Well, damn, credit card hacked!

The BBQ Pit
1

Today while I was going in for a lunch meeting, I got several sudden text alerts from my bank that my credit card had been used for transactions. They always send me an alert. BUt here I had not authorised any and there were several in a row, one after the other, same merchant, same amount, $44. And oh, BTW, my limit is nearing its end, so would I be a dear and take care not to go over.

I excused myself and called the helpline and eventually found an actual human to talk too. She said that in addition to the alerts I had received, there had been several other requests which had been declined. And yes, the limit the text message said I had is about the limit I have left, so it’s not a message error. Apparently, the software thought it was suspicious that the same merchant charged the same amount a few dozen times in a few minutes and declined the later requests. Really? Could you not have had the idea before my card was charged a huge amount and came near its limit?

She said I should have it blocked. No shit! I did. Do I want to dispute the charges? You mean the multiple near hysterical shouts of “I did not make these transactions!” did not give her some indication? Please send us a written letter. Not a email, or over the phone. A written letter, detailing the issue. WTF? Did so.

I also sent several stinkers to the merchant. They replied, rather miffed, no they had not charged anything to me. Its a reputable, Silicon Valley-based startup, not a Nigerian scam, so I mean should not be them…right? Bank says maybe I should not use inline transactions?

Some good news. This months closing was last Sunday, so its not in the next bill at least. They also said they have deducted the amount charged from my credit limit, but the transactions has not been entered into the next month’s pre-bill. So, has it been charged or not? Should I officially dispute it or not, until I get the bill? Moot point to an extent since the card is blocked and I don’t get a new one for 7-10 days.

I rarely use cash. Most of my spending is credit card or NFC. A lot of stuff is paid online through rolling monthly or weekly charges, and its going to be a pain to have to authorise every online payment in advance. Like Netflix, PrimeVideo, my internet, LTE, utility bills.

2

Wow, a written letter to dispute? When I had some charges up in Indiana (I’m in Florida) the bank alerted me, I said hell no, and they refunded the money. This was all done over the phone.

Dispute now. Keep on them, since they seem like knuckleheads.

3

Seeing the manager tommorrow. It did shock me, since *e**verything *is by phone or email or even text, I don’t know last time I wrote a letter.

4

Written? Fuck that. Get a card with a different bank.

5

Anytime I’ve had such an issue they alert me I’ve said, “Nay!”, and they had it refunded directly, cancelled the card and issued me a new one. Was all over in under two minutes. Over the phone.

Send a letter? That’s crazy!

6

Same here. Probably have had it happen to me about five times or so? Each time it was just a call, they cancelled the card, cancelled the charges, and sent me a new card. Easy peasy except for the part of me having to remember which accounts were connected to this card and update the information on those accounts to reflect the new card number. That was the real pain in the ass.

7

Really, I think that as a public service you should tell us the name of the issuing bank so any Dopers would know not to use them.

I’ve had my card hacked 2+ times. The + time was when the police arrested someone and found a list of credit card numbers which included mine. No purchases were made, but Discover canceled the card and sent me a new one. Every time it was handled over the phone. The last time I got a text asking if I’d made a purchase and to respond No if I had not. I responded No and they texted me to tell me to call the number on the back of my card.

Twice I’ve had the issuing bank alert me for legitimate charges. The first time my husband was in California on business and charged something at the same time as I charged something in Chicago. The second time I had purchased a number of books through abebooks.com. All the charges (from various places across the US) went through at the same time. That time they declined my card for those charges. It was a bit of a hassle for me me since I had to let Chase know they were legitimate charges and direct the booksellers to resubmit the charge, but I I’d far rather have that hassle than dispute a charge that had gone though. Now if I find myself in the same situation I call Chase first to let them know to expect several charges from bookstores in different locations.

8

No, that’s not how card systems work. Until it sees enough activity to trip the fraud algorithms everything will go thru. Two physical swipes in geographic distant locations minutes apart should trip it, multiple txns at the same merchant should do it after some number, but not knowing who the issuer is/what platform it is, I can’t say anything about the specifics although “a few dozen times” seems high. Have you never gone to the grocery store & forgotten to get something & run back in to buy it before ever leaving the parking lot? They have to allow a few txns before blocking a card.

