account

I never really got to the bottom of it. I did put the new card on Google Pay at the time, so I thought maybe there was some breach there or off my phone.

fritzelly

https://www.boards.ie/discussion/comment/121602842#Comment_121602842

Dunno about Aib but you can usually see the full card details with security checks, are you sure the payment is using the card

Atlantic Dawn

https://www.boards.ie/discussion/comment/121602737#Comment_121602737

I'm thinking it has to be some related transaction to the original compromised card that was pushed through.

That said I in the past had annual travel insurance pushed through on to a new debit card despite me not providing the new card details to them, they wouldn't have the new expiry or CVT number but still got payment.

Hippodrome Song Owl

https://www.boards.ie/discussion/comment/121602858#Comment_121602858

Thanks. You had at least used the card. Mine is literally still in the envelope it arrived in last Friday and has not been used at all in any way.