Debit / Credit card compromised

H3llR4iser

Really strange thing developed between last night and this morning.

Short recap - I received a text from Ulster Bank services last night inquiring about some Debit Card transactions; It's not the first time and I'm familiar with their system, which seems to be fairly effective. Normally, I would get a declined transaction and the text whenever I perform a number of successive transactions (e.g. buying something, forgetting some bits in the order and having to place a second one, or booking multi-leg flights).

Last night, the message concerned two transactions - one done at a place called "Palms Resort", for 1.74 Euro, then a Domino's "order" of 39.80 (which was refused and triggered the warning); They happened at 22.16 and 22.17 (Irish time) respectively.

No real damage was done (just the 1.74 to the "Palms Resorts"), had the card canceled this morning and have to give props to the Ulster Bank fraud prevention system for its effectiveness. They said they're gonna pass the details to the Police, which will then get in contact.

I'm curious to see if anyone else experienced the same transactions - I know Domino's has been a "hot spot" for CC number thieves to test their "merchandise" out; Also, one "interesting" bit is that this card was new - just sent to me in May. I haven't used it for anything out of the ordinary, just the same venues I used all my older cards with; I also never "leave" the card with anyone (e.g. give it to a waiter at a restaurant).

BuffyBot

ATMS can be compromised, online retailers have had issues, chip and pin terminals/POS systems has proven not to be foolproof ..there are a multitude of ways it could happen.

Fraud can come about from everyday use just as easy as the extraordinary.

boege

Had card hacked a few years back. Pattern was the same. Small hit first, usually under €5 and then a bigger hit, in my case a flight to Middle East for €3k. Was told by card fraud people that first hit was a test to avoid setting off alarms.

You card could have compromised any number of ways, including via hacking of someone's IT systems where details were kept, which is what turned out was happened can me. Big uk hobby store had database hacked.

H3llR4iser

boege wrote: »

Had card hacked a few years back. Pattern was the same. Small hit first, usually under €5 and then a bigger hit, in my case a flight to Middle East for €3k. Was told by card fraud people that first hit was a test to avoid setting off alarms.

You card could have compromised any number of ways, including via hacking of someone's IT systems where details were kept, which is what turned out was happened can me. Big uk hobby store had database hacked.

I'm currently inclined to think it must be something along these lines. I've spent half the evening checking every single transaction I made since the end of May (the card arrived to me around that time) and it's basically all the outlets I've always used with all my older cards. Nothing new, nothing "dodgy".

I'm also very aware about the ATMs scam, have family members and friends who underwent them, so I check for skimmers and keyboard readers every single time - I'm sure somebody is gonna call the guards on me at some point because "there's somebody trying to disassemble the ATM"

Atlantic Dawn

Were the transactions both listed as POS (Point Of Sale)?

Mrs OBumble

An organisation that I belong to chose one of the largest event booking and payment providers in the country to handle their event registrations.

A few weeks ago, members were forwarded an email from that provider saying that malware had been put onto their servers in late March this year, and that as a result many people had fraudulent transactions on their cards as a result.

Reading your post made me realise that I've seen nothing in the mainstream media about this. Googling for a link confirms this - they seem to have got away with very little publicity. Which is surprising.

PM will be sent in a few minutes.

H3llR4iser

So, update - 4 months ON THE DOT and the very same happens again. This time they've been a bit more daring, tried a bigger transaction which failed.

Which means the fraud is something more or less local, most likely involving a leak in an Irish business / payment services provider or maybe even a bank.

I'm trying to figure out what might be such source, cross referencing payment records from the last couple of weeks and those back in July. They don't seem to match at all for now, and I have ran repeated security and network activity scans for my equipment (phone and tablet were actually wiped clean), so I'm starting to suspect either a "physical" read (e.g. ATM camera) or some absolutely gigantic leak in the banking system.

Atlantic Dawn

Have you used the card online on your computer? Possibly malware logging your keystrokes and then sending to a third party?

H3llR4iser

Atlantic Dawn wrote: »

Have you used the card online on your computer? Possibly malware logging your keystrokes and then sending to a third party?

I'm a software engineer, plenty of security always running, there's no malware. Ran deep scans, nothing found - even a network traffic analysis comes back negative (basically, there's nobody connecting to my systems).
Besides, after the issue in July I wiped everything (computers, smartphone, tablet) clean just "in case". Said that in the previous post

I have managed to obtain some data that proves the scammer is here in Ireland...too big of a coincidence to be honest.

Atlantic Dawn

What I don't like is after you sign docs to say the fraud was not yours the bank never gives any feedback whatsoever as to how or who caused the fraud, it's a bloody joke.

kavanada

Check/think back if you have uploaded your card details to any online store so as to make future purchases quicker.

Sites like Hailo, various airlines, etc., might ask you to store your credit card numbers on their server. It's like leaving your credit card down at 20 restaurants at once.

You might be good at protecting your card physically but how good are these companies?

H3llR4iser

Now that I think about it, there are two - the gym and the internet provider; They both work just this way, you pay with your credit card and then keep billing you on it monthly.

Will need to run an experiment...any info on "prepaid" cards or even "virtual ones" I can get?

duffman13

H3llR4iser wrote: »

Now that I think about it, there are two - the gym and the internet provider; They both work just this way, you pay with your credit card and then keep billing you on it monthly.

Will need to run an experiment...any info on "prepaid" cards or even "virtual ones" I can get?

Get a revolut card but don't keep to much on it. Try it that way, the card is free and you can actually order more than one. Comes in handy for purchases in £ or $ aswell

tanit

H3llR4iser wrote: »

Now that I think about it, there are two - the gym and the internet provider; They both work just this way, you pay with your credit card and then keep billing you on it monthly.

Will need to run an experiment...any info on "prepaid" cards or even "virtual ones" I can get?

My vote is for the gym. If it's a small place the security they have might not be good and could be compromised very easily. Your internet provider is going to have better security basically there are more geeks. But keep us posted if you find out anything it could help other people.

H3llR4iser

tanit wrote: »

My vote is for the gym. If it's a small place the security they have might not be good and could be compromised very easily. Your internet provider is going to have better security basically there are more geeks. But keep us posted if you find out anything it could help other people.

Not very small, but still a relatively local business (chain of gyms across Dublin...you can easily guess which one it is). I emailed their support giving them heads up about a possible leak, they replied within the hour saying they're gonna run a full check this week, just to be sure...