Bank and Credit Card Fraud

Banking and Saving strategies, maximizing interest rates, budgeting, GICs, HISAs.
User avatar
Bylo Selhi
Veteran Contributor
Veteran Contributor
Posts: 29493
Joined: 16 Feb 2005 10:36
Location: Waterloo, ON
Contact:

Post by Bylo Selhi »

kcowan wrote:The main aggravation is informing suppliers who charge to the card about the new number.
Which is why I suggested having a separate, low-limit card just for potentially risky transactions.
brucecohen wrote:When I went through that, it occurred to me that it's ripe for a web-based subscription service. You'd pay $10 once or maybe $1-$2/year and register your payees. If the card is cancelled, you contact the service and the service contacts all vendors.
Someone (IIRC PC Insurance) sent me something like that with a renewal. It was a sheet on which I was supposed to record all my credit card numbers and related information, then fax/mail it back to them. Then if my wallet got lost they'd look after contacting the entries on my list. This was a free service but I balked at the idea of sending such information to anyone, however well-intentioned they might be. (How their lawyers allowed them to enter into this potential landmine field of liability is also a mystery.)

Part of the problem with such a service is that the party who offers it has to be able to prove their legitimacy and their authorization to act on your behalf.

A related problem arises when you get a new credit card to replace an expired one. The CC number is the same but the expiry date changes. Some CC companies will not process recurring charges, e.g. monthly utility bill that's charged to their card or a gasoline key fob) unless the expiry date they get from the merchant is unexpired. So you have to remember the names of everyone you deal with in this way and contact them to provide your new expiry date. Surely there must be a better way for the industry, both merchants and CC companies, to handle this.
Sedulously eschew obfuscatory hyperverbosity and prolixity.
marty123
Veteran Contributor
Veteran Contributor
Posts: 2950
Joined: 23 Feb 2007 13:36
Location: Ontario

Post by marty123 »

Bylo Selhi wrote:
kcowan wrote:The main aggravation is informing suppliers who charge to the card about the new number.
Which is why I suggested having a separate, low-limit card just for potentially risky transactions.
When my card was compromised, BMO told me that they'd continue to pay the pre-authorized monthly transactions for 30 days to give me time to change the info. They were showing on my new account.
brucecohen wrote:When I went through that, it occurred to me that it's ripe for a web-based subscription service. You'd pay $10 once or maybe $1-$2/year and register your payees. If the card is cancelled, you contact the service and the service contacts all vendors.
Someone (IIRC PC Insurance) sent me something like that with a renewal. It was a sheet on which I was supposed to record all my credit card numbers and related information, then fax/mail it back to them. Then if my wallet got lost they'd look after contacting the entries on my list. This was a free service but I balked at the idea of sending such information to anyone, however well-intentioned they might be. (How their lawyers allowed them to enter into this potential landmine field of liability is also a mystery.)

Part of the problem with such a service is that the party who offers it has to be able to prove their legitimacy and their authorization to act on your behalf.

A related problem arises when you get a new credit card to replace an expired one. The CC number is the same but the expiry date changes. Some CC companies will not process recurring charges, e.g. monthly utility bill that's charged to their card or a gasoline key fob) unless the expiry date they get from the merchant is unexpired. So you have to remember the names of everyone you deal with in this way and contact them to provide your new expiry date. Surely there must be a better way for the industry, both merchants and CC companies, to handle this.
All the banks offer this service. Some even branched out to hold copies of driver's licenses, passport numbers, health card numbers, etc.

They mostly use a CWT (Carlson) service called "Card Assist". TD says CardAssist will even remind you of your wife's birthday for the same price.

http://www.tdcanadatrust.com/tdvisa/cardassist.jsp

http://www.rbcroyalbank.com/RBC:R9GI2I7 ... _plus.html
User avatar
Bylo Selhi
Veteran Contributor
Veteran Contributor
Posts: 29493
Joined: 16 Feb 2005 10:36
Location: Waterloo, ON
Contact:

Post by Bylo Selhi »

marty123 wrote:When my card was compromised, BMO told me that they'd continue to pay the pre-authorized monthly transactions for 30 days to give me time to change the info. They were showing on my new account.
But you still had to identify all the preauthorized transactions and contact the merchants individually. I'd like to see that handled automatically, probably by the CC company, when they issue a replacement card.

