I have just been sent a new credit card after the previous plastic was cloned and fraudulently used.
Now I know a random number is a random number, but I laughed aloud when I scratched off the PIN mailer to see "1111".
Apparently 20% of all PINs are accounted for by 0000, 1111, and 1234, so I'll change it.
I am genuinely surprised that the top ranking sequences aren't excluded from the default numbers issued. Assuming professional fraudsters are likely to try it, 20% chance of cracking the code in three goes isn't acceptable security.
Incidentally, the cloned card has never been out of my sight during a transaction. I'm pretty sure it was cloned by swiping at a fuel station about a month ago - I did the usual chip and pin thing and it rejected, and the assistant just took the card out and swiped it through the reader. The three fraudulent transactions were all swipes, not chip and pin.
|
>>I'm pretty sure it was cloned by swiping at a fuel station
What brand of petrol did you buy?
It may sound a bit of an odd question but my youngest son had a Bank card cloned probably at a petrol station - a particular chain was seemingly more vulnerable than others -they made off with £1,000 over a few days with cash transactions and somebody trying to buy a motorcycle in London whilst he was sat in an office in Norfolk.
Virgin refunded his account in a few days.
|
>> >>I'm pretty sure it was cloned by swiping at a fuel station
>>
>> What brand of petrol did you buy?
>>
>> It may sound a bit of an odd question but my youngest son had a
>> Bank card cloned probably at a petrol station - a particular chain was seemingly more
>> vulnerable than others -
Well the rumour mill says shell are vulnerable. I have only ever had one card cloned, an amex, and that was at a Texaco station, wheres never had one cloned at a shell station.
In truth, most of the the major chains filling stations are franchised, so its nothing to do with the brand of petrol. There was a group of franchisees that were found to be less than honest.
Last edited by: Zero on Mon 6 Oct 14 at 11:50
|
|
One of the benefits of buying supermarket fuel - don't have the same tendency to have one man manning at the PFS as the independent operators do. Or the same turnover of casual staff.
|
on a similar note - remember when these new "security numbers" were put on the backs of cards that were supposed to give an extra kevel of security?
How does that work in this instance ie dodgy staff, as you are always asked for this on any online or over the phone transactions?
|
>> on a similar note - remember when these new "security numbers" were put on the
>> backs of cards that were supposed to give an extra kevel of security?
>>
>> How does that work in this instance ie dodgy staff, as you are always asked
>> for this on any online or over the phone transactions?
Not much use in that scenario but IIRC the 3digit number on reverse isn't captured when card is used in a C&P terminal or mag strip swipe whereas card number, expiry, issue number etc are.
Intention was to provide extra security for cardholder not present transactions which were being carried out on data stolen from receipts and legitimate swipes as well as clones. That security is now augmented bt 'verified by visa' an such like using randomly chosen letters from a secret word.
|
>> One of the benefits of buying supermarket fuel - don't have the same tendency to
>> have one man manning at the PFS as the independent operators do. Or the same
>> turnover of casual staff.
or use the CnP reader in the pump.
|
>> or use the CnP reader in the pump.
>>
What, and not get a nice warm latte? Life wouldn't be worth living!
My card was cloned at Shell Leatherhead (now a BP) but the gang was caught before my card was abused.
|
>> Well the rumour mill says shell are vulnerable.
Not a rumour. Shell in the Esher area was hit.
>>.. I have only ever had one card cloned, an amex, and that was at a Texaco station, wheres never had one cloned at a shell station.
>>
I had my John Lewis CC hit.
I used it ( fortunately ) at 9pm at a Tescos near Heathrow and three hours later it was used three times in up state three hours later.
JL security systems flagged it up and I got a call at home at 9am the next morning.
" I am guessing you are not in the USA and permitting someone to use your card?"
My card was credited for the $$s but I had to ask for more £s as the exchange rate had changed to the worse.
|
Shell stations round here were rumoured to be vulnerable. Some link with Sri Lanka/Tamil conflict IIRC. The filling station at Weedon Crossroads was also said to have problems to extent that many locals would only use cash there. Mrs B witnessed an incident where a customer was alleging that he'd observed his card being mishandled in some way.
It's since changed hands and been completely rebuilt under the BP/M&S flag.
