OT but so much experience here!

Wife noticed this morning that her Barclays current account was £400
down from yesterday, with no transaction listed. She went into the
branch and they said "You bought a Dyson". She bought one three months
ago and thought she used the Barclaycard credit card, so came home to check.

Confirmed she did bought it from Amazon on Barclaycard.

Both Dyson and Amazon deny making the second transaction.

Phoned bank fraud department and failed the initial security check, her
DOB and/or mothers maiden name have been changed. But after
authenticating with the Pin Sentry they were happy to talk to her, said
"Card must have been cloned, we'll cancel it and send you another".

The original order was actually for three items, but the value of the
new transaction is *exactly* the same as the total, five digits so
unlikely to be chance (and the bank knew it was for a Dyson).

She only uses the card in ATMs or for online transactions, so I don't
*think* someone has literally cloned the card. Amazon may have her debit
card details as well as credit card.

Question.

What's leaked is the value of a specific transaction between Barclays
and Amazon (rather than Dyson, I assume) plus details of a card other
than the one used. Doesn't this imply that the leak must have come from
the systems of one of these two organisations? Data snatched from the
ether at the time of the original transaction wouldn't have been
associated with the debit card details.

By some miracle, she spotted this before the transaction had actually
gone through, so it may well have been stopped already. But I am
wondering what else we might be vulnerable from.

TIA!

On 29/06/2015 16:27, newshound wrote:
OT but so much experience here!

Wife noticed this morning that her Barclays current account was £400
down from yesterday, with no transaction listed. She went into the
branch and they said "You bought a Dyson". She bought one three months
ago and thought she used the Barclaycard credit card, so came home to
check.

Confirmed she did bought it from Amazon on Barclaycard.

OK I have had something similar and it highlights a dirty little secret
about credit card transactions that they would really rather you didn't
know. The transaction I had go spectacularly wrong was a rerun of a
final payment for an entire fitted kitchen fully *three* years later!

Not surprisingly this stuck out like a sore thumb.

Once a company has your details and full verification the credit card
transaction can be run more than once and unlike a cheque it *never*
times out. They will unwind it quickly once you point it out.

Both Dyson and Amazon deny making the second transaction.

They would wouldn't they. I would get your bank fraud department to
check again. My strong suspicion is that that vendor inadvertently reran
an old batch of transactions somehow and that you are not alone.

It is a good one to ask one of the money pages. I doubt if your card has
really been compromised. My suspicion is that human error has resulted
in a rerun of the exact same batch of transactions verbatim.

Phoned bank fraud department and failed the initial security check, her
DOB and/or mothers maiden name have been changed. But after
authenticating with the Pin Sentry they were happy to talk to her, said
"Card must have been cloned, we'll cancel it and send you another".

That DOB and/or mothers maiden name have been changed is more worrying.
Perhaps you should be worried. Time to do a deep AV scan...

The original order was actually for three items, but the value of the
new transaction is *exactly* the same as the total, five digits so
unlikely to be chance (and the bank knew it was for a Dyson).

I reckon that means it was a rerun phantom transaction.

She only uses the card in ATMs or for online transactions, so I don't
*think* someone has literally cloned the card. Amazon may have her debit
card details as well as credit card.

Question.

What's leaked is the value of a specific transaction between Barclays
and Amazon (rather than Dyson, I assume) plus details of a card other
than the one used. Doesn't this imply that the leak must have come from
the systems of one of these two organisations? Data snatched from the
ether at the time of the original transaction wouldn't have been
associated with the debit card details.

It could also mean that your home computer is compromised by a keylogger
and the miscreants now have enough info to fake being you. The puzzle is
that they should buy another Dyson rather than something more easily
traded secondhand.

By some miracle, she spotted this before the transaction had actually
gone through, so it may well have been stopped already. But I am
wondering what else we might be vulnerable from.

TIA!

It is better to be safe than sorry but apply a bit of pressure about the
curious numerical coincidence that the transaction was for the exact
same amount and demand to know the delivery address.

Genuine malicious attacks on cards tend to be along the lines of a small
donation to a charity followed by a top of the range iPhone.

--
Regards,
Martin Brown

On 29/06/2015 16:53, Martin Brown wrote:
On 29/06/2015 16:27, newshound wrote:
OT but so much experience here!

Wife noticed this morning that her Barclays current account was £400
down from yesterday, with no transaction listed. She went into the
branch and they said "You bought a Dyson". She bought one three months
ago and thought she used the Barclaycard credit card, so came home to
check.

Confirmed she did bought it from Amazon on Barclaycard.