Hint: If they'd just routinely flag every preauthorized transaction on every statement we could just scan our last few statements looking for such flags in order to quickly determine who needs to be contacted. (Or maybe they could just accept preauthorized transactions, regardless of expiry date, from trusted merchants like major utilities.)
All the banks offer this service. Some even branched out to hold copies of driver's licenses, passport numbers, health card numbers, etc.
Yes, I know. TD offers that to me regularly. However, there was something extra in this offer that I can't recall now that made it even more useful. Moreover it was a free service. Nevertheless, do you trust any large organization in which potentially 1,000s would have access, with all that information?
Sedulously eschew obfuscatory hyperverbosity and prolixity.
marty123
Veteran Contributor
Veteran Contributor
Posts: 2950
Joined: 23 Feb 2007 13:36
Location: Ontario

Post by marty123 »

Bylo Selhi wrote:Yes, I know. TD offers that to me regularly. However, there was something extra in this offer that I can't recall now that made it even more useful. Moreover it was a free service.
Carlson charges $30/yr. CIBC passes on part of its volume discount and reduces it to $25. RBC marks it up to $40 :roll:, TD offers it for free with their Elite and Travel cards.

By the way, this service does change your pre-authorized payment arrangements.


Fraudulent charges protection
Secure registration of all credit, debit and charge Cards and cancellation of lost and stolen cards
Automatic card reissue
Mobile phone registration
Important Document Registry
Globally accessible 24/7 multilingual service centre
$500 Card Theft Reward.
Emergency Cash Transfer
Emergency Airline Tickets
Emergency Message Relay
Travel Voicemail Service
Luggage Recovery Tags
Important Date Reminder
Change of Address Service
Pre-Authorized Payment Change Service
Lost Key Return Service
Secure Website

Nevertheless, do you trust any large organization in which potentially 1,000s would have access, with all that information?
Yeah right! Nevermind that all banks use that service, Cardassist says my info would be well protected, so I'm sure that would stop any identity thief right in his track. :D
User avatar
IdOp
Veteran Contributor
Veteran Contributor
Posts: 3873
Joined: 16 Feb 2006 11:27
Location: On the Pacific sea bed, 100 mi off the CA coast.
Contact:

Post by IdOp »

gas station
Not all stations have this, of course, but I swipe the CC myself right on the pump. Is there likely to be much security problem with this? Saves time anyway.
marty123
Veteran Contributor
Veteran Contributor
Posts: 2950
Joined: 23 Feb 2007 13:36
Location: Ontario

Post by marty123 »

IdOp wrote:
gas station
Not all stations have this, of course, but I swipe the CC myself right on the pump. Is there likely to be much security problem with this? Saves time anyway.
The concern at gas stations is not with pay-at-the-pump, which is likely one of the safest way to use a CC. Gas stations are notorious for having transient employees and old style CC processing equipment (which print the full CC number on the slip). That also makes them prime target for unscrupulous people and gangs. Gas station scams typically take place when an employee compiles credit card numbers, expiry dates, full names and even the 3-digit security PIN numbers from people that pay at the counter, or even worst, from those that stay in the car while the nice attendant goes in to process the card.

I try to avoid paying at the counter for a gas station. If I do, I go in with the clerk to make sure that my card is only swipped once. I also make sure the full number doesn't appear on the slip. If the full number shows on the slip, I black-out the first 12 digits and payment goes through anyway despite what the panicked clerk may say.
User avatar
IdOp
Veteran Contributor
Veteran Contributor
Posts: 3873
Joined: 16 Feb 2006 11:27
Location: On the Pacific sea bed, 100 mi off the CA coast.
Contact:

Post by IdOp »

