Our business credit card was hacked again. The last time the bank blocked the transactions because somebody tried to use it in America then in England . . . Nice and easy to spot.
This time 3 fraudulent purchases were made on Amazon. But Amazon blocked the card. WTF! The card was still functional, they could not get in touch with me because AFAIU they didn't know who was being billed?? The scammers try random card numbers by charging 0 pence to the card, if success then card can be used.
I called the bank and said "... fraudulent transactions ..." Straight away the guy asked was it Amazon? He said lots going on. Refunded straight away.
If I did not check the statements then I would not know.
Hope this helps and don't forget to share the info ;-)
Comments
That would mean my card number may have been leaked via a hack??
From
https://amp.reddit.com/r/theydidthemath/comments/6a9rxs/how_long_would_it_take_me_to_guess_the_16_digit/
See the comment: Card numbers aren't random.
The following restrictions apply to pre-paid Visa, MasterCard, and American Express cards:
- Amazon.co.uk doesn't support entering the three-digit CVV code normally found on the back of some cards. If the code is required by the issuing bank, payments may not process successfully.
It seems Amazon have other checks that are as secure as CVV so they don't need to use it. They are then liable for the loss but point is I never knew about the block, I didn't receive any email telling me I had made a purchase.There are people on the web saying they have registered new cards without entering CVV.
She gets a new card in the post, and exactly the same happens - insurance and takeaways.
She collects a third card, in person, from her bank and... insurance and takeaways.
So firstly, how are they hacking the cards so quickly when the numbers are different (could it be someone at Barclaycard?) and secondly, who is this fat bloke who needs all this insurance?
When I spoke to the bank to report the fraud all I said was:
"I'd like to report fraudulent purchases"
Without any further information he said:
"Was it on Amazon?"
After working through the details he said okay refunded. I asked what kind of method used here, should I monitor who has those card details for direct debit purposes? He then explained saying in this instance the fraudsters do not have any of my details, they use a random number, check card is valid etc.
Not so long ago, visa did not care if you made thousands of checks. I don't know if still the same.
Some figures suggest 80% of cards are compromised. AYK that is exactly what CVV is aimed to protect you from. They can skim care but they still need CVV. So only need to try 1000 numbers
Shockingly you can find a list on the web of companies that do not use CVV but trade online!?
As mentioned, because I am curious how this happened, I have come across lists of domains that take payments but do not require CVV check! Google Search on:
Cardable sites no CVV check 2019
Obviously I haven't confirmed those. I really would like to understand how they scanned that card but I don't think they will tell me a step by step. Magstripes contain personal information such as name etc but I was told that they did not use any other information about myself, they somehow registered that card on Amazon.