It’s nearly four weeks since we got back from the USA. In that time I’ve been monitoring my credit card account and had watched all the money we’d spent hit the statement. In fact, the transactions were all there within a few days of getting home so I’d relaxed.
This morning I was contacted by my credit card supplier to the effect that there was some fraudulent activity on my account. I quickly got onto my on-line banking account for the card, and checked things – and there were a couple of pending transactions for just over £200, for Federal Express. Well, I haven’t FedEx’d anything recently! – or ever, come to that. So I was straight on the phone to my card supplier.
There’s a happy-enough ending to this. These transactions are going to be reversed, and apparently there were others, for larger amounts, that were rejected – they were identified as being potentially fraudulent. Of course, it’s also the case that my card has been cancelled so I’ve got to have that re-issued, and I shall have to update all the payments that get made automatically from it. But it’s worth it; and thanks to Halifax for a) spotting at least some transactions as being fraudulent and b) accepting the cost of the two that had got through.
The fraudulent transactions were all made, or attempted, in the USA so obviously my card was cloned while we were there in October. After the transactions had been identified and I’d gone through the formal fraud process, I had a conversation with the telephone advisor about the most likely cause of the problem. He suggested that it could have happened anywhere I’d used the card, but suggested this hierarchy of likelihood, from least likely to most likely:-
- least likely – in a reputable hotel. You never lose sight of the card, and it’s either a national chain (we paid for a couple of nights in a Holiday Inn with the card) or it’s a personal business, e.g. the two bed & breakfasts we stayed at;
- reduced likelihood – in a restaurant. In these case the waiter/waitress takes you card off you, and returns with a slip to sign. However, the great majority of restaurants are reputable, honest businesses (although individual employees may not be). But restaurant managers are aware of the potential for criminal activity, and if an employee is caught using a skimming device the police are called;
- most likely – non-attended card readers. One example that was mentioned specifically was pre-pay fuel pumps, and I think we may have used one such. There could be a very small skimmer inserted into the card reader which the perpetrator (who may have nothing to do with the gas station) can insert and remove secretly.
One general piece of advice was to use the card in places for large items such as hotels, car hire, etc, where it will never leave your sight, and use cash for everything else. In my case I suspect I’d got a bit blasé about the risks – this was my third visit to the US in about 18 months and the first two did not produce problems, so I’d relaxed my awareness.