Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: How widespread is compromised accounts, card cloning etc?  (Read 4953 times)

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
How widespread is compromised accounts, card cloning etc?
« on: October 20, 2020, 01:17:27 AM »

I feel it is much worse than is publically announced, the amount of companies revealing its happened to them years after the fact as well.

So my story today is an hour ago I got an email from Paypal, payment declined on the debit card.  The account has a healthy balance.  But on the paypal system if you have a bank account linked to paypal, its not also linked to your card automatically, so if the paypal balance isnt high enough it wont use paypal funding sources.

I logged into paypal, and I see no details of the declined transaction, but I do see a pending transaction which I know is not me.  THREE-TOPUP(IVR).

Here is some more information.

Payment type: In-store purchase
Funding Source: PayPal balance
Funding Source: -£35.00 GBP - PayPal Business Debit Mastercard ending in x-XXXX

This card has never been used physically.

Paypal have no 24/7 fraud team, and I cannot dispute online, so in limbo hoping more transactions are not about to be done.

So where has the card been used?

Amazon UK
Twitch (linked to Amazon pay).
Asda and Morrisons online
and here it comes.
A small company I used to buy a UPS power cable from 2 weeks ago.  I wont name them, because its speculation that I think they may have a compromised payment system.

I already had started using disposable virtual cards (single time use) for any unknown companies (from revolut).  But didnt when i got the cable.

Can a physical card be cloned from online purchase data?
Logged

tubaman

  • Senior Kitizen
  • ******
  • Posts: 12514
Re: How widespread is compromised accounts, card cloning etc?
« Reply #1 on: October 20, 2020, 08:26:10 AM »

I'm pretty sure you can call Paypal 24/7 as I've spoken with them late evenings before.
If you go to https://www.paypal.com/uk/smarthelp/contact-us?locale.x=en_GB and then "Disputes and account Limitations" > "Disputes" > "Dispute a Payment" > "Call Us"
 :)
Logged
BT FTTC 55/10 Huawei Cab - Zyxel VMG8924-B10A

d2d4j

  • Kitizen
  • ****
  • Posts: 1103
Re: How widespread is compromised accounts, card cloning etc?
« Reply #2 on: October 20, 2020, 08:37:33 AM »

Hi Chrysalis

That's not good but happens and yes, many systems can be compromised but I thought you had to register with ICO for PCI compliance as well as conforming to the law due to peoples details been held.

I would suspect your paypal account has been hacked rather then cloning cards or using your card details from an online store.

The reason I think this are as follows:

All stores used for purchases are online (no physical card needed and no CVV number needed if a trusted agreement exists between stores/MA-gateway)

I think all stores mentioned allow payment by Paypal

3DS2 and PCI require no CVV details can be held on payment system used (even MA-gateways do not store CVV) (we have this issue with our MA-gateway and API, which is why we cannot currently undertake autopayment unless a scheduled Monthly rate is set for a set period of time)

I would check no monthly payments have been created in paypal and turn on OTP text to mobile but also ensure no other mobile number have been created/changed and same with email accounts etc...

I am sure paypal would fully refund all fraud transactions

Many thanks and sorry I think you already know the above so apologies if you did

John
Logged

meritez

  • Content Team
  • Kitizen
  • *
  • Posts: 1623
Re: How widespread is compromised accounts, card cloning etc?
« Reply #3 on: October 20, 2020, 09:48:16 AM »

You can purchase that Three Top Up voucher directly off Paypal's website: https://www.paypal.com/uk/gifts/brands/three

Logged

sevenlayermuddle

  • Helpful
  • Addicted Kitizen
  • *
  • Posts: 5369
Re: How widespread is compromised accounts, card cloning etc?
« Reply #4 on: October 20, 2020, 11:11:10 AM »

I’m aware that nobody is supposed, or allowed, to store card CVVs.  But that didn’t stop BA’s massive breach leaking full card details, with CVV, in 2018.   I was affected by that one, having very recently booked a flight. :'(

https://www.cnbc.com/2020/10/16/british-airways-fined-20-million-for-data-breach-by-ico.html


Reminded me of one of my favourite movie quotes, from Dr Strangelove...