OK I have had something similar and it highlights a dirty little secret
about credit card transactions that they would really rather you didn't
know. The transaction I had go spectacularly wrong was a rerun of a
final payment for an entire fitted kitchen fully *three* years later!

Not surprisingly this stuck out like a sore thumb.

Once a company has your details and full verification the credit card
transaction can be run more than once and unlike a cheque it *never*
times out. They will unwind it quickly once you point it out.

Both Dyson and Amazon deny making the second transaction.

They would wouldn't they. I would get your bank fraud department to
check again. My strong suspicion is that that vendor inadvertently reran
an old batch of transactions somehow and that you are not alone.

It is a good one to ask one of the money pages. I doubt if your card has
really been compromised. My suspicion is that human error has resulted
in a rerun of the exact same batch of transactions verbatim.

Phoned bank fraud department and failed the initial security check, her
DOB and/or mothers maiden name have been changed. But after
authenticating with the Pin Sentry they were happy to talk to her, said
"Card must have been cloned, we'll cancel it and send you another".

That DOB and/or mothers maiden name have been changed is more worrying.
Perhaps you should be worried. Time to do a deep AV scan...

The original order was actually for three items, but the value of the
new transaction is *exactly* the same as the total, five digits so
unlikely to be chance (and the bank knew it was for a Dyson).

I reckon that means it was a rerun phantom transaction.

She only uses the card in ATMs or for online transactions, so I don't
*think* someone has literally cloned the card. Amazon may have her debit
card details as well as credit card.

Question.

What's leaked is the value of a specific transaction between Barclays
and Amazon (rather than Dyson, I assume) plus details of a card other
than the one used. Doesn't this imply that the leak must have come from
the systems of one of these two organisations? Data snatched from the
ether at the time of the original transaction wouldn't have been
associated with the debit card details.

It could also mean that your home computer is compromised by a keylogger
and the miscreants now have enough info to fake being you. The puzzle is
that they should buy another Dyson rather than something more easily
traded secondhand.

By some miracle, she spotted this before the transaction had actually
gone through, so it may well have been stopped already. But I am
wondering what else we might be vulnerable from.

TIA!

It is better to be safe than sorry but apply a bit of pressure about the
curious numerical coincidence that the transaction was for the exact
same amount and demand to know the delivery address.

Genuine malicious attacks on cards tend to be along the lines of a small
donation to a charity followed by a top of the range iPhone.


Thank you for the prompt response, much to think about there. By good
fortune (I think) my wife does all her shopping on a Chromebook which
I'd like to believe is much less vulnerable to keyloggers etc than a
Windows PC.

Thank you for the prompt response, much to think about there. By good
fortune (I think) my wife does all her shopping on a Chromebook which
I'd like to believe is much less vulnerable to keyloggers etc than a
Windows PC.

OK, this is not directly related to what has happened to you, but does
fall into the category of 'how credit cards work in ways you didn't
realise'.

One day, I go to te village shop, and my credit card is rejected. I
leave te shopping there and go home and get on te phone.

'Your credit card was rejcetd because its out of date'
'No, its valid till the end of the next month'
'It was unti8l you used your new one'
'I haven't even recieved my new one yet'
'Yes you have, because there's a transaction of £6.50 on it'
'Not by me there ain't. Who is the payee?'
'The Financial Times'
'I do have an online subscription with them, but how would they know to
use my new card that I haven't received yet?'
'Oh they would get notified *automatically*'
'Right, so basically you can not send me a new card, and before I
receive it let alone activate it, someone without my knowledge or
consent can cause my old card to be cancelled, and you think that's OK?'
'Yes, basically'.

In fact I found the card. My (soon to be ex-) wife had thrown it in a
pile of junk mail ..


--
New Socialism consists essentially in being seen to have your heart in
the right place whilst your head is in the clouds and your hand is in
someone else's pocket.

Sounds like the crooks are now wise to the way banks look for unusual
transactions and thus can slip under the radar.
I don't think a payment method has ever been foolproof, and the more we use
cashless systems the more the crooks desert the real world and inhabit the
virtual one. The challenge as it has always been is to find ways to stay
ahead of the pack.
I'm expecting some issues when Apple Pay and the new 30 quid limit come to
pass in the contactless world Come September.
Brian

--
From the Sofa of Brian Gaff Reply address is active
"newshound" wrote in message
...
OT but so much experience here!

Wife noticed this morning that her Barclays current account was £400 down
from yesterday, with no transaction listed. She went into the branch and
they said "You bought a Dyson". She bought one three months ago and
thought she used the Barclaycard credit card, so came home to check.

Confirmed she did bought it from Amazon on Barclaycard.

Both Dyson and Amazon deny making the second transaction.

