/ Money

Does your bank alert you to fraudulent activity on your card?

I’m always wary of answering withheld numbers. The past few years spent fighting back offers of new phone contracts and fictitious compensation claims have me hanging up when I see ‘no caller ID’.

But having relented a couple of weeks ago, it was an unknown call I was glad to receive.

A recorded message purporting to be from my bank told me that it had intercepted fraud on my account, and that I must call the bank immediately. Worried, I did just that.

Having gone through the security checks, I was alerted to the fact that an hour previously, someone had attempted to purchase £1,700 worth of jewellery in the north of England using my old debit card – a card I had destroyed months ago. I was reassured by Barclays that the transaction was blocked, and that any money that had been debited from my account was already reinstated.

Investigating card fraud

I’m not the only one who has been pleasantly surprised by a bank’s efficiency in preventing fraud. Our investigation into card fraud in Which? Money last month shows high levels of satisfaction with the way that credit and debit card providers respond to fraud, and contains plenty of stories where fraud victims have been dealt with sympathetically.

Yet there’s still room for improvement. We also found many people who’ve waited more than a month to get their money reimbursed, with a minority waiting between three and six months. Indeed, the financial regulator has announced that it’s going to look into delays in fraud refunds.

But with £450m lost to card fraud last year alone, it’s encouraging to see that the banks are fighting on your behalf. And I’m happy to endure the odd sales call if it means that my money is protected.

Have you been affected by card fraud? How did your bank respond to the fraud – was it quick to reimburse you?

Comments
Profile photo of wavechange
Member

I have never been victim of card fraud to the best of my knowledge. When I have investigated suspicious payments they have been genuine. Some companies use different names for trading and billing, which is confusing. An unexpected benefit of using contactless payment has been to encourage me to check statements carefully.

I would be interested to know how the fraud on Gareth’s account was perpetrated. It’s good that Barclays blocked the transaction but is there any possibility that a rogue employee was responsible?

Profile photo of alfa
Member

A few years ago, First Direct called me about a suspected fraud on a card. I can’t even remember whether it was a genuine transaction but £1 had been put through. They explained fraudsters sometimes put through £1 to see if the card works before putting through a larger amount.

I never give bank details to FD if they do call me. I always call them back and ask for the right department. They are always happy to do that. Sometimes I give wrong password info just to make sure.

Member
Sophie Gilbert says:
5 October 2014

I haven’t yet been the victim of card fraud, but sometimes banks can be a little too efficient in their fight against it. I have been embarrassed several times by Santander stopping me (in italics) from using my own credit card. What is bizarre about this is that it has happened often on a Thursday night at a pub or restaurant, and I have gone to the pub or restaurant on a Thursday night for years and years and years. Hardly an unusual transaction. I now use my Santander card only for online purchases, and it’s been OK so far. The only reason why I stick with it is that thanks to it I get vouchers to spend at the House of Fraser’s, which I enjoy very much. The day Santander stops giving out the vouchers is the day I tear this card in two.

Profile photo of alfa
Member

There is a simple solution that could cut a lot of credit card fraud.

Credit card companies could set the credit limit of a card and the let the card holder control their own upper limit within that amount depending on their spending habits. Any time a person wants to spend more, they could up their own limit to cover the amount.

I used to keep one card with a very low limit just for internet shopping. The amount was initially £200 then it had to be £300, then they kept putting it up, and I kept getting it reduced.

It was not a problem to ask for the limit to be increased for one month only until one time they gave me the 3rd degree asking for a £200 increase even though there was a substantial amount in my current account at the time and my credit cards have always been paid in full every month. The questions would have been understandable if I had been asking for a £10,000 loan and my banking habits questionable, but since then I have let the credit limit go up and now the limit is £7000.

Member
Bookworm says:
5 October 2014

When the spending limit on my card kept increasing I phoned and asked for that not to happen. I was questioned closely as to why but when I said I wanted (1) to ensure that if my card was stolen there was a limit on what could be spent and (2) I would never spend the limit they were imposing so I didn’t want it – simple as that. They now don’t increase my limit and I am happy with what it currently is.

I was a victim of card fraud – through my own stupidity – and I am usually so careful and astute, but got caught out. As soon as I realised – moments after making the mistake – I contacted my banks who were able to spot a small transaction which wasn’t mine when we examined closely, but would not really have raised any suspicions at all. The transaction was stopped and the money – less than £30 – was refunded back to my account. Thank you Tesco.

Profile photo of william
Member

I’m glad they’ve never done a convo on card limits, I’d hate to mention what mine was (is).