President to General:  “I was under the impression that I was the only one in authority to order the use of nuclear weapons.“

Response:   “That's right sir. You are the only person authorized to do so. And although I hate to judge before all the facts are in, it's beginning to look like General Ripper exceeded his authority.“

 :D
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: How widespread is compromised accounts, card cloning etc?
« Reply #5 on: October 20, 2020, 01:27:14 PM »

I just spoken to paypal after a 2 hour call queue.

It took me 15 minutes to explain it is not the normal paypal account but the card, and he then proceeded to tell me its a different team. O_o, he was trying to tell me to change my password and all will be solved, when the debit card doesnt need someone to login to paypal.

I then rang the number on the back of the card as he instructed, and there is an automated message due to coronavirus there is no call operators and it hung up. O_o

So I have now ended up reporting the card stolen on the main paypal UI (should have done this last night), now to wait 10 days for another card, but still the problem of having to reclaim the £35, the call operator did tell me the attempted transaction was for £4995, I was lucky, my bank account wasnt linked as that probably would have worked if it was.

Also thanks tubaman for the link, I did try that last night, and the page no longer offers a 24/7 option, it describes how to dispute from inside the account page, when I try to dispute it says "We’re sorry, you can’t file a case on this type of transaction. Please refer to our User Agreement for more details.".

Just changed my payment card to a credit card for my xbox series S pre order on amazon and will also need to edit for all my upcoming food deliveries as well now :( but guess i am lucky I have only lost £35.

d2d4j, I dont think the account has been hacked, it has a very strong auto generated password, and 2fa is enabled.  The transactions were both debit card transactions which do not require paypal authentication, essentially you just need the 16 digits, expiry date and 3 digits from back, they work just like other debit cards.  However I did change my password as a precaution.  The paypal business debit card is a full debit card.  Information here https://www.paypal.com/uk/webapps/mpp/business-debit-card

7lm, yeah companies are storing them, not all, but at least some are.
« Last Edit: October 20, 2020, 01:41:00 PM by Chrysalis »
Logged

j0hn

  • Kitizen
  • ****
  • Posts: 4093
Re: How widespread is compromised accounts, card cloning etc?
« Reply #6 on: October 20, 2020, 02:12:18 PM »

7lm, yeah companies are storing them, not all, but at least some are.

Nobody is meant to be storing the 3 digit cvv number. I'm not aware of anyone who does.

The BA case was a man in the middle attack, with (suspected) malicious code on the BA site recording the cvv at the time of transaction.

The Payment Card Industry-Data Security Standard (PCI-DSS) regulations prohibit storing of the cvv.
Logged
Talktalk FTTP 550/75 - Speedtest - BQM

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: How widespread is compromised accounts, card cloning etc?
« Reply #7 on: October 20, 2020, 08:26:33 PM »

Interesting so I guess looking at the data been sent to backend server? 

There was an old billing software I used years ago that even though its illegal it had an option of storing CVV, there was a warning of course about legalities but the feature was there.

After 6 hours I got a online message reply with a 3rd number, I only just read it now though so need to wait till tomorrow again for working hours.
« Last Edit: October 20, 2020, 08:29:54 PM by Chrysalis »
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: How widespread is compromised accounts, card cloning etc?
« Reply #8 on: October 21, 2020, 10:45:33 PM »

Another quick update, the number told me to ring another number as they dont allow mobiles to ring 0800, the other number played music for almost 3 hours until I decided to give up.

The payment has now cleared but I am now also to dispute it which I did.  So its all been proceeded via the web interface now, but is very alarming that paypal cannot be reached easily on the phone for their card services.
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: How widespread is compromised accounts, card cloning etc?
« Reply #9 on: November 25, 2020, 07:28:26 PM »

for the curious, paypal finally issued a refund.
Logged

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 4300
Re: How widespread is compromised accounts, card cloning etc?
« Reply #10 on: November 25, 2020, 08:52:40 PM »

Good that you got it back.
Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D