BrendanS
Well-Known Member
quite, and I'd really like to know which website Henry wrote, so I can avoid it like the plague.
Credit card fraud.
- Thread starter BobE
- Start date
HenryB
Well-Known Member
Denbigh,
The site that I set up was many years ago before the introduction of the 3 digit security code. The credit card details were eventually processed manually at my customers office. The data was encoded until it reached my customer. I no longer maintain the site so I've no idea what they use now.
You need to watch the URL as well as the "lock" sign to check that you get transferred from the sellers site (which often is secure during the ordering bit) to something that seems like a bank site (or Paypal or similar) by the time that you are asked for your credit card details.
Perhaps we should all go back to Postal Orders or COD /forums/images/graemlins/smile.gif
The site that I set up was many years ago before the introduction of the 3 digit security code. The credit card details were eventually processed manually at my customers office. The data was encoded until it reached my customer. I no longer maintain the site so I've no idea what they use now.
You need to watch the URL as well as the "lock" sign to check that you get transferred from the sellers site (which often is secure during the ordering bit) to something that seems like a bank site (or Paypal or similar) by the time that you are asked for your credit card details.
Perhaps we should all go back to Postal Orders or COD /forums/images/graemlins/smile.gif
iangrant
Well-Known Member
yep same with us a similar fraud - we got an invoice from dell for a 850 quid server, nothing to pay. I phoned them and they said the item had been delivered to the address in north london. They were insistant that all was well until i told them i was not the name on the delivery address or the recipient of the computer - that took at least three calls to the indian call centre to make it clear that it was fraud. Phoned barclaycard who cancelled the payment taken from swmbo card and i took the delivery note to the police - "sorry mate this happened in london not 'ere you'll have to contact the met - ha".
Looks like the only loosers are Dell for not checking. Common thing here seems to be pixomania????
Looks like the only loosers are Dell for not checking. Common thing here seems to be pixomania????
DeeGee
Well-Known Member
[ QUOTE ]
...common thing here seems to be pixomania????
[/ QUOTE ] Well, harking back to my previous - you pay on the internet over a protected (assuming you check to see it is an https link) link to some banking service. Although in theory someone might set up a banking service deliberately leaky, pixmania use BIBIT which is the internet payment service of Royal Bank of Scotland, so I think you can reasonably assume it is not them. HOWEVER, there seems to be a security hole with Pixmania.
Consider... to do a fraudulent purchase on Pixmania, first you have to have the name, number and security code from the card (that is the easy bit, and the basis of card fraud before chip and pin). Now, you get on to Pixmania, you don't know the username and password for this card, if there is one, so you create a new account in the card-holders name and then make a purchase...finally, you arrange a different delivery address than the cardholder.
It seems that Pixmania do not validate the email address from which the user is registered - the usual way is to send an email to make a confirmation that this is the email address of the person registering (tough if it is something like a hotmail addy) - and they allow different delivery address on the first order, which some do not, to my annoyance.
...common thing here seems to be pixomania????
[/ QUOTE ] Well, harking back to my previous - you pay on the internet over a protected (assuming you check to see it is an https link) link to some banking service. Although in theory someone might set up a banking service deliberately leaky, pixmania use BIBIT which is the internet payment service of Royal Bank of Scotland, so I think you can reasonably assume it is not them. HOWEVER, there seems to be a security hole with Pixmania.
Consider... to do a fraudulent purchase on Pixmania, first you have to have the name, number and security code from the card (that is the easy bit, and the basis of card fraud before chip and pin). Now, you get on to Pixmania, you don't know the username and password for this card, if there is one, so you create a new account in the card-holders name and then make a purchase...finally, you arrange a different delivery address than the cardholder.
It seems that Pixmania do not validate the email address from which the user is registered - the usual way is to send an email to make a confirmation that this is the email address of the person registering (tough if it is something like a hotmail addy) - and they allow different delivery address on the first order, which some do not, to my annoyance.
BobE
Well-Known Member
I really don't think Pixmania are anything to do with the problem,
I have never ordered anything from them so that's not where my card was cloned.
The two Pixmania Debits were never delivered to this address and I believe that the fraud might well actually have been discovered by them. I have no concrete evidence of this just a "feel" I got during my conversations with Nationwide Credit Card Fraud Dept.
Whilst both Pixmania and Watford Electronics ( Sava store) could be at fault in their checking/ validation of web / phone order details, I think the wrongdoer would not order through the company where the card was cloned ..
Unfortunately these people are not that stupid (IMO)
Cheers Bob E...
I have never ordered anything from them so that's not where my card was cloned.
The two Pixmania Debits were never delivered to this address and I believe that the fraud might well actually have been discovered by them. I have no concrete evidence of this just a "feel" I got during my conversations with Nationwide Credit Card Fraud Dept.
Whilst both Pixmania and Watford Electronics ( Sava store) could be at fault in their checking/ validation of web / phone order details, I think the wrongdoer would not order through the company where the card was cloned ..
Unfortunately these people are not that stupid (IMO)
Cheers Bob E...
Debenite
New Member
My wife had a call from Nationwide BS on 21.12.06 re irregular use. I had the same pattern, cinema tickets via Cineworld & Odeon, TV company, computer company and train tickets and mobile top ups.The total was c.£1,500. It was difficut to get back to NWBS Fraud Dept as always engaged. They just wrote it all off-no argument and I now have fresh cards.
Today,my latest Barclaycard account showed one genuine item and a Cineworld debit for £5.25 on 21.12.06 which was the day it all came to light with Nationwide. I checked with Cineworld who said it was thru their Enfield Cinema. Barclaycard now cancelled and written off this small amount.
This experience made me check my other litle used credit card account but completely clean.
I have recently purchased goods from Amazon which were sourced to Pixmania in Paris. Oo la la!
I reckon that I am very careful with my credit card details but it bothers me how these crooks got hold of a unrelated account but under the the Visa umbrella.
Today,my latest Barclaycard account showed one genuine item and a Cineworld debit for £5.25 on 21.12.06 which was the day it all came to light with Nationwide. I checked with Cineworld who said it was thru their Enfield Cinema. Barclaycard now cancelled and written off this small amount.
This experience made me check my other litle used credit card account but completely clean.
I have recently purchased goods from Amazon which were sourced to Pixmania in Paris. Oo la la!
I reckon that I am very careful with my credit card details but it bothers me how these crooks got hold of a unrelated account but under the the Visa umbrella.
oldharry
Well-Known Member
Thois sort of thing is going on all the time unfortunately. My experience was when my trusty RBS card was refused while away one weekend (no - with SWMBO you nasty little man!). On return home phone messages waiting from RBS saying they had locked the account pending fraud investigation. Like others, two small items had gone through - one a donation to charity - then two attempts to use it on an online gambling site at £500 a throw. RBS knew I never used it for on line gambling, so blocked it. On another occasion a year ago an online purchase from America was queried - legit that time, though.
New card, new account number and all was up and running again..
New card, new account number and all was up and running again..
rickp
Well-Known Member
Makes you wonder how the Govt could claim that an ID card would prevent this sort of 'card holder not present' fraud....
Rick
Rick