Profile photo of malcolm r
Member

I’ve not suffered card fraud, but have had my card company ring me two or three times on my mobile to check that a transaction I had just made was legitimate. I’m glad they keep watch.
Also good to hear nice things said about banks!

Member
Bookworm says:
5 October 2014

I would agree – I made a large transaction and before I had finished signing the other documents associated with it my phone went off and my card provider was querying that the transaction was bona fide. Can’t complain about that at all (nor would I).

Profile photo of Lee Beaumont
Member

Both banks I use (Halifax & Nationwide) are perfect with this. While I have not myself been a victim of card fraud the Hailfax does call me maybe twice a month to check the card payments I make are correct.

I pay all my bills, do all my shopping, do everything, every Monday morning. I have a list that I work down, but this means the bank systems flag up that my card is being used 5-6 times in half an hour so they always call to check.

It can be annoying, but I don’t moan or kick-off as if i was a victim of card fraud i would be angry and asking why they didn’t check. It’s funny, when my card declines i walk over to my iPhone now and just wait 1-2mins for the call from my bank to check it’s me, it’s pretty funny!

Member
Pat Hines says:
26 December 2014

I am very surprised to see one of the banks you say refer to as ‘perfect’ is Halifax! Someone set up a rogue standing order on my Halifax account to the tune of £4,000. Halifax put me through the mill, severe stress, refused to show me proof of the SO etc. After about 18 months of complaints etc they reimburse me.
I certainly cannot agree that they are helpful on the contrary they were a disaster with appalling customer service.

Profile photo of John Ward
Member

I have never suffered any financial loss as a result of card fraud but at least twice I have had my card suspended by Nationwide because their system detected attempted misuse of my details [I believe it involved several attempts to enter my PIN] and I am grateful for the action they took.

I am surprised at the number of companies that do not use any encryption technology for taking credit card payment details over the telephone [and even more amazed at the number of people who casually give all their credit card ID, except the PIN, over the phone to some anonymous call-centre operative – who probably also has lots of other relevant personal data on their screen and can create a 99% profile]; they can certainly order things on-line with that amount of information because the stipulation that goods must be delivered to the card-holder’s billing address seems to have fallen by the wayside.

Profile photo of wavechange
Member

John makes an important point about delivery addresses. It was very frustrating to have to have to collect undelivered post and where the delivery company had no local depot, I had to take time off work to receive deliveries. Eventually, my credit card company let me register one of my cards with my employer’s address for deliveries and billing, and I had no further problem.

I presume that card companies have dropped the requirement to have the same billing and delivery address and wonder how often this results in theft of goods.

Profile photo of william
Member

Somehow I’ve managed to have been done twice, and both times I only found out when I got a phone call from the credit card company. And both times I refused to discuss it with them, so only found out when I rang the number on the back of the card.

Turns out the 1st time I was one of a few thousand that had been done by the staff of the local petrol station. The cc company got suspicious when someone tried to take 200 euros from an ATM in Belguim. At the time I was sat at my desk at work, sorry that should have been chained to. The cc company refunded the money without any issues. The biggest problem, was going without a cc for 2 weeks. And having to use a backup card which didn’t give me points 🙁

The second time was 1p I still don’t know what happened but I think it was a facebook app, although not sure how that happened as I’ve never given facebook my cc details.

On a few other occasions I’ve been rung by various cc companies querying transactions that turned out to be genuine. It’s odd which countries MMORPG game companies use for the “headquarters”.

Profile photo of Clint Kirk
Member

I’ve had poor service from Barclaycard. Several times I got called by their fraud department when I had made legitimate purchases, which I found annoying because I always check my statements anyway, and if I had found a transaction I didn’t recognise I would contest it. On several other occasions, Barclaycard randomly declined some transactions (including when I tried to buy a train ticket from a machine at a station using chip & pin) but I did not get a call to question it. Now that really is annoying. On the one occasion when there was a fraudulent transaction on my card, they called me, and I confirmed I hadn’t made that transaction and told me not to worry, and issued me a new card. But they still charged me for the fraudulent transactions. I tried ringing their fraud department but ended up in a long waiting queue, so I gave up and sent them a secure online message instead. They replied that they charged me because I hadn’t filled in a form to confirm the transactions were not mine. That’s because I was never told I had to fill in a form! They wrote that they would send me a form by post. I never received that form, but they have reimbursed me nevertheless.