Thanks marty123, I was hoping the situation would be similar to what you described, though wondered if there had been instances of the info being intercepted the way you sometimes hear about debit card hardware being hacked by a vendor. Anyway, it's funny I never seem to see anyone else pay with their CC at the pump, they all walk into the booth. Weird, since it is so convenient and apparantly much safer.
User avatar
Bylo Selhi
Veteran Contributor
Veteran Contributor
Posts: 29493
Joined: 16 Feb 2005 10:36
Location: Waterloo, ON
Contact:

Post by Bylo Selhi »

IdOp wrote:wondered if there had been instances of the info being intercepted the way you sometimes hear about debit card hardware being hacked by a vendor
Yes, it's been reported regularly in SW ON and, I imagine, elsewhere. It can happen at gas stations, variety stores, ATMs, etc. with both credit and debit cards.

But since you're on the left coast you have a new CC issue to worry about. Pre-paying for gas can leave you broke, says B.C. driver
The only way to prevent getting hosed at the pumps is to pay with cash, says Barbara Donnelly of Keremeos, B.C. When she bought a small amount of gas Tuesday, Donnelly said the Hilltop Esso gas station put a $100 hold on her credit card. "I bought $10 worth of gas then … I went in to buy some groceries on my way home and my card was declined and I know I didn't spend that much," Donnelly told CBC News Wednesday...

Donnelly said she was unaware that gas companies are allowed to put a $100 hold on patrons' credit cards if they are only buying a small amount of gas...

The same practice applies to patrons using debit cards for fuel, Munroe said. The computer pre-authorizes and freezes that $100 in the debit card account. If a customer does not have $100 in the bank, they cannot buy gas...
Sedulously eschew obfuscatory hyperverbosity and prolixity.
User avatar
AltaRed
Veteran Contributor
Veteran Contributor
Posts: 33398
Joined: 05 Mar 2005 20:04
Location: Ogopogo Land

Post by AltaRed »

IdOp wrote:Thanks marty123, I was hoping the situation would be similar to what you described, though wondered if there had been instances of the info being intercepted the way you sometimes hear about debit card hardware being hacked by a vendor. Anyway, it's funny I never seem to see anyone else pay with their CC at the pump, they all walk into the booth. Weird, since it is so convenient and apparantly much safer.
I find that strange too. But then, how many people do you see come out of the booth/store with nothing else in their hands? The owner/operator makes more off ancillary sales than he/she does from gasoline sales.
mpav
Contributor
Contributor
Posts: 540
Joined: 12 Jul 2007 13:30
Location: Toronto/Croatia

Post by mpav »

Just a comment as I am in the credit card industry, and the majority of frauds are not actual stolen cards, but as people have mentioned cards that are double swiped and then duplicated.

Vendors will swipe in a mag card reader, and then copy it to a another blank one (or rewrite over another credit card) and simply go to a connection and try to make purchases....only the rookies try and buy stuff at stores without knowing some one on the inside.

From my perspective, the best way to prevent it is keep the card in sight, and watch for an odd process (two swipes), and a big problem would be solved.

One day we will move to chip technology (a la Europe) and it will reduce the problem greatly.
User avatar
Bylo Selhi
Veteran Contributor
Veteran Contributor
Posts: 29493
Joined: 16 Feb 2005 10:36
Location: Waterloo, ON
Contact:

Post by Bylo Selhi »

mpav wrote:One day we will move to chip technology (a la Europe) and it will reduce the problem greatly.
"We" already have here in the World's Top Intelligent Community ;)
Sedulously eschew obfuscatory hyperverbosity and prolixity.
biker
Veteran Contributor
Veteran Contributor
Posts: 2488
Joined: 19 Feb 2005 08:57

Post by biker »

My biggest concern is when in a restaurant and the card is taken away for bill processing.
Gas stations are not an issue imo since I always use the card to pay at the pump.
Live like you are dying but invest like you are immortal.

