|
Author |
Message |
Polarbear |
This post is not being displayed .
|
Polarbear Super Spammer
Joined: 24 Feb 2007 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Nobby the Bastard |
This post is not being displayed .
|
Nobby the Bastard Harley Gaydar
Joined: 16 Aug 2013 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
P. |
This post is not being displayed .
|
P. Red Rocket
Joined: 14 Feb 2008 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Polarbear |
This post is not being displayed .
|
Polarbear Super Spammer
Joined: 24 Feb 2007 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Shaft |
This post is not being displayed .
|
Shaft World Chat Champion
Joined: 27 Dec 2010 Karma :
|
Posted: 20:26 - 09 Feb 2020 Post subject: Re: Credit Card |
|
|
Polarbear wrote: | I've just had a weird thing happen.
I have a credit card (from Lloyds but I doubt that really matters) that I have never ever used for anything. I got it purely as an emergency card for travelling incase something happened and I needed funds.
Today I got a one time passcode from Lloyds to confirm a Pizza hut purchase for £47 odd which wasn't me. Obviously I didn't confirm and phoned Lloyds, card cancelled. Transaction refused, no problem.
What's got me though is where could they have got details from? I have never ever used this card so I don't see how it can be cloned.
My computer has McAfee anti virus and fire wall.
I asked the bint from Lloyds when I was talking to them but she couldn't get her head round the fact I have got a credit card and never used it. She kept going on about it being cloned.
The only other thing I use is Evernote for some details so it is on my phone as well as computer but the long card number or 3 digit one on the back isn't stored there.
I'm stumped and a little worried as if they had gone on a spending spree that card had a £5000 limit on it and while I'm not on the bones of my arse, I can't afford that sort of hit or the worry of arguing with a bank about fraud etc.
Has anyone got any ideas on how they could get my number and I presume the 3 digit cvv code if they used it online. |
I'll be very interested to see if you get definitive answer to this, as something similar has just happened to a friend of mine.
They were having problems with their main account, so the bank opened a new account with a new card and a different PIN.
The card was first used on Dec 23rd and it's been used 6 times since, always in the same places they always use their card (major supermarket, the petrol station attached to it and the local corner shop) then bugger me, some unknown took 80 quid out of a cashpoint.
The owner still has the card, so it wasn't stolen and the bank reckon there's no way of cloning a card and capturing the PIN, so how has this happened? ____________________ Things get better with age; I'm close to being magnificent........
20 RE Interceptor, 83 Z1100A3, 83 GS650 Katana
WooHoo, I'm a Man Point Millionaire! https://www.bikechatforums.com/viewtopic.php?t=234035 |
|
Back to top |
|
You must be logged in to rate posts |
|
|
dynax |
This post is not being displayed .
|
dynax Trackday Trickster
Joined: 06 May 2019 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
doggone |
This post is not being displayed .
|
doggone World Chat Champion
Joined: 20 May 2004 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Polarbear |
This post is not being displayed .
|
Polarbear Super Spammer
Joined: 24 Feb 2007 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Pete. |
This post is not being displayed .
|
Pete. Super Spammer
Joined: 22 Aug 2006 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Ste |
This post is not being displayed .
|
Ste Not Work Safe
Joined: 01 Sep 2002 Karma :
|
Posted: 21:54 - 09 Feb 2020 Post subject: |
|
|
OTP is a one time password which is what the text message you received was for.
Online banking login details are of no use to someone wanting to clone your card.
Evernote have had a few security breaches over the years but I assume you don't use it to store your credit card number. |
|
Back to top |
|
You must be logged in to rate posts |
|
|
Polarbear |
This post is not being displayed .
|
Polarbear Super Spammer
Joined: 24 Feb 2007 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Ste |
This post is not being displayed .
|
Ste Not Work Safe
Joined: 01 Sep 2002 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Tankie |
This post is not being displayed .
|
Tankie Crazy Courier
Joined: 24 Feb 2017 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Sister Sledge |
This post is not being displayed .
|
Sister Sledge World Chat Champion
Joined: 17 Aug 2018 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
iooi |
This post is not being displayed .
|
iooi Super Spammer
Joined: 14 Jan 2007 Karma :
|
Posted: 22:56 - 09 Feb 2020 Post subject: |
|
|
If they get a known good clone card number, it has been known that groups will then try random numbers within the Mod 10 range. So can hit a gen number.
One of the bonus of getting a OTP now.
Although some people just ignore them if they get them and it is not them
Then get all arsey when asked why did you not do anything.. ____________________ Just because my bike was A DIVVY, does not mean i am...... |
|
Back to top |
|
You must be logged in to rate posts |
|
|
Polarbear |
This post is not being displayed .
|
Polarbear Super Spammer
Joined: 24 Feb 2007 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Easy-X |
This post is not being displayed .
|
Easy-X Super Spammer
Joined: 08 Mar 2019 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
ThunderGuts |
This post is not being displayed .
|
ThunderGuts World Chat Champion
Joined: 13 Nov 2018 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Shaft |
This post is not being displayed .
|
Shaft World Chat Champion
Joined: 27 Dec 2010 Karma :
|
Posted: 20:59 - 10 Feb 2020 Post subject: |
|
|
So are we saying it's definitely not possible to capture a PIN? ____________________ Things get better with age; I'm close to being magnificent........