Member
cynthia farrell says:
10 October 2014

Natwest were quite good at alerting me (eventually) to the fact that someone had used my credit card to buy £3,800 worth of goodies at such places as Harrods. Am a bit miffed though, because Natwest spoke to a woman claiming to be me who allegedly ‘passed’ their security checks – but they didn’t ask her my mother’s maiden name so initially two of the transactions were allowed through- it was only when John Lewis Direct challenged the third transaction that the bank realised something wasn’t quite right. I now have a new card and have set up two passwords with Natwest to try and prevent anyone else impersonating me – providing of course that Natwest follows its own security procedures.

The fraudsters knew my date of birth, the branch of my bank and also knew the 3 digit number on the back of my credit card – and had one of the fraud team not listened again to the recorded conversation with the fraudster and realised it wasn’t me, it is likely that I would have been presumed to have spent the money and would be liable for the loss.

Member
Bookworm says:
10 October 2014

You would have reasonable grounds for complaint to the Finance Ombudsman if you have suffered a financial loss if they were not asking all the security questions. But it does go to show how easily some information is available to those who seek hard enough.

And how do you get passed giving out some of your personal information. So many websites ask for so much now that it is almost impossible to remain (nearly) anonymous.

Profile photo of Clint Kirk
Member

Some websites now ask for characters 8 and 11 of my mother’s maiden name, and the only way I can provide that is to write it down on a piece of paper and count the letters. The piece of paper then gets picked up out of the bin by whoever passes by.

Profile photo of wavechange
Member

My bank asks me for a selection of characters from my password each time I log in to online banking. It soon proved easy. Ask a child how to do this without writing anything down and they will probably suggest a digital solution that precedes the digital age – count the characters on your fingers. 🙂

Profile photo of Lee Beaumont
Member

I count the characters on my fingers lol

Member
michael says:
12 July 2015

Most of the phone banking, as well as, card fraud is unfortunately done by the information passed over to the fraudster from bank personnel.
they tried it with me and they refuse to let me listen to the phone calls that purported fraudster made pretending to be me; the Natwest Fraud Department are wholly incompetent, arrogant and unacceptably rude, the fact that they are not willing to cooperate with customers is that they are probably involved.
fraudsters know that the banks are secretive pretending to be cautious and take advantage by targeting staff internally and obtain information with a view to fleecing customers accounts.
unfortunately unless the banks control and curb the power that they have allowed their fraud departments to operate under MI5 style methods and make them accountable and transparent the situation will not improve

[Hi Michael, this post has been slightly tweaked to align with our commenting guidelines. Thanks, mods]

Member
Gay or Hughes says:
11 October 2014

Yes, my card number was used to book a flight and holiday, this was picked up by Lloyds Bank. They phoned me on my mobile, and also my house phone, the flight payment had already been taken out of my account, but they stopped the hotel payment. After a few personnel questions, the flight money was returned to my account, and the hotel was not paid. If Lloyds hadn’t been so quick, it would have been £1000 gone.

Profile photo of alfa
Member

Wouldn’t it have been nice it the thieves had been arrested at the airport?

Member
agdpa says:
11 October 2014

Monday I received a text message from my bank to ask me to verify a transaction that had just been presented to my account by texting back yes to verify or no to deny the transaction. When I texted no then I received a text asking me to ring them. Within 3 days they had cancelled my card sent me a new card which I received immediately and refunded two fraudulent transactions. Very good service from Lloyds.

Member
Technofoge says:
11 October 2014

Almost seven years ago I had a card, which I used for Internet purposes only, with a low credit limit. I made a purchase from a well known national company, which went through in the usual efficient way. The following month I received a letter from my card provider informing me that my credit limit had been increased by £4000. I saw no reason for this as I had not requested such an increase. I received my next monthly statement expecting that it would be showing a nil balance and was surprised to find a balance of over £4000, in one transaction. When I got in touch with the card provider to deny any knowledge of the transaction, I was sent a form to complete and the balance was credited back immediately, without question. But with no expalnation as to the circumstances.
The following month it was announced on the TV News that the company from which I had made my last purchase had been hacked and the card details of several thousand customers had been stolen. I would ask two questions 1) why did the company not inform its customers and 2) what is the point in having a small credit limit for internet use if the card provider simply increases it should it be exceeded, without even contacting the card holder?
I immediately cancelled my credit card with that provider and have made no further purchases from the company involved.

Member
Chris says:
11 October 2014

I experienced two fraudulent transactions for two small amounts of about £7 but in a dodgy country. I have on-line banking and what initially alerted me was the fact that there had been a fee for using the card rather than the transactions themselves, probably because the amounts were small. People say that on-line banking is not secure, but I’m pretty sure that my PIN number had been copied when I used the ‘hole in the wall’ early one morning when catching a train and with time at a premium, because I try to avoid them otherwise; (the hole in the wall, not the trains!)
and use cashback if I need cash. My bank is First Direct and they were fantastic and the money refunded in a couple of hours. If I had not had on-line banking, I wouldn’t have seen the transactions and not noticed anything until my statement arrived, and probably would have been the victim of larger amounts.

