Well, I just experienced credit card fraud… again.
Why I’m usually not worried about credit card fraud
I feel like a lot of people are paranoid when it comes to credit card fraud fraud, and I’m not sure I totally understand that. In the event that your card is compromised and you report it, you’re typically not on the hook for any of the charges.
So while I won’t go so far as to wear a shirt with my credit card number printed on it, I generally lose zero sleep over worrying about my information being compromised.
I feel like we hear about a major data breach at a major travel brand just about weekly lately, and on top of that, I have a lot of credit cards.
Every time I go to a restaurant a stranger takes my credit card and could easily steal my info if they wanted to, so I think it’s somewhat irrational to be overly concerned about sharing those details online, etc.
I deal with credit card fraud occasionally
Having said the above, credit card fraud is most definitely a real thing. In June 2015 I experienced credit card fraud, and again in June 2017. Back in the day I feel like most credit card fraud happened in one of two ways:
- When you actually physically don’t have your card, either because it’s lost or stolen, and someone starts spending on it
- Someone has your card details and then makes online purchases since they know the info
However, both of my credit card fraud incidents in the past four years were actually for in-store purchases where I still had my physical card, so obviously fake cards were made with my information.
My latest credit card fraud incident
This morning I woke up to a secure message from Chase regarding my Chase Sapphire Reserve® Card. Usually when you get these types of messages regarding fraud they’re asking you to verify a purchase, but in this case they were asking me to verify that I called from a certain phone number:
**PLEASE VERIFY THE CALL BELOW, RECEIVED FROM AN UNKNOWN PHONE NUMBER.**
DATETIME ESTCALL FROM PHONE NUMBER
12/03/2018 3:39 PM XXX-XXX-9251
Very interesting. I didn’t recognize the last four digits, so then I looked at my statement, and noticed the following charges:
- A $345.88 purchase from a Hampton Inn & Suites in Clermont, Florida
- A $3,631.49 purchase from a Lowe’s in Brandon, Florida
Neither of those purchases were from me (though Brandon is awfully close to where I grew up), so I phoned up Chase.
The lady I spoke with confirmed that they sometimes send out fraud alerts regarding people calling from different numbers than what’s on file. These people usually try to get through the automated prompts to see how much credit is available, etc., and don’t actually want to talk to a human.
She also confirmed that these purchases were made in-store, so it seems that a copy was once again made of my card.
They’ll be getting me a new card tomorrow, though go figure the Sapphire Reserve is one of my primary cards, and I have that card saved to a lot of my profiles, so I’ll need to update that.
Bottom line
Credit card fraud happens, especially if you’re like me and have around two dozen cards. It’s not anything to be overly concerned about, or rather there’s really no way to prevent it altogether.
Every time I deal with it, though, I feel like I learn something new. This was my first time where a fraud alert seemed to happen because of someone calling Chase from a suspicious phone number, and go figure there were fraudulent charges to go along with that.
Has anyone else received a fraud alert regarding a phone number from which you contacted your card issuer?
Thats one of the stressful parts of keeping credit cards and knowing/not knowing someone using up your credit limit or messing with your credit score that way if you were never aware and/or notified but/ot did nothing.
My parents have had random fraudulent charges on their capital one cards for years. Capital one tells them don't worry about the charge and sends out a new card each time. I lost track how often this has happened. Certainly an inconvenience.
I had a chase marriott card. I notified chase i will be out ok f the country from 6/1 to 6/14. I actually used the Marriott card at Marriott on 6/2 and 6/5 in japan. Yet somehow chase did not catch a fraudulent charge on 6/4 that was made in person in a state i do not live for approx 2.4k for pool supplies when i live in a major cuty in an apartment without a pool. I couldn't believe they did not catch that.
Years ago i had a situation with chase where fraudulent charges were made on my card. The representative was very accusatory and would not remove the charges. It was an extremely unpleasant situation so dont just assume chase will akways back you up.
I love Chase, and feel pretty secure with them. NOTE: they don't want to cover fraud in your name any more than you do! I once got a call about someone using my account to charge motorcycle parts in Arizona. You got it - me, never a motorcycle, never in Arizona. I hadn't activated the last card on the account they'd sent me, but it seems that doesn't really matter. They were great about shifting...