Only time I've had a problem it was telephone banking with money siphoned from savings to current account and then to a Mr Boreham.
Santander refunded the cash and set us up a new account but it was a fraught process as they failed to carry over all my DD's so various memberships etc went unpaid over next year. Other problem was that it first came to light when I logged in an hour before we left for Scotland intending to transfer a few quid savings>current.
They let me have a load of cash over counter on Northampton but were less than understanding of problems communicating with me in an area with no mobile coverage and nearest Santander a three hour ferry crossing plus long drive away.
|
>> >> Well the rumour mill says shell are vulnerable.
>> Not a rumour. Shell in the Esher area was hit.
My card was cloned at a shell garage in Surrey. I was told the Tamil type story.
I got absolutely no help at all from Shell, so now I never use a Shell garage for anything.
|
>> >>I'm pretty sure it was cloned by swiping at a fuel station
>>
>> What brand of petrol did you buy?
I'm fairly sure that it was a Shell one - I had a couple of fill ups around that time at different places, and I remembered the swipe episode but wasn't certain of the outlet.
I was involved with the roll out of chip and pin for a retailer. There was certainly a concentration of problems involving Shell and Texaco stations soon after C&P came in, in about 2006 IIRC.
They involved a particular type of card reader, and somebody figured out how to overcome the tamper-proofing and inserted some circuitry to collect card data on a full C&P transaction. At one point Shell withdrew C&P from all its stations.
The 'brains' went to prison some time later, and got I think 3 years - a much better risk/reward ratio than armed robbery, considering the losses were estimated at £30m.
|
I have had my card cloned at a petrol station several years back on a swipe reader and had £4000 worth of goods taken off it in UK and Sri Lanka , money was refunded by the bank after a couple of phone calls.
I now always keep the card in view and cover the reader when entering the pin number....
|
|
Used a petrol station in Dunstable recently? I've heard rumours of cards being clone there, email me if you want to know which one.
|
>> Used a petrol station in Dunstable recently? I've heard rumours of cards being clone there,
>> email me if you want to know which one.
I don't think so - the prime suspect is in Leighton Buzzard. However one of the frauds was at Morrisons in Dunstable, a mere 8 miles away. So maybe the Dunstable gangs are spreading out:)
|
|
My card was cloned at a Shell filling station on Blue Bell Hill in Kent. They managed to transfer £3500 worth debt from someone elses CC onto my CC account. All done over the phone apparently. I asked if they didn't think that it was odd that I would want to do this and was told no ! Thousands of us were hit on this one, it made Watchdog I was told.
|
Can someone advice which is more secured means of paying - a debit card or a credit card?
Well, I understand cash is king but still want to compare between debit and credit card.
I guess credit card is probably safer as you don't give away details of your bank a/c as in debit card?
|
>> Can someone advice which is more secured means of paying - a debit card or
>> a credit card?
>>
>> Well, I understand cash is king but still want to compare between debit and credit
>> card.
>>
>> I guess credit card is probably safer as you don't give away details of your
>> bank a/c as in debit card?
Credit card fraud has far less hassle than debit card fraud. If your credit card is maxed out you can still get on with your life while its sorted out. If your bank account is cleared out thats a whole world of agro till you get it sorted.
|
>> Credit card fraud has far less hassle than debit card fraud.
>> If your credit card is maxed out you can still get on with your life while its sorted out.
>> If your bank account is cleared out thats a whole world of agro till you get it sorted.
>>
I agree. My bank card is only used to get cash at my bank or the Post Office.
I hope that reduces the risk :-)
All other transactions are on my CC to earn cash rewards.
|
Had my debit card cloned a few years ago at a supermarket filling station. Apparently they had a security camera right above the reader. First thing I knew about it was a call from the bank's security division asking if I'd been in Wroclaw in the past 48 hours.
Got the money back with not too much hassle, but it took about three weeks. I talked to a member of the bank staff afterwards who told me the only way to make CnP secure was not to use it.
|
Using a credit card for larger purchases will also get you the protection of Section 75 of the Consumer Credit Act. It makes the card issuer jointly and severally liable for the retailer's liability to you, which is handy when for example your tour operator goes bust after you have paid for your holiday.
I paid £200 of the cost of the last car I bought on a credit card for that reason, even though they charged me £5 fee.
|
I pay by credit card my missus tells me there is no money on it.
