Dealing with Internet Credit Card Fraud? 84
Where's My CreditCard asks: "Recently There has been a large increase in the amount of press relating to identity theft and the related crimes. I have recently been subject to several fraudulent transactions on my credit card and debit card through the internet. It has been over a month and my bank is still stringing me along saying it will take up to 10 weeks to get my money back. What have other on Slashdot done in this type of situation. What is the best way to keep things moving forward?"
Why use debit on the internet? (Score:5, Insightful)
Re:Why use debit on the internet? (Score:2, Insightful)
Re:Why use debit on the internet? (Score:2)
Re:Why use debit on the internet? (Score:1)
Re:Why use debit on the internet? (Score:3, Insightful)
Ahh.. but the fundamental difference between a debit and a credit card is that on a debit while the fraudulent charge is being contested, the money isn't in your account. He said the bank told him it will be up to 10 weeks before he gets his money back. I've heard of horror stories where it takes over 6 months and (cumelatively) 20 or 30 hours on hold before the money is put back in your account. I remember protesting strongly that I di
Re:Why use debit on the internet? (Score:1)
I have had no problems getting an ATM-only card on those occasions when I needed one. I opened a new account about 6 months ago for buffering in property taxes (my mortage is just about up) and I was duly issued an ATM-only card when I asked for one.
I have a seperate account for the debit card, tha
Re:Why use debit on the internet? (Score:1)
I bank with Wells Fargo. I've had my account long enough (10 years) that debit cards didn't exist when I signed up. One day when I got my replacement ATM card, it had a M/C symbol on it. I called to complain, and after arguing with the customer service rep for about 20 minutes, I was given the definite impression that getting an ATM card without debit card link wasn't possible. I was tempted to close my account and mov
Re:Why use debit on the internet? (Score:2)
Re:Why use debit on the internet? (Score:2)
This is also called for in Reg E.
Re:Why use debit on the internet? (Score:2)
Re:Why use debit on the internet? (Score:2)
Enjoy the reading...
Re:Why use debit on the internet? (Score:2)
http://www.bankersonline.com/regs/205/205.html [bankersonline.com]
paypal is my way (Score:2)
- Disclaimer, I don't work for Paypal.
Re:paypal is my way (Score:2)
Re:paypal is my way (Score:2)
Re:paypal is my way (Score:2)
Re:paypal is my way (Score:2)
Now which part of that page says that PayPal *is* a bank? All I see is things like "PayPal is an agent for an unaffiliated bank
So if, for
Re:Why use debit on the internet? (Score:2)
(Yes, I do plan on getting a visa or MC credit card as soon as I can, but b/c of medical bills my credit isn't good enough to qualify for a card without an annual fee etc right now. Trust me, I know this is not an ideal situation - I've had to borrow my boyfriend's visa to pay a vet bill b/c I didn't have the money in my ba
Re:Why use debit on the internet? (Score:2, Informative)
Re:Why use debit on the internet? (Score:2)
Re:Why use debit on the internet? (Score:3, Informative)
Re:Why use debit on the internet? (Score:5, Insightful)
While that is certainly true for some, I know several people that have credit cards, yet actually prefer to use a debit card.
I can't for the life of me understand why, particularly because with a credit card
1) I keep my money for an extra 25 days or so
2) I actually EARN money using it
3) I don't have to keep track of my usage to make sure I have enough money in the bank
4) I don't have to worry about any problems giving people direct access to my bank account
It's true that many banks have gotten better about providing protection of your account when fraud occurs, but I'd rather not worry about it. Besides, #1 and #2 are certainly enough incentive to use credit over debit if you have the choice.
Re:Why use debit on the internet? (Score:2)
If you aren't smart or disiplined enough to avoid buying everything in sight on credit, don't bother.