I love Chase, and feel pretty secure with them. NOTE: they don't want to cover fraud in your name any more than you do! I once got a call about someone using my account to charge motorcycle parts in Arizona. You got it - me, never a motorcycle, never in Arizona. I hadn't activated the last card on the account they'd sent me, but it seems that doesn't really matter. They were great about shifting the credit balance to the Chase card I did use at the time, and hunting down the motorcycle rider (or so I assume).
I think anyone who is interested in this points hobby should be concerned with fraud. Those are real costs that someone is bearing. Eventually that will boomerang back to us with less attractive offers from banks or less acceptance by merchants.
as you say, if there are fruadulant entries on your card statement, you don't pay them. End of.
I worry much more about fraud on my savings and brokerage accounts.
How about this doozy of a fraud prevention fail at Citibank. This was about a year ago. I withdrew money from a 7-Eleven ATM (they have an ATM partnership with Citibank), an ATM I use regularly. I checked my mobile app balances later that day and noticed that literally twenty minutes after my withdrawal in New Jersey someone on Sunset Blvd in Los Angeles withdrew $200 four times in a row. How on earth did...
How about this doozy of a fraud prevention fail at Citibank. This was about a year ago. I withdrew money from a 7-Eleven ATM (they have an ATM partnership with Citibank), an ATM I use regularly. I checked my mobile app balances later that day and noticed that literally twenty minutes after my withdrawal in New Jersey someone on Sunset Blvd in Los Angeles withdrew $200 four times in a row. How on earth did the fraud software not pickup on this, I have no idea, but it cost Citibank $800 that they refunded me for the fraudulent withdrawals.
I've had a number of fraud attempts. Most recently I used a debit card for the first time in many months at two bank ATMs, one in Amsterdam and one in Vienna a day or two later. The next day, someone had cloned the debit card and made two cash withdrawals at a bank in Seoul. I called my bank and they handled it pretty efficiently. Because I was traveling they put a lock on...
I've had a number of fraud attempts. Most recently I used a debit card for the first time in many months at two bank ATMs, one in Amsterdam and one in Vienna a day or two later. The next day, someone had cloned the debit card and made two cash withdrawals at a bank in Seoul. I called my bank and they handled it pretty efficiently. Because I was traveling they put a lock on my card but did not outright cancel it. That way if I needed to use it again, I could first call, unlock it, use the card, and then relock it.
Earlier in the year someone attempted to buy a new phone at a t-mobile store. I was alerted to the fraud, called my bank, and received a new card within a couple of days.
Over the past few years, I've had Citi replace a few cards, Chase replace one card four or five times in a few month stretch, HSBC replace multiple cards, US Bank replace a card, and Amex replace a card.
The systems for verifying suspicious transactions have greatly improved for most banks, and the 2FA for large online transactions seems useful as well as potentially reducing fraud.
"Never understood how/why Apple pay alerts to *all* charges made on the card, whether via Apple Pay or not."
It doesn't. It depends on card issuer and the settings.
I have South African credit cards with chip and PIN. In addition we get asked for a One Time Pin(OTP) on most internet purchases sent as a text message. Also a text after each purchase. I booked a local British Airways flight here in South Africa where they have a franchise and was caught when their records were compromised. My card was used for about$5000 worth of purchases in the Apple online store in the...
I have South African credit cards with chip and PIN. In addition we get asked for a One Time Pin(OTP) on most internet purchases sent as a text message. Also a text after each purchase. I booked a local British Airways flight here in South Africa where they have a franchise and was caught when their records were compromised. My card was used for about$5000 worth of purchases in the Apple online store in the UK. My bank reversed the charges virtually immediately and of course Apple UK did not send the goods. If physical goods had been paid for it may have been more difficult.Some HSBC customers are having trouble getting satisfaction from their bank and BA. South Africa is credit card fraud centre of the world(you thought it was only HIV). Be very careful here.
america needs to join the rest of the world in credit card security with chip & pin.
Regarding "why not chip and PIN?" I got a fraud alert call from Chase asking me if I still had my cards in my possession and if I made an in-store purchase at Walmart in San Leandro, CA. They had already declined the attempted in-store purchase. I asked the Chase agent if the card was entered via chip read or magnetic card swipe. It was swiped.
So until everyone worldwide switches to Chip and...