Maybe we should use cash again when buying fuel.I do sometimes .
|
You know where you are with cash. Card transactions other than the money machine, especially big ones, always make me a bit paranoid. All you guys with your wallets full of black and gold Amex cards and special Coutts' code numbers make me feel awfully shabby.
I seem to remember that the first money machine was at Heathrow. I certainly remember people racing out there in stolen Lancias and hired Ford Zodiacs on cash expeditions in the middle of the night. Later one appeared in Knightsbridge, then soon they were everywhere. It's all a bit of a blur, like my financial accounting system actually.
|
When younger I used to think I was desperately cool because of the huge credit limits on my cards - Then I worked it out. Now, I have tiny limits on all my cards except one. And that one rarely exits my wallet.
Also, and I don't know if this is just a US service, I can log onto my bank account and request one-off card details for a [any provided my account covers it] specific ceiling amount.
I.E. I want to buy a flight on the internet for £1,956. I log on to my bank account and request card details for £2,000. It provides all the details you would expect, including the 3 digit security number. The card is a "Black" card - which I am not entirely sure about the relevance of, I thought "Platinum" was best but even then I'm not sure how it matters.
I then buy the flight with these card details, and my bank account is eventually charged the exact amount. The card number cannot be used again so the fact that there is a balance is not relevant. Albeit that the balance is not released until the actual charge is received.
I reckon that's about as secure as it gets.
|
>> Now, I have tiny limits on all my cards except one. And that one rarely exits my wallet.
Are you boasting about being a tight git FMR? No, you can't be.
:o}
|
(Now changed!) but my Nationwide debit card came with the PIN set to 1234, and the credit card to 1212. Obviously a statistical glitch, but interesting.
The PIN I use for opening doors at work is entirely unmemorable so to help I set all the other cards to the same number. It didn't really seem to make much difference, since I still seem to spend too much time pausing over the chip 'n' PIN machine.
Wish Nationwide would get over their Luddite tendencies and give us the contactless payment option. Or might just change back to 1234...
|
|
Oooh... just looked on the Nationwide website, they've finally pulled their finger out and offer contactless payments. New card on its way... :-)
|
>> offer contactless payments.
They still sometimes prompt for a PIN as well though.
Last edited by: VxFan on Wed 8 Oct 14 at 09:33
|
|
A memorable pin number is easy for me, being ex navy I know a number which I will never forget and I am surprised is not branded onto me. Four of these six numbers works for me. A National Insurance number could be used in the same way.
Last edited by: Old Navy on Wed 8 Oct 14 at 09:24
|
>>
>> A National Insurance number could be used in the same way.
>>
I'd be very chary of using one's NINO since (without so far as I'm aware any legal sanction) it is now used for many more purposes than Social Security. I've recently had to quote it to get a photo driving licence and for electoral registration purposes.
Been written down too many times and stored on too many databases.
|
>>A memorable pin number is easy for me, being ex navy I know a number which I will never forget and I am surprised is not branded onto me.
Oh dear. You've just compromised your security. Your service number is almost certainly readily available online through e.g. back issues of The London Gazette.
Now, obviously, I don't know your real name, but the internet is so small that probably somebody on here does. (There's a poster on here whose daughter I'm friends with, but he doesn't know it, and there's another poster on here whose wife knew somebody I knew.)
|
>> Oh dear. You've just compromised your security. Your service number is almost certainly readily available
>> online through e.g. back issues of The London Gazette.
Not everyone's is in the london gazette you know ;-)
|
>>
>> Oh dear. You've just compromised your security. >>
I doubt it, anyone would have to identify me, OK not difficult, but then find the number, and work out the selection that I use, and in what order. I also change it regularly. Hardly worth it for the odd three or five bob I have to my name.
Last edited by: Old Navy on Wed 8 Oct 14 at 15:08
|
>>Hardly worth it for the odd three or five bob I have to my name.
You mean you blew all your cash on that new Yaris? ;>)
|
Yup, just an impoverished pensioner.
And there is the cruise next month, really skint now. ;>)
Last edited by: Old Navy on Wed 8 Oct 14 at 17:00
|
Choosing a PIN code - today's first world problem - Falkirk Bairn