I bought a notebook computer & lawn tractor from Amazon.com and got about $125 in Amazon Gift Cards because I used the Amazon credit card. When I travel, I tend to frequent Hilton or Hampton Inn hotels and use their american express card, or us
Re:Why use debit on the internet? (Score:2)
Rewards programs are nice, but for those who prefer cold hard cash (myself included), get a Discover card (up to 1% back). They send you a nice check at the end of the year. I'm sure there are other cards offering it too now, but Discover was the pioneer. You can even split the money up into part cash, part rewards if you want.
Re:Why use debit on the internet? (Score:2)
Re:Why use debit on the internet? (Score:1)
Re:Why use debit on the internet? (Score:2)
All those prequalified ones? they're either not Visa or Mastercard credit cards (some kind of club where the only thing you can buy is their overpriced junk) or I wasn't really prequalified.
And everytime I apply for a credit card (gas, Sears, Visa, anything that isn't one of those scammy club ones) I get denied
Re:Why use debit on the internet? (Score:2)
Re:Why use debit on the internet? (Score:2)
Ya, and neither does my wife! *That's* why I force both of us to use debit cards.
Re:Why use debit on the internet? (Score:2)
However, it's not too difficult to get a credit card, even if you've been in bad financial situations. If you cannot get a card through typical means (applying via mail order stuff and on cc websites), there are other avenues.
First, you can try and apply for those in-store Visa cards. Target has a Visa card (it's valid everywhere, not just Target).
A second possibility is secured credit cards. To get one of these, you basically send 500 or so dollars
Re:Why use debit on the internet? (Score:2)
Just because the fraudulent transactions were done over the internet doesn't mean the card numbers were stolen from an internet transaction. Many of the stories of credit card number theft are about institutions that did not secure their computers and had been broken into by someone on the internet. For example, locally, we had a warning about DSW (Discount Shoe Warehouse). Their computer was broken into and many card numbers were taken, but those numbers wer
Re:Why use debit on the internet? (Score:2)
Re:Why use debit on the internet? (Score:2)
Why is this rated insightful when the statement is ignorant?
Just because some fraudulent transactions were made over the Internet, this poster and the person writing the original question assume (and you know the word play you can do with that word) the card info was stolen over the internet. That is not necissarily so, and likely not true -- or rather it is likely not true the card info was stolen as the result of it being used over the internet. (I can't believe t
Re:Why use debit on the internet? (Score:2)
That's true -- if you are talking about someone trying to intercept your communications by tapping into a network.
The real dangers in internet commerce are in the backend systems. Online merchants may be using insecure means to store cc information (like text files and eas
Re:Why use debit on the internet? (Score:2)
But since many merchants are being broken into and having cc numbers stolen from their systems that handle point of sale transactions, it seems that the risk of having an internet backend or a POS backend broken into are both bad. Of course, storing logs on
Re:Why use debit on the internet? (Score:2)
Next time around everything goes into a database with a good password, and if it gets cracked I play stupid; doing things wrong
Re:Why use debit on the internet? (Score:2)
Watch yourself the next time you eat at a sit-down restaurant. End of the meal, smiling waitress brings you the check and what do you do? Hand her the card, that's what, and wait for her to come back.
Skills for her to steal your number (including the magic little number on the back)? Nothing more technical than pencil and paper.
Not that I'm suggesting that waitresses, per se, are the major source of stolen CC numbers, just that I'd wager that more numbers are s
Re:Why use debit on the internet? (Score:2)
1) Someone doing that has to use the card in a physical location or have purchases sent somewhere. They still need the skills to figure out how to dodge discovery there.
2) One breakin will result in tens of thousands of numbers stolen. Compare that to one at a time being stolen at a restaraunt. People doing breakins often have wasy of automatically rotating through cards and using as m
Re:Why use debit on the internet? (Score:2)
Yeah, I know that Bad Guys can max out
Re:Why use debit on the internet? (Score:2)
Re:Why use debit on the internet? (Score:2)
The credit card companies work for me. I pay off my credit card every month, and they pay me 1% for using their card. I also pay my bill after the first of the month, which means the money has earned a little interest sitting in my savings account in the mean time.