Regarding "why not chip and PIN?" I got a fraud alert call from Chase asking me if I still had my cards in my possession and if I made an in-store purchase at Walmart in San Leandro, CA. They had already declined the attempted in-store purchase. I asked the Chase agent if the card was entered via chip read or magnetic card swipe. It was swiped.
So until everyone worldwide switches to Chip and PIN and all gift cards and debit cards worldwide are Chip and PIN, the fraudsters will still be able to use fake magnetic stripe cards.
Ben must have a lot of credit cards floating on the dark web. We really can't do anything about card information being stolen but it doesn't mean you should sit down and let the fraudsters have a field day with both your info and card details.
It can go beyond them knowing where you live and how much you have on your card.
Do the best you can to AVOID fraudulent shops/cornershops/gas stations...
Ben must have a lot of credit cards floating on the dark web. We really can't do anything about card information being stolen but it doesn't mean you should sit down and let the fraudsters have a field day with both your info and card details.
It can go beyond them knowing where you live and how much you have on your card.
Do the best you can to AVOID fraudulent shops/cornershops/gas stations etc. If you can help it - Use CASH. Anything can be hacked these days but no crime in being super conscious. A
Never understood how/why Apple pay alerts to *all* charges made on the card, whether via Apple Pay or not. How do they get that info? Would love to hear an explanation of how that works and why they even have access to see other charges! I do like it as a security alert feature, but seems like more than Apple needs to know.
Chase is easy to set fraud alerts, $1.00 or over pushes an alert. Amex only allows $10.00 or more for alerts, but if the cards are in Apple Pay, “Apple Pay” will alert to any charge.
I have experienced fraud on all of my credit cards with surprising frequency. I now receive texts and emails when any transaction is made and have caught all instances of fraud on my accounts before the credit card companies. So I have zero confidence in their fraud prevention capabilities. Chase has though denied valid charges a multitude of times without even contacting me which is incredibly frustrating.
Amex is on the ball had them call me twice on fraud chgs one for a grand and one for 800. Overnite new cards. MC I had a lame chg had to beg for a fraud investigation.
I just got hit for the first time with a fraud attempt on one of my Amex cards. Amex caught it immediately and denied the charge then texted me a fraud alert. It was for $24xx at some sketchy website. When I texted back "2" to indicate I did not make the charge within a couple of minutes I had someone from their fraud team calling me. I told them I did not make the...
I just got hit for the first time with a fraud attempt on one of my Amex cards. Amex caught it immediately and denied the charge then texted me a fraud alert. It was for $24xx at some sketchy website. When I texted back "2" to indicate I did not make the charge within a couple of minutes I had someone from their fraud team calling me. I told them I did not make the charge but I would have to call them back since I was not familiar with the number that they called on. The only really bad side of it was waiting for the new card to arrive.
I was pretty impressed with Amex catching and denying the fraudulent charge immediately. Amex fraud detection is very good. I had problems a few years ago with Chase denying valid charges as potential fraud and then immediately disabling my card, which upset me, especially since back then they did not even notify me they shut down my card for hours or until the next day even though I was signed up for notifications. I would only find out they disabled my card by using it and getting rejected. After that it took a call to the Chase fraud department to verify my activity before they would reactivate the card. They seem to have improved their fraud detection algorithms since I have not been blindsided by Chase in a while but I still have a bad taste in my mouth remembering how many times they silently shut my card down due to their incompetence.
@Lucky, there's a pretty interesting VICE news piece on credit card fraud from a few months back. Its gotten so simple, you can buy numbers/pins from websites on your phone. You can buy blank credit cards stolen from suppliers, and then use a pretty simple press machine to hammer the numbers in. More sophisticated fraudsters also have the machine that imprints the magnetic data into the strip so it swipes.
I actually think the push...
@Lucky, there's a pretty interesting VICE news piece on credit card fraud from a few months back. Its gotten so simple, you can buy numbers/pins from websites on your phone. You can buy blank credit cards stolen from suppliers, and then use a pretty simple press machine to hammer the numbers in. More sophisticated fraudsters also have the machine that imprints the magnetic data into the strip so it swipes.
I actually think the push for metal cards with engraving numbers comes with the added bonus of helping combat this, despite the obvious higher cost. As others note the bank is often on the hook for the cost of the fraud, so its probably cheaper to get everyone metal cards than to keep paying out sums to retailers.