It’s right there in the code .

Merchant may have nothing to do with it; scammer could have chosen them. In fact they may be the one ultimately eating the loss.

Getting the bill next month vs. this month only extends the time you have to dispute it. There’s no penalty in doing it sooner. By disputing it sooner rather than later, it will be cleared up sooner & your available credit will be returned to whatever it should be sooner.

9

Just because something is legal doesn’t mean it’s not a shitty practice. And, yes, they very well can detect fraud with a minimum of transactions. The same charge more than twice is almost certainly fraud. And there should be a cool down anyways.

10

I suppose that’s true, but for me, a single transaction in a place I’m not accustomed to buying stuff from or otherwise “unusual” has tripped the fraud algorithm for me. Sometimes it was me legitimately buying stuff in a geographic location I’m not known for frequenting. Other times it was some asshole halfway around the world trying to buy computer supplies. Maybe my bank is more paranoid than most.

11

Refresher: 3 Ways to Write a Letter - wikiHow

12

I got my card’s algorithm flagged for querying last month, when I picked up an unusually extensive prescription at my pharmacy.

13

My card has been spoofed or the number stolen several times. Usually I get an automated call from the issuing bank and a new card very quickly. No letters.

14

Mine got flipped right after I purchased my first Kindle. Because I purchased 10 books within 2 minutes and each one came through as a separate charge.

The other time it got flipped was when the cashier at a gas station made a mistake. I had a $393.00 repair done and he took my card and ran it for $3.93. Then, since we was unable to do math, he just voided that one and ran the correct charge.

15

Might have flipped anyway - per the internet, CC thieves will run a small transaction to see if the card is good, then a large one - so two in a row from the same location that were small/big may have tripped you anyway.

My wife was a convention in Vegas (at least that was her story). Tickets charged to a corporate account, so when she was buying some souvenirs the card was declined because Discover didn’t think she was in Vegas (probably especially so since I was using the card locally). I got an alert and verified she was legit and the card was turned back on (I think it was only off in Vegas, but don’t know that for sure).

16

Nothing in that says physical, ink-smears on dead tree is required. An e-mail is in writing. So is a text. Hint: the word “text” :wink:

17

This is legislation from the federal gubmint of 'Merica. In 1978 when it was written there was small subset of people who had email…like 50 & was 5 years after the very first cell phone call, which makes it about 10 years before most people even heard of them, let alone seen or used one & well before texting originated.

How often do you update your legislation up there in the future 52nd state? :wink:

18

I echo many above: What shitty bank are you using so we can make sure to avoid it?

I have credit cards with a local credit union and one with Citi (it’s a Costco cc). Both of them have been very easy and quick to deal with stolen cc info or to dispute charges. It’s all done with my cellphone and no letters to write. My credit union card has been compromised three times (I think that’s how many) and each time the charges are declined before they even happen. I think your bank needs a new algorithm.

19

I’ve found that my bank consistently stops me whenever I purchased Metro cards in New York City. Typically I can buy two cards, but the third one gets declined. The card works fine otherwise. So if I’m traveling with two or more people, I just have to use a second card for the additional Metro card.

20

Between my own accounts and my mother’s, I’ve had to deal with reporting fraudulent card transactions to Citi, Bank of America, Discover, and Wells Fargo. None of them ever asked for written documentation. I think it was Citi that had me fill out a form online (I was able to attach pictures, which was good because that particular transaction involved a package I didn’t order being delivered to my home). Wells Fargo was the only one that wasn’t at all concerned about the transaction because it was so small – they wouldn’t even change the account number!

I’ve never personally had sudden out-of-state transactions flagged, but that has happened many times to my mother, and even once when she broke her typical grocery store-grocery store-gas station-grocery store pattern to purchase a complete entertainment center at Best Buy. Most card companies have a feature through their app or website that lets you report travel plans; if you forget, they email or text you an alert to confirm the transactions. Not bad!