If you are like the millions who use the credit card for credit, you are stupid. (there are some exceptions, but they are rare) If you use the credit card as I do, - I have the cash for the purchase in the bank, and pay it off when the nex
Dump your Bank (Score:2)
http://www.1sttech.com/ [1sttech.com]
If I have a problem I call them and fax in a chargeback form. The money is returned the next day. I've only had to do it twice but it was very easy.
--Chris
Don't use a debt card on the net... (Score:4, Insightful)
Re:Don't use a debt card on the net... (Score:5, Interesting)
Re:Don't use a debt card on the net... (Score:1)
when it's sorted (Score:2)
Vote with you feet. If they don't provice a decent service move.
Also you say what country you're from so we can't give any legal advice.
Virtual Credit Card Numbers (Score:4, Informative)
In the case of unauthorized use of your card, you should report the fraud to one of the major credit bureaus:
TransUnion: 800-888-4213
Equifax: 800-525-6285
Experian: 800-397-3742
While you're at it check out http://www.ftc.gov/ [ftc.gov] for more information about your rights in resolving credit card problems.
Re:Virtual Credit Card Numbers (Score:1)
Re:Virtual Credit Card Numbers (Score:2)
Sure, they do need to make their products more secure and limit our liability, but until that happens I find this a good work around.
Gift Certificates = Virtual Credit Cards (Score:2)
Is there some sort of Ombudsman you can use? (Score:2, Informative)
My Own Experience (Score:3, Interesting)
Re:My Own Experience (Score:1)
Banks SUCK (Score:2, Interesting)
My bank was USELESS. The same 10 weeks, no protection, we don't really care, and are actually rather annoyed that we have to find these forms for you to fill out.
The online company got wind of it (I presume through the bank), CALLED me, said "hey, where you ever in Khazakstan? No? Okay, this is obviousl
My story (Score:5, Interesting)
I had a bogus $400 charge show up on my checking account debit card. I saw the charge almost immediately (about two days after it happened) because I routinely monitor my checking account from online daily. I contacted the bank and the police. The police told me that they couldn't take the report unless the bank initiated it. The bank said they would start an investigation, which they did. In the meantime, they put $400 back in my account.
My statement to the bank was as follows:
My debit card has never been missing
My debit card has never been used by anyone other than myself
No one else knows my pin number (not even my wife)
I had never used the ATM where the charge was recorded (the bank sent me a statement from some third party bank showing the address of the ATM and the transactions that had been attempted. There were 8 tries late at night for different amounts, starting at $1100 and going down until the $400 transaction worked).
About 4 months later (after bugging them about once a week to find out what was going on), the bank came back and said the transaction was valid because a debit card had been used to make the transaction and so they were taking their $400 back. This is actually what they said, even after I had told them that I had not used my card for the transaction and the pattern of transactions obviously showed that someone was fishing for an amount that would be accepted.
As far as the bank was concerned, case closed. Fortunately for me, I had the foresight to marry a lawyer. Being a personal injury attorney, my wife was somewhat familiar with the rules the bank had to follow in a situation like this and luckily for us one of their duties was to perform a timely investigation, which had been defined in our area of the world as within 45 days. So, only because they took so long we were able to make them hand us back the $400.
However, in the course of our investigation, we learned a number of things I found quite fascinating. First, we found out many (if not most) ATM cameras are no longer maintained. So, a lot of the time there is no visual record of who is using the ATM machine. Second, the bank didn't consider the pattern of tries to be significant, as they felt it was only an attempt by me to fool them into thinking it was someone else(and obviously ignoring the fact that by the same logic if I was trying to defraud them, I would have also said my card had been stolen or lost). Third, the only place I had EVER used my pin prior to this transaction was at the local grocery store. I mean EVER. I am very careful about where I use my pin and up to that point I had only ever used it at the local grocery store (I had never even used it at the bank's ATMs). This probably means someone at the store saw me enter the pin (probably using the store's surveillance cameras) and had enough access to my bank's debit card information to create a new card using my account number and pin. This last part is speculation but I don't know of any other way they could have used a real debit card to make the withdrawal. Unless, of course the bank was lying to us and their computers had been hacked (but in that case, why the multiple tries?). In any case, we concluded something out of our control was wrong at the grocery store and/or the bank, so we stopped using the store and changed banks.