In the report, the guy doing the fraud says he has no remorse because, as you say, the consumer is rarely if ever on the hook, as long as they pay attention to their statements. He has no empathy for the banks themselves, but as others above note, its often passed on to the consumer in some way or form.
I had my card info stolen and used in store at a Dicks Sporting Goods upstate New York while I was still in possession of my original card. In fact the fraudulent charge came within minutes of me using my card in New York City. Pretty easy one for the bank to catch.
Someday, somebody will explain why they did not go to card and pin.
The only serious danger is with debit cards. The fraud reporting requirements are much more stringent and your bank account could be frozen in the interim.
I suppose one pitfall of publicly disclosing which credit cards you have is that some people will attempt to use that information to commit fraud.
The fourth from last digit of your Amex number is the number of card numbers they have issued for you. When you have fraud (not renewals or upgrades), they issue a new card number and that end number goes up by one and the last number changes to something different which is random. My Hilton Honors Amex ends in 500#. In other words, stolen 5 times.
They caught it 4 of the 5 times before...
The fourth from last digit of your Amex number is the number of card numbers they have issued for you. When you have fraud (not renewals or upgrades), they issue a new card number and that end number goes up by one and the last number changes to something different which is random. My Hilton Honors Amex ends in 500#. In other words, stolen 5 times.
They caught it 4 of the 5 times before I even knew. Once they even called me in the middle of someone trying to make the purchases - $500 of cigars online didn't look like a typical purchase for me. They could see them try to run it again when I was on the phone with them.
Yes, the banks remove the fraud charges from your account, but either the bank or the retailer (in the case of the Lowe’s charge, one of them is eating $3,000), and that “cost of doing business” is ultimately passed on to consumers through fees, increased prices, and/or higher interest rates.
Gee, I wonder if chip and pin would have prevented this kind if fraud?
And if so, I wonder why US banks are so resistant to chip and pin?
Do they really expect us to believe that the cost of implementing chip and pin exceeds the cost of this kind of fraud?
Interesting how this has happened again with Chase.
I have only ever had fraudulent transactions on my CSR and CSP cards (and in both instances, Chase dealt with it in a very frustrating way).
I find Chase fraud prevention to be extremely weak. In one of the aforementioned instances, my Chase card was cloned and used to buy stationery (which I never buy) in California. The fraud took place mere hours after I...
Interesting how this has happened again with Chase.
I have only ever had fraudulent transactions on my CSR and CSP cards (and in both instances, Chase dealt with it in a very frustrating way).
I find Chase fraud prevention to be extremely weak. In one of the aforementioned instances, my Chase card was cloned and used to buy stationery (which I never buy) in California. The fraud took place mere hours after I had made (much more normal for me) in-person purchases in Washington DC (where I live).
I have never experienced fraud on any of my Amex cards, and find Amex fraud prevention to be excellent. If ever there is a transaction Amex is not sure about, I get a notification on my phone. I then approve the charge and swipe again. Chase just seems to authorise the charges and I have to deal with the mess afterwards (including replacing all authorised user cards on my account).
@Jim F. - Police agencies "pursue and prosecute" individuals, not banks.
And yes, there have been many stories of that happening.
Here's what irritates me almost as much as the fraudster's actions -- when was the last time anyone heard/read about a bank actually taking action to pursue and prosecute these criminals? As long as banks regard multi-thousand charges to be written off as "the cost of doing business," this insanity will never end!
One benefit of linking one's card to Apple Pay is that when you get a new card issued, the new card is immediately available in Apply Pay.
As for the inconvenience of updating merchants with new card information, that is real. Although I noticed both AMEX and Citi (probably other banks, too) are able to notice recurring charges and allow them to go through using the old card information.
Danger! Danger! Danger!
Sounds like @walter works for a local tv news channel or perhaps has been influenced by mission to attach danger to virtually every element of daily life.
To Lucky's point, at most it is an inconvenience to be without the card for a while and/or having to update vendors/merchants profiles.
I agree with Walter. It’s definitely an issue, and even more so if someone full blown steals your identity and starts taking out new credit cards in your name. It’s wrong to lull people into a sense of complacency.
@Walter
What exactly are the dangers of credit card fraud to a consumer who isn't completely ignoring their transaction history or statements?
do you not have the option of adding 2 factor authentication to your credit accounts?? that might help a lot
I know you make your living off of pushing people to have dozens of credit cards, but there's no need to minimize the dangers of credit card fraud.