Member
hazel roberts says:
11 October 2014

our cards were due to be renewed on a joint account. My husband received his on Friday, on Saturday evening I received phone call from bank asking if I had used my new card. They had already blocked it as usage was more for cash back and amounts spent very low less than £3 or £4.
Whenever I query credit card transactions response has been rapid , blocking and reimbursing me

Member
McCheyneGray says:
11 October 2014

Just last Saturday I had a call to my mobile from ‘Clydesdale Bank’ in which a fairly non-confident sounding young man asked me if I had made a transaction with a mobile ‘phone company other than my usual one, because someone had apparently used my Maestro card to try and pay it. On being told that I had not, he infromed me that my card would be blocked, and a new one sent. As the card had not been out of my posession, I checked after that and found the call was genuine (Maybe he was inexperienced in making such a call, in his first week, perhaps.) I was thus left without Debit Card facility, until the new card arrived, by post, on Thursday, followed by the Pin.No. on Friday, again by post. I’m certainly grateful, and impressed, with the speed of action in contacting me, but to be without means of obtaining cash — other than going to my branch when it’s open, not always possible — would it not have been sensible to courier it, or something? Even at a cost, it would be nice to have the choice. What if I’d been down to less than £5 in my pocket?

Member

My partner’s debit card was recently subject to a fraudulent transaction. It was only for a few pounds but the bank (Santander) spotted it because the transaction was out of character (it took place at a quarter to five in the morning!). They made contact to check that it was a fraud, and then promptly refunded the money and issued a new card.

Member
Carol says:
11 October 2014

I have twice been the victim of card fraud. The first time it was because the security of my travel insurance firm had been compromised. My bank Natwest alerted me and took action.
The second time, a couple of weeks ago was, I suspect, due to a parking machine that had been tampered with in Hawkshead in the Lake District. Natwest texted me within hours. I was wary of replying to the text in case it was a scam so used the direct number to the fraud department. Apparently someone was trying to spend my money in the US. My new card arrived within 48hours and I suffered no loss.

Member
G. Housley says:
11 October 2014

Coop Bank detected attempted fraud and stopped it , and notifying me. Issued new card.

Member
Elizabeth Kemp says:
11 October 2014

I was very alarmed when I had a text message from Lloyds Bank one Thursday morning asking me to verify a payment that I did not recognise. When I contacted the Fraud dept of lloyds they told me a payment had been made using the debit card no of my card. They cancelled the card and said they would reimburse my account. By the time I had gone to my branch that morningto draw some cash out a total of 5payments had been taken. I received a new debit card on the Saturday which I thought was very prompt. I should go on to say that I have always been careful to shield my PIN number when using hole in the wall tcms. I can only think that my card had been cloned. I therefore now do not use hole in the wall cash machines. I will not use my card at petrol stations either. I know this restricts you but prefer to withdraw from cash machines that are inside my bank or inside a building.

Member
Ian Parr says:
11 October 2014

I got a statement from tesco mastercard and saw that the first 5 entries were not me . Some were at various Tescos miles away from where I live and one was for a national express ticket. They had also had a refund on one of the items purchased(presumably a failed attempt to get cash). Tesco cancelled the card and issued me with a new one.I generally clear my account at the end of the month to avoid interest charges, they told me if I cleared the account less the fraudulant purchases that this would be fine. I did and incured no interest charges.
They said that they would send me a form to sign to confirm that I had not made the purchases and that it was important that I returned this asap (within two weeks max) otherwise they would be charged back to my account.
So in general they were effecient. the only thing that did concern me was at some stage in the future I was checking my online account I noticed that there were still statements showing for the old credit card with overdue balances. I rang them about it and they said not to worry this was just the way their system worked.

Member
Cece says:
12 October 2014

I think the mobile connectionis valueable tool. But how does this work if a person is Deaf/Hard of hearing?

Member
Enquirer 123 says:
6 June 2015

My banks send me texts on my mobile phone, Cece.

Profile photo of Patrick Taylor
Member

http://phys.org/news/2014-11-contactless-cards-recognise-foreign-currency.html?

” A flaw in Visa’s contactless credit cards means they will approve unlimited cash transactions without a PIN when the amount is requested in a foreign currency.
New research by experts at Newcastle University, UK, has highlighted a ‘glitch’ in the Visa system which means their contactless cards will approve foreign currency transactions of up to 999,999.99 in any foreign currency.”