Phoned bank fraud department and failed the initial security check, her
DOB and/or mothers maiden name have been changed. But after authenticating
with the Pin Sentry they were happy to talk to her, said "Card must have
been cloned, we'll cancel it and send you another".

The original order was actually for three items, but the value of the new
transaction is *exactly* the same as the total, five digits so unlikely to
be chance (and the bank knew it was for a Dyson).

She only uses the card in ATMs or for online transactions, so I don't
*think* someone has literally cloned the card. Amazon may have her debit
card details as well as credit card.

Question.

What's leaked is the value of a specific transaction between Barclays and
Amazon (rather than Dyson, I assume) plus details of a card other than the
one used. Doesn't this imply that the leak must have come from the systems
of one of these two organisations? Data snatched from the ether at the
time of the original transaction wouldn't have been associated with the
debit card details.

By some miracle, she spotted this before the transaction had actually gone
through, so it may well have been stopped already. But I am wondering what
else we might be vulnerable from.

TIA!

On Monday, June 29, 2015 at 4:27:46 PM UTC+1, newshound wrote:
OT but so much experience here!

Wife noticed this morning that her Barclays current account was £400
down from yesterday, with no transaction listed. She went into the
branch and they said "You bought a Dyson". She bought one three months
ago and thought she used the Barclaycard credit card, so came home to check.

Confirmed she did bought it from Amazon on Barclaycard.

Both Dyson and Amazon deny making the second transaction.

Phoned bank fraud department and failed the initial security check, her
DOB and/or mothers maiden name have been changed. But after
authenticating with the Pin Sentry they were happy to talk to her, said
"Card must have been cloned, we'll cancel it and send you another".

The original order was actually for three items, but the value of the
new transaction is *exactly* the same as the total, five digits so
unlikely to be chance (and the bank knew it was for a Dyson).

She only uses the card in ATMs or for online transactions, so I don't
*think* someone has literally cloned the card. Amazon may have her debit
card details as well as credit card.

Question.

What's leaked is the value of a specific transaction between Barclays
and Amazon (rather than Dyson, I assume) plus details of a card other
than the one used. Doesn't this imply that the leak must have come from
the systems of one of these two organisations? Data snatched from the
ether at the time of the original transaction wouldn't have been
associated with the debit card details.

By some miracle, she spotted this before the transaction had actually
gone through, so it may well have been stopped already. But I am
wondering what else we might be vulnerable from.

TIA!



Could it be that her email account has been hacked and someone is reading her emails? Then they'd see the notifications of purchase amounts and would use those same amounts so as to conceal them.

Robert

On 01/07/2015 10:05, RobertL wrote:
On Monday, June 29, 2015 at 4:27:46 PM UTC+1, newshound wrote:
OT but so much experience here!

Wife noticed this morning that her Barclays current account was £400
down from yesterday, with no transaction listed. She went into the
branch and they said "You bought a Dyson". She bought one three months
ago and thought she used the Barclaycard credit card, so came home to check.

Confirmed she did bought it from Amazon on Barclaycard.

Both Dyson and Amazon deny making the second transaction.

Phoned bank fraud department and failed the initial security check, her
DOB and/or mothers maiden name have been changed. But after
authenticating with the Pin Sentry they were happy to talk to her, said
"Card must have been cloned, we'll cancel it and send you another".

The original order was actually for three items, but the value of the
new transaction is *exactly* the same as the total, five digits so
unlikely to be chance (and the bank knew it was for a Dyson).

She only uses the card in ATMs or for online transactions, so I don't
*think* someone has literally cloned the card. Amazon may have her debit
card details as well as credit card.

Question.

What's leaked is the value of a specific transaction between Barclays
and Amazon (rather than Dyson, I assume) plus details of a card other
than the one used. Doesn't this imply that the leak must have come from
the systems of one of these two organisations? Data snatched from the
ether at the time of the original transaction wouldn't have been
associated with the debit card details.

By some miracle, she spotted this before the transaction had actually
gone through, so it may well have been stopped already. But I am
wondering what else we might be vulnerable from.

TIA!



Could it be that her email account has been hacked and someone is reading her emails? Then they'd see the notifications of purchase amounts and would use those same amounts so as to conceal them.

Robert




I'd wondered that, she is not particularly security savvy, but this
seems to be a one-off, and the transaction (which was only pending) has
not actually gone through. I'm inclined to think it might well be, as
Martin suggested, a retailer or bank issue with a re-run transaction batch.

Thanks to all for the comments and suggestions!

On 29/06/2015 18:16, Jonno wrote:
Ask the bank for a new debit card number.

Might not help.

Colleague of mine is still unwinding the fraud from his corporate card.