20 RE Interceptor, 83 Z1100A3, 83 GS650 Katana
WooHoo, I'm a Man Point Millionaire! https://www.bikechatforums.com/viewtopic.php?t=234035 |
|
Back to top |
|
You must be logged in to rate posts |
|
|
Polarbear |
This post is not being displayed .
|
Polarbear Super Spammer
Joined: 24 Feb 2007 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Ste |
This post is not being displayed .
|
Ste Not Work Safe
Joined: 01 Sep 2002 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Shaft |
This post is not being displayed .
|
Shaft World Chat Champion
Joined: 27 Dec 2010 Karma :
|
Posted: 00:01 - 11 Feb 2020 Post subject: |
|
|
Polarbear wrote: | In the old days the PIN was on the card. I remember someone who had very dubious contacts telling me a betamax video recorder could be used to read the PIN off the old cards. True or not? Who knows.
Now I gather it is not on the card but on a database(someone correct me if that statement is bollox) which would mean you have to hack that and then match up the PIN with the card etc. I have no idea how viable that is but if someone can hack the CIA or NASA or organisations like that I'm sure they can do pretty much everything. It's whether it's worth their while.
It's like this idea of catching your details off a card in your wallet. Buy RDF cards to protect yourself. Do they work? I don't have clue but I'm going to get one now.
TLDR: No idea. |
It seems very peculiar to me that you've had a card hacked that's never been used and my friend has had the same done on a virtually brand new card, that's only been used a handful of times.
In your case, it seems doubly odd; where the hell did they get any details, unless they've been bought/hacked as part of a database ?
As for my friend, it could be an organised thing and somebody knew their habits, was watching them enter a PIN while a card reader was being used to grab the main details.
We do have CCTV evidence that the card was used at a cashpoint by someone other than the owner, but there does seem to be a basic security risk on the part of the banks.
I also thought the PIN was contained on the mag strip (does an ATM read the strip and ask you to match the number it finds, or communicate with the bank database and ask you to match that?) and if it is, why can't it be captured? ____________________ Things get better with age; I'm close to being magnificent........
20 RE Interceptor, 83 Z1100A3, 83 GS650 Katana
WooHoo, I'm a Man Point Millionaire! https://www.bikechatforums.com/viewtopic.php?t=234035 |
|
Back to top |
|
You must be logged in to rate posts |
|
|
Polarbear |
This post is not being displayed .
|
Polarbear Super Spammer
Joined: 24 Feb 2007 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Easy-X |
This post is not being displayed .
|
Easy-X Super Spammer
Joined: 08 Mar 2019 Karma :
|
Posted: 02:36 - 11 Feb 2020 Post subject: |
|
|
Shaft wrote: | I also thought the PIN was contained on the mag strip (does an ATM read the strip and ask you to match the number it finds, or communicate with the bank database and ask you to match that?) and if it is, why can't it be captured? |
No, the PIN is not on the magstripe and never has been AFAIK. The data tracks are unencrypted and in a standardised, publicly available format. I have a drawer full of card readers at work and it's trivial to read the information off, always has been.
However, the PIN is in the chip but not in the sense of easily readable. The card machine sends the PIN to the chip and the chip says yes or no. There are vulnerabilities in the chip firmware but it's non-trivial work to crack them open. Much more cost effective to "shoulder-surf" or steal a purse or wallet only to discover the PIN written on a scrap of paper (yes, people still do this!) Therefore very important to report cards stolen as soon as you're aware.
I'm not saying you can't clone a card all the way up to the contactless function but why would you? If you know the all the unencrypted numbers (long number, expiry date, CCV) order some shit off the Internet nice and anonymous. Gift cards are popular form of low-key laundry, it used to be mobile phone vouchers. Emptying cash points, on the other hand, on a large scale requires a lot of legwork and that requires organised crime...
Of course, that's how it should work but obviously doesn't so the banks rely on "just doing enough to get by" as in keeping fraud down but not eliminating it and mostly rely on computers to analyse spending patterns and query anything that seems out of the ordinary. Which is pretty hit or miss
Unless somebody goes completely mad in the government and passes a law to explicitly make banks responsible for fraud (which, due to laxity, they are most of the time - maybe "complicit" would be a better word) then this sort of thing will continue.
It always amazes me when banks say "so sorry your life savings got ripped off, we got some of it back" huh? why some?! They know exactly where it went! ____________________ Husqvarna Vitpilen 401, Yamaha XSR700, Honda Rebel, Yamaha DT175, Suzuki SV650 (loan) Fazer 600, Keeway Superlight 125, 50cc turd scooter |
|
Back to top |
|
You must be logged in to rate posts |
|
|
Polarbear |
This post is not being displayed .
|
Polarbear Super Spammer
Joined: 24 Feb 2007 Karma :
|
|
Back to top |
|
You must be logged in to rate posts |
|
|
Old Thread Alert!
The last post was made 4 years, 75 days ago. Instead of replying here, would creating a new thread be more useful? |
|
|
|