Its reassuring to know everything has been sorted out ….oh you mean it hasn’t!!

Profile photo of bib1
Member

Also said this over on the ‘contactless conversation’ ……..

There’s an odd thing about these reports of massive security loopholes that are childsplay to get away with.

They are never exploited.
Where are all the follow-up stories of contactless card-holders being fleeced for 999,999 Euros or US$?

If I were a bit younger and a lot less honest, I’d be on to a loophole like this in a flash.

But no, there are no such reports.
Why?

Profile photo of Patrick Taylor
Member

bib1 – I used to work in Banking and the knowledge that cards could be cloned was much more recognised in the Banks before it became mainstream public. The answer by the industry would be its only a small percentage, we will sort out a new system, etc etc but we do not want the public to lose faith in this system which saves us having branches and lots of cashiers.

Of course this did also require a stone-walling of people who swore they had been rooked.

Generally speaking if they tell people up-front like the Newcastle project it means the fix has been applied. You have to note that it was launched with this error included and draw your own conclusions about the safety of the system and how rigorously it is tested.

So the reports that are interesting are the ones where it is reported after the money has been stolen. And there are plenty of those if you read the right sites. Newspaper generally do not like to over emphaise them as newspapers like to believe the reassurances offered and generally lack the technical knowledge to challenge. And they do realise that Banks advertise lots.

http://www.pymnts.com/news/security-and-risk/2014/target-data-breach-lawsuit-continues/#.VICt2WfyV8E

Of course Banks are not shy of suing others over data breaches whilst quite conciliatory over their own failed security.

You will appreciate that there are probably one hundred juicy stories from around the globe over the last five years reported but rarely in the UK which may explain why we the public feel overly safe.

Member
jonasuk says:
31 January 2015

I have email alerts which I set up if an amount is over a certain amount or in a foreign currency, It is a great service and proved useful only a couple of days ago. I noticed a number of email alerts to my phone of someone buying lots of online train-tickets in the UK. (I am in the USA so the alerts happened as transactions foreign.)
Card blocked, fraud investigation out. Great service.

Profile photo of ravenstock
Member

I checked my on line banking last week only to discover a pending transaction for £599.94 for an online purchase in the USA. I was in the USA in Nov 2015 and only used my debit card twice to pay for hotels in Las Vegas and Orlando. I had notified Lloyds bank in advance of this and given them a three week window of my time there. I contacted the bank and they cancelled my card and issued a new on immediately and the transaction was cancelled. My concern was that when I asked the bank why they had not alerted me of this transaction they said it was because I had ‘recently’ used my card in the USA. Why bother giving the bank a time period my card was going to be used and then for them to ignore it? On the plus side whoever ordered the goods didn’t receive them and my money was safe.

Member
susan sale says:
16 November 2016

I have been the victim of card fraud 3 times, the first time was with a Debenhams card, I was refunded as I had hospital appointment to prove I was not 100 miles from home, the second time someone purchased 2 mobile phones , the phone company sent me 3 final demands the fourth was to take me to court, I agreed to this as I could prove my age was different to the one stated, after that the letters stopped. the third time I received a call from Barclaycard to inform me my card had been compromised so it had been cancelled I am waiting for the new card any day now.
You could say I have been unlucky but as far as I am concerned I have been lucky as no funds were taken but it still leaves a bad taste in your mouth, my only hope is what goes around comes around.

Member
Debbie C says:
17 March 2017

Have just been the victim of fraud via Paypal – two banks involved. First Direct refunded me as soon as I called them but Nationwide required me to request a Visa Dispute procedure which could take between 1 – 10 working days to be assessed before refunding me. Not particularly impressed with this as I am £966 out of pocket thanks to some lowlife buying two Sony Xperias. Nationwide’s excuse is that they don’t have to comply with the Payment Services Directive (as advised by the very helpful and obliging lady at First Direct) as they are a “Building Society”! and that my first port of call should be with Paypal (had already done this!)
In addition to this, neither First Direct nor Nationwide called me to ask whether the transactions were genuine despite the fact that I have rarely, if ever, spent those sort of amounts of money from either of the accounts despite being with them both for many many years.

Member
Lesa Hunter says:
16 July 2017

I had it done twice with clydesdale then recently but they are not willing to gave me my money back this time.

Member
stephanie ackroyd says:
30 July 2017

Ive had my bank account hacked while i was away on holiday yet the bank didnt get in contact with with unusal activity !! It wasnt until i came home 2 weeks later that i realised i had no money in my account & i had to get intouch with my bank