The other day I got a text about attempted fraud on my bank credit card - purchases attempted at Walmart.com for $559 and $349. At first I thought it might be fake, as happened once before. But I have many sercurity alerts set on my credit cards, so I logged on to my bank site, and sure enough, the attempts were real! But the transaction didn’t go through, probably expiration date or CCV number on the card ?
I don’t use the card too much, and wondered how it might have gotten ‘out there’.
I read that there are apparently brute force attempts – trying all kinds of numbers and hitting on a CC number ! I don’t get it – they would need to get the CC number, expiration, and probably zip code correct. If they’re that good at guessing numbers, they should be winning Powerball lotteries! (which I don’t win, probably because I don’t usually buy tickets…!)
Anyway, the card has been cancelled, etc. No harm done.
Another reason I am SOOOO angry, banks / CC’s don’t give us the option to add a long, complex code, which would make such theft non existent. They allow codes on DC’s but not CC’s.
So the attempted purchases were rejected? Then maybe the “system” is working, somehow? What if you had not cancelled the card? Would you continue to get texts if other attempts were made? And do you then tell the CC company no, that wasn’t you?
It’s annoying to cancel the card if it’s used for auto payments, renewals, etc.
Yes it is, but it’s better than the alternative. I had to login to autopayments and put them on another card, though I should get a new bank card in 7-10 days.
This got me thinking a bit – I have a few payments set up on virtual credit cards through Privacy.com.
If a brute force fraud attack can guess my credit card number, could it do the same for a virtual credit card? Privacy.com doesn’t have account alerts, that I’ve seen.
Privacy.com has been good, but I tried to set it up with my main bank, but it can’t do accounts with 2FA. And it wouldn’t do the debit card. So I have it on my credit union account which right now doesn’t have 2FA, but will in the near future.
So the attempted purchases were rejected? Then maybe the “system” is working, somehow? What if you had not cancelled the card?
I actually did this with a credit card where the number had clearly gotten out. There were some fraudulent transactions that surfaced for several months but they were automatically detected and rejected. Then all went quiet for about 8 years before there was another fraudulent transaction. That one went through so the card was finally closed and a new number issued.
If a card is not used often, most credit cards can be locked or frozen. Many times, this is performed in an app, so it can be turned on and turned off as needed. Still, if fraudulent transactions hit the account, whether they are processed or not, it would be a good idea to have the card replaced with a new number issued.
I try not to have websites retain my credit card information, but that does not always seem possible. I also try not to do auto payments. I like to know when a charge is going to happen.
I know Clark says to get paper statements and review them monthly. I recommend checking accounts much more frequently by reviewing the activity on the cards at the credit card’s website. The quicker you can catch a fraudulent charge, the easier it is to get it resolved. My experience has been excellent with American Express in these situations.
BTW, cancelling the credit card will affect your credit score but it will recover. It is probably a non-event if you are not applying for a loan, mortgage, etc. in the near future.