Since then, we keep two checking accounts at our current bank: One for the money and one for the debit card. We keep a minimum balance for day-to-day purchases (gas, food, etc.) in the debit card account and we plan big purchases and ALL online purchases in advance by transferring the money from the money account to cover the purchase right before we make it. At least that way the debit card has a lowered risk because the balance is always very low and the other account is only accessed through the bank's computer. Yes, I know it isn't perfect, but it is better than having all of our cash exposed.
Re:My story (Score:2)
Re:My story (Score:2)
Re:My story (Score:2)
Sure you did. Unless the thief somehow conjured up your card number & pin, they obtained your information from some sort of rigged device somewhere.
I use my ATM card at banks only -- I don't use random ATMs in malls and such. Many banks consider pin-based transactions inviolate, so I treat my ATM card with care!
Re:My story (Score:2)
Re:My story (Score:2)
Report them (Score:4, Interesting)
IAAB.
Debit cards are insane (Score:1)
Re:Debit cards are insane (Score:1)
Second, as others have pointed out, you aren't liable for more than $50 anyway, although there's more hassle with debit since it's your checking account.
Third, what clerk actually takes your card these days? I can't remember the last store I was in that didn't have the scanners that I used, so the card never even leaves my hand. (Exception: restaurants. But even there #1 and #2 still apply.)
Get real! (Score:3, Insightful)
Put yourself in their shoes. Suppose somebody called you up and said, "You owe me $1000 because ..." Never mind the "because", it's a reason that might or might not be valid. Are you immediately going to write them a check? No, you're going to carefully examine their claim, check the facts, maybe talk to a lawyer. Why should your bank be any less careful? Because they have lots of money? They soon won't have any money at all if they give it away to anybody who claims they deserve it.
Re:Get real! (Score:2)
My advice - Only use your credit cards online. Fraud on your checking account via debit card is usually far more painful than fraud on a credit card.
Re:Get real! (Score:2)
You can now plunk down some cash and buy a debit card that's only good for the amount you put into it. That might be a good alternative. Expensive though.
But all these strategies require common sense and caution. I suspect this guy has neither, since he's dealing with several alleged frauds on more than one card.
Re:Get real! (Score:1)
10 weeks?! (Score:1, Interesting)
I believe for real banks there is a federally imposed time limit for adressing fraudelent use of your account, and it certainly isn't 10 weeks.
I had my credit card attached to my paypal account, and someone broke into my paypal account and emptied it (thereby cleaning out my credit card and bank account). I called paypal w
Need clarification (Score:4, Informative)
I'm a little confused by whether this is a Visa/Mastercard issue or a debit network issue. Debit networks (Interlink, Maestro, AFFN, Shazam, Cash Station, Tyme, Star, Mac, NYCE, Pulse, Accel, Honor, etc.) require both the card and the pin number be present at the point of sale, so if these were Internet merchants then these are not debit sales.
(If someone else has more information about debit cards, please reply. We are trained to believe that these debit networks are only available card-present with pin. If that's wrong -- if people can take debit network account numbers over the Internet -- cards which are not also Visa/Mastercard/Discover/AMEX/JCB/International Diners/Novus etc. -- please let me know.)
So in the absence of more information, I would say because the transaction is over the Internet, and the original poster seemed to indicate it was also a debit card, it's probably been processed either as a Visa or a Mastercard.