"Men do not quit playing because they grow old ; they grow old because they quit playing" Oliver Wendell Holmes
bender
Contributor
Contributor
Posts: 255
Joined: 12 Apr 2005 05:34
Location: BC and beyond

Post by bender »

My personal and business cards have been compromised several times, but I travel a lot internationally. The problem seems to be mainly with retailers and gaping holes in the security of financial service providers. The good news is that its getting easier to wipe the bad transactions and get a replacement card without a fight. The last problem occurred a few months ago, when transactions showed up in a country that I had never traveled to :lol:

Another problem is that some cards/banks tend to be very trigger happy not authorizing international transactions (despite my phone calls) so I carry multiple cards.
User avatar
millergd
Veteran Contributor
Veteran Contributor
Posts: 2231
Joined: 30 Dec 2005 23:26
Location: Ottawa

Post by millergd »

Credit card and debit fraud is downplayed by the banks because they want you to spend, spend, spend. One of the regional newspapers (Montreal Gazette, Ottawa Citizen, ?) wrote an article on debit card fraud earlier this year. On the record, the banks indicate that they "can't disclose information about the crime due to the ongoing police investigation." However, the article states that the banks themselves often withold the information simply because it scares consumers into putting that plastic back into their wallets. That means fewer credit card transaction fees for the bank, and fewer 20% APR balances getting maxed out each month.

It's also worth reading the fine print on your bank's policy on PIN fraud and understanding exactly what precautions you need to take to be eligible. Some banks will not come to your fraud defense if you haven't followed their requirement that you change your PIN number periodically. And they don't send reminders.

Had my own card number lifted 4 years ago...Amex was great in resolving things after being tipped off by a keener pizza delivery guy. He noticed that the signatory was an ethnic minority with a thick foreign accent did not exactly look or talk like a Miller stereotypically would. The fraudster had lifted my number, but not my actual credit card, so he could only buy mail order products, pizza, stuff like that. Foolishly enough, he used his own address, and the mail order tooth whitening company I called (after seeing their phone number on the statement) happily disclosed his address back to me when I explained the situation.

The only thing that could be more foolish was the Ottawa Police service's great crime solving efforts. In checking up several months after filing the police report, they had no progress to report, even though I had given them the address and name of the person. Then again, the Ottawa Police have a track record of looking gift horse criminal cases in the mouth. Bottom line, don't be surprised when your case becomes nothing more than statistical fraud data.

To blonde's idiom, don't trust anyone. Including your bank.

~millergd~
“It is to be regretted that the rich and powerful too often bend the acts of government to their selfish purposes.”
--Andrew Jackson, 7th President of the U.S., after vetoing the 1832 act to recharter the Second Bank of America
User avatar
Bylo Selhi
Veteran Contributor
Veteran Contributor
Posts: 29493
Joined: 16 Feb 2005 10:36
Location: Waterloo, ON
Contact:

Post by Bylo Selhi »

millergd wrote:credit card fraud... fewer 20% APR balances getting maxed out each month... don't trust anyone. Including your bank.
All of those phrases segue nicely to this recent CBC story, Skeptics surprised after negotiating lower credit card rate
The experiment was hardly scientific, but the outcome should give hope to people struggling to pay off their credit card balance every month.

Ten shoppers were approached by the CBC at random at a Winnipeg mall and given a script to read to their credit card company, asking for a lower interest rate. Six were promised a lower rate by identifying themselves and simply following the script: "I think I've been a good customer. I'd like to stay with you, but I really want you to lower the rate on my card. Can you help me?" If the initial response was no, they asked to speak to a supervisor and make the same case again.

Shopper Leanne Goose seemed skeptical at first that haggling would work, but now says she's "very pleased" that her rate has gone from 18.9 per cent to 10.9 per cent. "It hadn't even occurred to me to ask," she said. "When they sent the card and told me what my rate was, you just kind of accept it and get on with your day."

Another participant, Rickey Peterson, said he almost never carries debt on his card. Still, he said he found it "pretty surprising" that his credit card company was willing to lower its rate to 11.5 per cent from 19.5 per cent.

It took Brad Blakley five minutes to lower his rate by nine per cent, shaving it by half from 18 per cent. "I'm shocked. Thirty years of paying 18 per cent when I could have been getting nine per cent," he said.
Not that I'd counsel anyone to run a balance on their credit card even at a mere 9%, but if you must, 9% beats 19% by a country mile.

