Just found I've had money taken from Tesco Visa

[jennyp19]

Check your statements properly.
I got text from Tesco to say someone had tried to pay a bill via my visa. Strange one text was from mobile number which wasn't on website - followed by b automated phone call, also telling me to contact only via same mobile number. Checked Tesco website but wasn't same number on there so ignored it. Then went to ring via customer services phone Message extra long waiting etc. Gave up.

Tried to make payment this morning with credit card and it was refused. So thought oops it must have been fraud team after all. This morning got call from same number but with double 00 in front - thought I'll answer that one. I went through automated security checks to then be answered by a very American accent and wanting more security checks. By this time paranoia had really set in so refused to answer anymore and rang number on back of card again! Another long wait - eventually managed to remember my security questions to be then put on hold again to fraud team.
They had indeed stopped a payment but on checking my account some cheeky barsteward has done £141 of online grocery shopping with my account on 3/12. I have no idea how this has happened. Never use cash machines with card and as security aware as you can be.
I saw it yesterday on my online statement and knew I hadn't been into Tesco. Normally I wouldn't have thought too much of it as sometimes do a big shop there. They had tried it out with a £2 amount first to see if the account was active.
I read a few weeks ago Tesco Bank was hacked and I wonder if the hackers have been waiting for the busy Christmas shopping period to use hacked accounts as it would be very easy to miss payments illegally taken especially if you do online grocery shopping.

 

[trevskoda]

If ITS a smart card they only have to walk past you to get details but more than likly someone at tesco has done a double swipe and keepet you details.

 

[trixie88]

so sorry to hear this jenny, will they be able to trace it if it was on line shopping........,all these scams etc are frightening.......do hoe you will be able to recover it.

 

[witzend]

I had the same happen I had been in France for a weekend I only used my Tesco card once when I stopped at the Achen at Morliax to fill up with fuel. The next day someone tried to use the number to order goods in the US Tesco phoned us to ask if genuine as card was in France the day before. So they do monitor card use for our protection,

 

[silverweed]

Sky news is saying Visa cards can be hacked in a couple of minutes. Better change mine for something else

 

[molly 2]

Frightening makes you want cut up the !!!!!! Things .

 

[pughed2]

Safety first

Passing on the safety first on cards etc.......if you want your cash to be safe, sorry, avoid online banking, and do not use cards........they can all be hacked and sooner or later will be............steve Bristol

 

[TJBi]

Gone in six seconds

From BBC Money Box:
A new study by cybercrime researchers at Newcastle University found a way for criminals to work out the full details of a credit card in just six seconds. We ask them how.

BBC Radio 4 - Money Box, GB Energy collapses, An investment fund based on gambling, Banking fraud Piece commences at 15:55 on the streamed audio.

 

[antiquesam]

I'm sure that we can can take every precaution, and swap money around on the hoof, or carry vast amounts of money around to avoid using cards, but life is too short. If they want to fleece you they will.

 

[Private]

Credit Card

There's a very simple way to protect yourself from debit card fraud .....

Have a basic bank cash account with a debit card but only ever keep £50 max on it. If you need more, transfer it in from your 'normal' account, using your smart phone, just before using the debit card. I stood in a queue at Smyths Toys this afternoon and transferred in a couple of hundred a few seconds before spending it.

Not so easy for a credit card, beyond carefully checking online regularly or when you get your statement. The ability to minimise risk exists. I have a Revolut card for travelling, and, using my smartphone, can instantly block (or unblock) the ability to use it abroad, make payments on the Internet etc. It's a pity the credit card companies don't get their acts together and implement this kind of user control. It would benefit them even more than us as they'd have a lot less fraud to deal with!

I would offer different advice to this. Use a credit card whenever possible so none of your money is at risk.
When a fraudulent transaction takes place on a credit card you will not be out of pocket as you simply reject the transaction & no money will be taken from your account. It is much easier than trying to reclaim your money back from a debit card fraud.
Although Revolut is a debit card, I believe the advantage of the better rates abroad means the extra risk is worthwhile in major stores, but I would still use a credit card in a more suspect retailer and always online & when in the UK.

The financial institutions do not lose out when a fraudulent transaction has taken place; it is the retailer that takes the loss. Before Chip N' Pin the fraud amount was staggering but the financial institutions just kept it quiet so as not to put people off using their cards. They were still making a few percent off every valid transaction & the retailers were taking the losses. It was only the trust they had to lose.

 

[delicagirl]

i seem to recall that credit card transactions are only covered against fraudulent use if the amount is more than £100 - is that still the case ?

i have had several contacts from a variety of banks over the years to check if a transaction they have picked up as being unusual is one i am doing - and to check my location - so clearly their monitoring is quite good. i have yet to lose any money. I always ensure that i tell my banks if i am going out of the country as well.

i have done internet banking on the move but then i always switch off my wifi immediately afterwards to prevent that facility being open to abuse - i have no idea if that is a sensible thing to do but it makes me feel better !!!

 

[Private]

No, never was?

i seem to recall that credit card transactions are only covered against fraudulent use if the amount is more than £100 - is that still the case ?

i have had several contacts from a variety of banks over the years to check if a transaction they have picked up as being unusual is one i am doing - and to check my location - so clearly their monitoring is quite good. i have yet to lose any money. I always ensure that i tell my banks if i am going out of the country as well.

i have done internet banking on the move but then i always switch off my wifi immediately afterwards to prevent that facility being open to abuse - i have no idea if that is a sensible thing to do but it makes me feel better !!!