If that's true, here's the flow of events:
1) Customer notices a fraudulent charge. They notify their bank, and their bank issues a chargeback with a reason code of something like M85 (Fraudulent Transaction - No Cardholder Authorization)
2) Along with the chargeback, the bank who issued the customer's card sends a debit to the merchant's processor (a company like us). So in accordance with the rules, the bank now has the customer's money back in their hands.
3) The bank provisionally credits those funds to the customer. This isn't risky (in case the customer was lying) because if regulations say the bank must pay the merchant back, the bank is responsible for collecting those funds from the customer. (So if the customer closes their account and flees to Mexico or something, the bank still has to pay.)
4) The merchant's processor (again, a company like us) usually then bills the merchant the amount of the chargeback, and notifies them that a chargeback has been filed against them. The merchant then has some time (30 days? 45 days?) to prepare their case, and submit documentation defending their charge.
5a) If the merchant doesn't respond, or the documentation they provide is obviously faulty ("But this gentleman from Nigeria sounded so honest!"), no response is sent. The time to respond to the chargeback case expires, and the bank (and customer) get to keep the money. STOP
5b) If the merchant does respond, with documentation which proves the charge really was authorized, the merchants processor (a company like us) sends the documentation back to the bank, along with a debit which takes money back from the bank and gives it back to the merchant.
6) The customer's bank now has documentation which explains both sides of the story. I don't know what really goes on here, but I assume the bank consults with the customer and tries to get more information from them. The bank is then given some time (30 days? 45 days?) to respond back.
7a) If the customer sees the documentation and says "oops, sorry, I guess I did authorize that one, never mind" then the bank just doesn't respond, and the chargeback drops. STOP
7b) If the bank talks to the customer and finds out the charge really *is* unauthorized, the bank debits money *again*, and things go back to the merchant for the last time.
8) The merchant's processor consults with the merchant, and they decide what they want to do. If the merchant wants to dispute the bank's second decision:
9a) If the charge is a Visa, that second chargeback is actually a "pre-arbitration notice", where the bank is stating that they're prepared to go to Visa for a (costly) independent arbitration. They're *sure* they're right. If the merchant (and their processor) are also *sure* they're right, and no agreement can be reached, the case goes to arbitrati
My experience... (Score:2)
Bank of America SUCKS (Score:1)
Re:Bank of America SUCKS (Score:2, Informative)
The other side of this... (Score:3, Insightful)
I decided to try tracking this down on our end to see where we could lead it. I called our merchant processor with what they call a "code 10", but the result of that call was basically just that they would tell me what bank had issued the cards and what the phone number to that bank was. Both cards were issued by Citibank.
After spend around 30 minutes on the phone with Citibank, all they would do is verify if I had the correct information for the account, and tell me that they wouldn't do anything unless the card-holder called in.
The interesting thing was that on one card the expiration date was wrong. I don't know how my merchant processor authorized the charge with the wrong expiration date. Also, the phone number on both was wrong, but it was correct in the first 6 digits, it was just the last 4 that were different. I wondered if the person making the charge was using VoIP to make it appear that they were in that area when actually they were in Russia.
We ended up reaching one of the actual people by phone that afternoon, and they confirmed that they had not made this charge, the phone number was incorrect, and they also said that they weren't using that card actively at the moment. The other person I couldn't track down by other means, so we sent them a letter.
I find it extremely odd that, as a merchant there is relatively little I can do when I get a fraudulent charge. I guess maybe I should report it to the police and see if there's anything they want to do with it. Citibank couldn't have cared less, no requests for the IP addresses the charges were made from, etc.
If I were to get screwed by a credit card company for charges I didn't make, I'd probably start looking at things like this that make it clear they don't really follow up on this fraud, which could be seen as negligence. Particularly if they had authorized a charge on a card with the wrong expiration date and/or billing phone number, I'd wonder what they're doing to earn their cut in the first place.
Sean