P.S. The BoC rate these days is 3.5%. That's a spread of 6% to 16%. Even after allowing for credit card fraud, bad debts, etc. it's no wonder some banks can pay out dividends of 6%. When dealing with our banks it's better to be a payee than a payer ;)
Sedulously eschew obfuscatory hyperverbosity and prolixity.
worthy
Veteran Contributor
Veteran Contributor
Posts: 4117
Joined: 27 Mar 2005 09:58

Post by worthy »

My $14 charge at CDNTire was declined this evening. I called Citibank, who told me they were on the alert after they declined a $5,070 charge two days ago. However, over the past week they let through four charges totalling $1,600. I cancelled the card and they will be sending me a "dispute" letter. I still haven't resolved more than $300 in fraudulent charges on a CIBC card. CIBC said it's up to me to deal with the merchants! (Bell Mobility and the City of Toronto.)

I take every precaution. No restaurant meals. Pay gas at the pump. And I'm still getting dinged.
"Every decent man is ashamed of the government he lives under." H.L.Mencken
User avatar
adrian2
Veteran Contributor
Veteran Contributor
Posts: 13333
Joined: 19 Feb 2005 08:42
Location: Greater Toronto Area

Post by adrian2 »

worthy wrote:I take every precaution. No restaurant meals. Pay gas at the pump. And I'm still getting dinged.
If you pardon my curiosity, were you shredding your credit card statements?
dimo
Newcomer
Newcomer
Posts: 4
Joined: 02 May 2008 00:23

Post by dimo »

Even if you haven't done any purchase online using your credit card there might be still danger for your personal data in these cases:
1. If you have clicked any link or replied to the phishing email informing them about your credit card number and so on.
2. Or while doing shopping offline your card's data as well as PIN code was stolen by fraudsters that used a special device to filme the moment you were typing your data.
worthy
Veteran Contributor
Veteran Contributor
Posts: 4117
Joined: 27 Mar 2005 09:58

Post by worthy »

were you shredding your credit card statements?
Yes.

Only twice this year did I pay for gas at an inside register. I saw only one swipe, I thought.

Of course, all it takes is anyone working at any of the various merchants to see the number. Citibank would not tell me how the charges were put through--in person with a card or, as in the past, by telephone for sex lines etc.
"Every decent man is ashamed of the government he lives under." H.L.Mencken
agape
Contributor
Contributor
Posts: 725
Joined: 04 May 2005 08:18
Location: Ontario

Post by agape »

Credit card fraud is rampant and nowhere is that more prevalent than on the internet.

Buyer beware where credit cards are concerned. They were not developed for web based e-comm applications and predate the internet.

Payment processors that are debit systems are a much better and safer route where a login to the payment processor is part of the security protocol. No special login to any financial institution of any kind is required for the purpose of credit card transacting on the internet. Credit card info is simply entered and "presto", the transaction can be completed.

The chances of anyone compromising your payment processor account would be about the same as someone breaking into your online bank account.

Not all online merchants accept payment processing methods of payment. Change takes time. If an online merchant is not set up to accept payment in a method other than credit card, I would suggest that you send them an email, show interest in the product or service and protest.

Payment processors protect both parties in a superior fashion, as compared to credit cards.
"Paper is poverty,... it is only the ghost of money, and not money itself." --Thomas Jefferson
User avatar
martingale
Veteran Contributor
Veteran Contributor
Posts: 1099
Joined: 20 Feb 2005 14:13
Location: On The Customers' Yacht
Contact:

Post by martingale »

Many credit card transactions these days are verified at the Visa site by Visa, not on the vendor's site. I know I routinely am asked to type in my password on a Visa webpage. I agree that the gas station, restaurant, and anywhere else where they have physical access to your card in secret are higher risks.

That should improve in a year or two when the chips come out. Those have been around in Europe for years, not sure why Canada and the US have been so slow to adopt them.