I think you are confusing Section 75 protection (which uses a £100 figure) & fraudulent use; there is no upper or lower limit on refusing to pay for a fraudulent transaction.

It is strongly advised that you don't do internet banking over Wi-fi, other than your own. Turning wi-fi off immediately after the transaction will not help. It is the interception of the data that is the risk & once you have sent it, it will already have been captured. Turning Wi-fi off in general when not in use will provide extra safety, but it won't erase the already (potentially) captured data.
Use your 'phone provider data connection for more secure internet banking when mobile.

 

[delicagirl]

I think you are confusing Section 75 protection (which uses a £100 figure) & fraudulent use; there is no upper or lower limit on refusing to pay for a fraudulent transaction.

It is strongly advised that you don't do internet banking over Wi-fi, other than your own. Turning wi-fi off immediately after the transaction will not help. It is the interception of the data that is the risk & once you have sent it, it will already have been captured. Turning Wi-fi off in general when not in use will provide extra safety, but it won't erase the already (potentially) captured data.
Use your 'phone provider data connection for more secure internet banking when mobile.

Thanks re £100.

so in english do you mean that i should not do internet banking from a COSTA/pub connection but ony to use my smart phone for banking when i have a good enough signal to do so ?

i cannot understand how a fraudster can access my bank accounts even if they "capture" my key strokes, because every connection i make has substantially different key strokes, because there are so many different things to input before i get to my account..... different questions to answer different combinations of data to input...... surely all that is not easy to replicate ?

 

[2cv]

Normally you are not liable for money fraudulently taken from your account using a debit card.
Identity theft and scams: how to get your money back - Money Advice Service

 

[Private]

No, not strictly...

Thanks re £100.

so in english do you mean that i should not do internet banking from a COSTA/pub connection but ony to use my smart phone for banking when i have a good enough signal to do so ?

i cannot understand how a fraudster can access my bank accounts even if they "capture" my key strokes, because every connection i make has substantially different key strokes, because there are so many different things to input before i get to my account..... different questions to answer different combinations of data to input...... surely all that is not easy to replicate ?

You can do your banking in a COSTA/pub via their Wi-fi signal, but the risks are greater than on your 'phone providers system. It is just risk reduction advice.
I would definitely not do banking on a pub Wi-fi as it is so easy for a fraudster to set up the Wi-fi to his/her benefit. If someone has access to part of your login information they are well on their way to calculating the rest.
Please don't confuse the type of people who do this kind of thing as "thick as thieves" types. They are highly skilled & often part of a larger organisation that makes millions from fraud. They can buy the best skill set & equipment.
Also remember that no-where is safe from hacking - even the NSA. Capturing data from a router is not even as complicated as hacking. Imagine it as someone steaming open your post before you receive it.

My best advice (for internet banking) would be to definitely avoid independent public Wi-fi (eg. a pub), seriously consider if the need is urgent enough to use large retail chain Wi-fi & use your 'phone provider's network as first choice when mobile.

It is just risk reduction but I do consider the smaller the venue, the larger the risk due to the limited oversight by other computer technicians.

 

[Deleted member 3011]

A lot of the paranoia isn't justified. Any on-line access to banking nowadays is done over secure access regardless of what internet service you are using and any that use two factor authentication are even more secure.

 

[Private]

Normally you are not liable for money fraudulently taken from your account using a debit card.
Identity theft and scams: how to get your money back - Money Advice Service

This is correct but it is missing the main point I am trying to highlight and that is that you will be without your money until you are refunded. This may not matter depending on the amount taken and how easily you can manage without the use of the missing money. If they take a lot or you actually need that money immediately you will be caused avoidable distress and hardship.

As an example, just a couple of weeks ago I engaged the services of a solicitor online. They provided a quote which I accepted. I gave my credit card details for the payment of disbursements. The next day they increased the quote by £700. I told them the new quote was not acceptable and cancelled their instruction. £400 was charged to my credit card on the day I gave it to them.
I am now involved in a series of communications between the solicitors, the credit card company and myself. I care not about chasing anybody for a response to hurry things up because they don't have my money. The credit card company cannot take the money from my account because it is a disputed payment.
Had I paid by debit card I would be the one having to chase people up and would be without the money in the meantime.

 

[1 Cup]

use of plastic fraud is fraud

Debit cards your money. Bank to bank
Credit cards there money. Anything else, ie retailers online or face to face
Any thing over £100.00 is insured on credit cards only look at T&Cs

Fraud is fraud. funds are returned in full but at card issuers descression, time limet not set.

Been told to also, put debit cards inbetween cerdit cards in wallet for extra safety with this new touch thingy

 

[jennyp19]

I use my credit card in preference to debit card purely for the legal reasons mentioned and so long as companies don't charge me extra for doing so.
I can't remember why, but a few years, ago there was something different between liabilities of cards with Visa and MasterCard. When my last Tesco visa was due it made me to go with Tesco Visa rather than the swap to Tesco MasterCard at the time - anyone else remember that.

My main reason for posting was that I wondered if there are a few more likely to be in the pipeline from The Tesco hack, hence the warning check statements very carefully. Apparently it was the £2 they took for a start which could be the giveaway which I had overlooked. If it had been a An employee somewhere they would have already known the account was active.

 

[wildman]

I suspect it is not just tesco's visa, apparently any visa card can be hacked in six seconds, or is that just mastercard propaganda?