G'day All,
Thought I'd share another good reminder I got today of just how insecure our internet banking systems (the ones they keep urging us to use) actually are.
Some scum managed to make two withdrawals from one of my accounts, a debit Mastercard account.
The bank (CBA) immediately cancelled the card to prevent it happening again, I asked what have they done to ensure it won't happen to the new card they're sending, still waiting on an answer for that one.
Bank reckons these grubs are using software that generates random card numbers and expiry dates, and when they get a live one they take a couple of small amounts first then go after larger amounts.
Luckily my account had only about $10 in it and they got about $3 and $4 in two transactions within the same minute.
Contacted friends, family etc. & found one mate had lost $1000 to the same scam.
The merchant claimed to be "CUSHING AMUSEMENTS WILMINGTON USA" on my statement, though as usual that's most likely spoofed and it could be anyone.
The banks didn't notify me or my mate either, I picked mine up as I was checking for payments that I've been waiting for, luckily I guess they were late as usual.
The mate realised his had been stolen when he got an overdue power bill notice after putting the money in to cover the bill a week or two before.
Can't say I'm too confident the banks will get on top of this issue successfully in a timely manner, though I guess we can hope...
I do not acknowledge the so-called traditional custodians of the land and waters on which we operate.
Stop using acronyms!!
Look Here -> |
I’ve had this happen a couple of times.
One time, I had to book a hotel for a work colleague using my work credit card. The hotel wanted me to email them my credit card number. Email is totally insecure and to send credit card details via email is a breach of the payment card industry security standards. The hotel did not seem to understand this, but eventually I convinced them to accept the number via an alternate means of communication.
About a month later, there was a $1 debit from a remedial massage place in Woy Woy (I live in Tasmania). The bank told me that scumbags get hold of stolen credit card numbers, then use a small debit to test them - a the card number works, they can sell that card number as a good one to someone further along the chain.
In my case, I guess there was a staff member at the dodgy hotel stealing the card numbers.
Jma (02-10-24)
My banks use 2 factor Autorisation for my accounts, so if anyone tries to log in I get a message. Of course that does not prevent stealing via other means. So far, I have been lucky!
I'm out of my mind, but feel free to leave a message...
I have a small credit card for the internet, and a visa debit card with virtually nothing in it. When I need to use it on the internet, I put money in.
My wife and I have had a couple of issues over the years, but have always been contacted by the banks of suspicious behaviour. St George once, and Members Equity once.
I use cash when possible....old fashioned I know, but it requires violence to steal money. As long as I have a float it works when the banks go down, which we all know they do, despite the bullsh!t guarantees.
p.s. I have NOTHING money wise on my phone except an app that sends me a code.
We are dealing with electronic media....it's NOT secure. And regardless of the assurances, we are just one major solar flare away from an ex banking system.
The fact that there's a highway to hell and a stairway to heaven says a lot about the anticipated traffic flow.
shred (02-10-24)
that is exactly what i have.I have a seperate nab debit/visa card that i use for all online transactions
that uses two factor authentication. and my money is in a different account with a different bank
that when needed i transfer over.Also my paypal uses the nab card and not my main account.
dont say linux if i wanted it id install it
According to the bank they took mine like a regular business would deduct money for a purchase, so it seems no matter what type of secure login is attached to an account, which they don't actually have to login to anyway, all they need is the correct card number and expiry date to be able to steal from it.
I thought the CVC number might have been required before any funds were withdrawn, but I guess not.
Or perhaps their software generates that too, or the banks are full of sh*t and it does nothing for security.
I never thought of asking about that yesterday.
Considering the number of domains connected when I just login to my account with uBO disabled, I guess it's not hard to believe the chances of getting money stolen increase.
I did ask about all the extra domains and what they're for yesterday and was basically met with crickets.
Probably all agreed to when "I accept the terms and conditions" is clicked while setting up online banking accounts.
Might have to actually read all that crap one day I suppose
Last edited by Jma; 02-10-24 at 06:50 PM.
I do not acknowledge the so-called traditional custodians of the land and waters on which we operate.
Stop using acronyms!!
After an investigation the bank informs me my money and the associated foreign currency exchange fees I was stung will be refunded.
Hopefully they'll catch the grubs that took it, and increase security so the same can't happen to anyone with a bank account that has a card associated with it, though don't think I'll hold my breath on either of those scenarios.
I do not acknowledge the so-called traditional custodians of the land and waters on which we operate.
Stop using acronyms!!
Having been in this situation a long time back; since you alerted the bank to you taking no part in the transaction, the fraud section of the bank will just do a charge back to the account that took your $7. If successful you get your money back.
They will pass on those details to the applicable service investigating fraudsters.
You wont hear anymore.
I got ~ $1,500 returned to me. There is a thread about here somewhere that I detailed it. Can't find it right now.
Last edited by Tiny; 04-10-24 at 07:23 PM.
Cheers, Tiny
"You can lead a person to knowledge, but you can't make them think? If you're not part of the solution, you're part of the problem.
The information is out there; you just have to let it in."
Bookmarks