In theory your risk with a credit card is also limited, to $50. Mostly that's true too--but you'll have to be able to convince the bank the charge was unauthorized. With debit products, though, there is no such guarantee--your money is considered stolen and you carry the full brunt of the loss.
[url=http://www.efficientmarket.ca/]Canadian Mutual Fund, ETF, and Self-Directed RRSP Advice[/url]
agape
Contributor
Contributor
Posts: 725
Joined: 04 May 2005 08:18
Location: Ontario

Post by agape »

With debit products, though, there is no such guarantee--your money is considered stolen and you carry the full brunt of the loss.
If I'm not mistaken, the thief would have to have access to your PIN, whether the debit system be a card or online (password). Personally , I don't know anyone who's been a victim of fraud on a debit system.

I'm sure the banks know millions of people, however. ;-")

The other end of the credit card scamming is by making merchants the needless victims. This recently happened to a business associate. He had an order for about $5000.00 worth of product to be shipped to Malaysia. He acquired a bank authorization based on the VISA that was used for the transaction. He got that authorization and shipped the product. He got a chargeback a week later in spite of the fact that he had the authorization. The card had been stolen.
No recourse. He had already shipped the product. Done.
"Paper is poverty,... it is only the ghost of money, and not money itself." --Thomas Jefferson
User avatar
Springbok
Veteran Contributor
Veteran Contributor
Posts: 5438
Joined: 22 Mar 2005 16:47

Post by Springbok »

agape wrote: The other end of the credit card scamming is by making merchants the needless victims. This recently happened to a business associate. He had an order for about $5000.00 worth of product to be shipped to Malaysia. He acquired a bank authorization based on the VISA that was used for the transaction. He got that authorization and shipped the product. He got a chargeback a week later in spite of the fact that he had the authorization. The card had been stolen.
No recourse. He had already shipped the product. Done.
When we had our business, we had the same thing happen. We received an order from Bellarus for some parts. Unusual, but after some correspondence it seemed these parts were not available there.

We were give a credit card number and we obtained an approval from Mastercard before shipment. About 2 weeks later we received another smaller order from same person. We proceeded as before.

About a month later, we received a notice from a Florida bank saying that one of their customer's cards had been used fraudulently. The deposits into our account were reversed. I did phone the owner of the card in Florida and they said they thought their info had been stolen when they made an internet purchase.

When we approached our bank (BMO), they showed us the small print that said that even if they gave us an approval, they were not responsible.

But, we had a good relationship with the local branch and in the end they refunded us about 50% of the value. We lost about 25%, if I recall on the transaction.

Unfortunately, the vendors are very much at risk when they accept credit cards over phone or over internet.
agape
Contributor
Contributor
Posts: 725
Joined: 04 May 2005 08:18
Location: Ontario

Post by agape »

Unfortunately, the vendors are very much at risk when they accept credit cards over phone or over internet.
With the internet becoming a greater medium for the sourcing and purchasing of products, I think we can expect the payment processing industry to explode. This is a competitive benefit to the market because they simply act as the conduits for money, not the creators. Money must be placed into the system from the outside. This creates better transparency. The independence of the services is a good thing.

There are processors in the market who charge less than 1% for a fee. I strongly feel that they will eventually integrate with ETF's so that wealth can be transferred directly to another party. It's a matter of industry growth and market demands. Why have a perfectly good ETF act as an investment vehicle , only, when it could also double as a money reserve?
"Paper is poverty,... it is only the ghost of money, and not money itself." --Thomas Jefferson
User avatar
ghariton
Veteran Contributor
Veteran Contributor
Posts: 15954
Joined: 18 Feb 2005 18:59
Location: Ottawa

Post by ghariton »

martingale wrote:In theory your risk with a credit card is also limited, to $50. Mostly that's true too--but you'll have to be able to convince the bank the charge was unauthorized.
It depends in large part on whether the purchases made with the stolen card fit into your usual profile or not. I have had cards stolen twice -- not over the Internet, but rather restaurants I believe. After looking at the purchases, the bank waived the $50 and charged me nothing.

Theft of my credit card number as a result of online payments is pretty low on my list of worries.

Georges
The juice is worth the squeeze
Post Reply