They stopped his card, cancelled the transactions, and sent a new card.

With the same number, which undid the cancellation. Fraud restarted.

So they sent him another card, this time with another number.

Timeout was hit on the cancellation, so the fraud restarted - and the
fraudulent transactions were automatically transferred to the new card
number.

This time they cancelled his new card. But not the old one...

He's now on his 4th card since Christmas. Luckily he hasn't had to go
anywhere!

Andy

In article ,
Vir Campestris wrote:
On 29/06/2015 18:16, Jonno wrote:
Ask the bank for a new debit card number.

Might not help.

Colleague of mine is still unwinding the fraud from his corporate card.

They stopped his card, cancelled the transactions, and sent a new card.

With the same number, which undid the cancellation. Fraud restarted.

So they sent him another card, this time with another number.

Timeout was hit on the cancellation, so the fraud restarted - and the
fraudulent transactions were automatically transferred to the new card
number.

This time they cancelled his new card. But not the old one...

He's now on his 4th card since Christmas. Luckily he hasn't had to go
anywhere!

I once had fraud on a new debit card. I'd only used it once - at an indoor
machine in the bank. I suspected internal fraud - the bank was very cagey.

On 29/06/2015 22:02, Charles Hope wrote:
In article ,
Vir Campestris wrote:
On 29/06/2015 18:16, Jonno wrote:
Ask the bank for a new debit card number.

Might not help.

Colleague of mine is still unwinding the fraud from his corporate card.

They stopped his card, cancelled the transactions, and sent a new card.

With the same number, which undid the cancellation. Fraud restarted.

So they sent him another card, this time with another number.

Timeout was hit on the cancellation, so the fraud restarted - and the
fraudulent transactions were automatically transferred to the new card
number.

This time they cancelled his new card. But not the old one...

He's now on his 4th card since Christmas. Luckily he hasn't had to go
anywhere!

I once had fraud on a new debit card. I'd only used it once - at an indoor
machine in the bank. I suspected internal fraud - the bank was very cagey.

I had the same on a company account some years ago. There were two
cards, one was used on a regular basis. The other was never used.

Both had substantial debits made against them to overseas accounts.
Abbey were quick to return the money without any ado.

In article ,
Charles Hope writes:

I once had fraud on a new debit card. I'd only used it once - at an indoor
machine in the bank. I suspected internal fraud - the bank was very cagey.

There was a spate of that some years ago - it was an internal fraud.
Banks were telling people to cut up their cards when it was reported,
which very conveniently destroyed the transaction sequence number in
the card chip which was the only proof that the fraudulant transaction
which was verified by PIN had not been done using the customer's card
at all.

--
Andrew Gabriel
[email address is not usable -- followup in the newsgroup]

On Mon, 29 Jun 2015 21:45:10 +0100, Jonno wrote:

Colleague of mine is still unwinding the fraud from his corporate
card.

Time to cancel the bank account.

Agreed, plenty of banks out there. But this is a coporate card, OPs
colleague may not have control of who the company banks with. But it
certainly seems like time for a email to the MD/CEO, MD Finance of
the company cc'd to the CEO/MD MD Customer Service of the card
co/bank. Expressing ones "disappointment".

--
Cheers
Dave.

On 01/07/2015 08:57, Dave Liquorice wrote:
Agreed, plenty of banks out there. But this is a coporate card, OPs
colleague may not have control of who the company banks with. But it
certainly seems like time for a email to the MD/CEO, MD Finance of
the company cc'd to the CEO/MD MD Customer Service of the card
co/bank. Expressing ones "disappointment".

Today he was looking for 'phone numbers for the internal credit card
people. They've ignored his emails, but the automated system has noticed
that he hasn't submitted an expense claim for all the fraudulent items
and has sent him a "strike 1" email.

Andy

On 02/07/2015 21:11, Vir Campestris wrote:
On 01/07/2015 08:57, Dave Liquorice wrote:

Agreed, plenty of banks out there. But this is a coporate card, OPs
colleague may not have control of who the company banks with. But it
certainly seems like time for a email to the MD/CEO, MD Finance of
the company cc'd to the CEO/MD MD Customer Service of the card
co/bank. Expressing ones "disappointment".

Today he was looking for 'phone numbers for the internal credit card
people. They've ignored his emails, but the automated system has noticed
that he hasn't submitted an expense claim for all the fraudulent items
and has sent him a "strike 1" email.

Andy

Ho hum. Dumb as a rock accounting department with automated software.

It is time to take the complaint directly to the head of department.
Provide a succinct summary of events so far, emails ignored, timeline
and most recent development - then sit back and watch the fireworks.

--
Regards,
Martin Brown