topic Re: Online Fraud. in Community Spirit

Online Fraud.

catsnknots — Sat, 18 Jan 2014 01:22:12 GMT

After being woken by a txt message this morning informing me that my card had been used last night in a suspected fraudulant manner and to call the banks Fraud Unit I had to get online and check and change some passwords just in case...

I then read some emails... one was about Target US and how it had a data breach not long ago and the information had been updated...

They first said that 40 million people were impacted but instead 110 million people had data breached. Apparently that is 1/3 of the population over there....

They have been offered free credit monitoring.... they will have to watch out for the rest of thier lives.....

It makes me think about what I now need to watch out for and where they got my information from.

Re: Online Fraud.

silverfaun — Sat, 18 Jan 2014 01:28:29 GMT

Cat, change to ANZ they have the falcon that keeps an eye on all online transactions for suss activity.

My card was used in Denmark for bike parts & they contacted me & asked if it was me, of course it wasn't, they then proceeded to refund all moneys & tightened up our security.

I am happy with the level of service this bank provides so I would think about it. No other bank has this type of thing as far as I know.

Re: Online Fraud.

zelly888 — Sat, 18 Jan 2014 01:33:43 GMT

I'm receiving pleny of emails asking me to updated my details in my ANZ account but the problem is that I don't have an ANZ account go the falcon

Re: Online Fraud.

catsnknots — Sat, 18 Jan 2014 01:36:10 GMT

I am very happy with Suncorp.. they noticed the unusual charges and stopped them, they started small and then gradually got larger and larger. As they were testing the card on an online gaming website (EA games) they were not at first picked up as my son does play online games so could have very well been normal. When they went from $10 amounts up to $100 plus is when the detection was noted... When the amounts show on my statement I need to go in and fill out a decleration and the chares will be reversed.

And yes, I did check with my son... he was actually in bed at the time so it was not him...

Re: Online Fraud.

purple_haize — Sat, 18 Jan 2014 01:42:49 GMT

I am with Bendigo Bank, they ring me if anything is suss.

I am very happy with them, and wouldnt change banks.

I get heaps of emails saying I bought items with paypal, when I havent, I just delete them because my paypal account is in another ID.

You just have to be careful.

Re: Online Fraud.

catsnknots — Sat, 18 Jan 2014 01:54:27 GMT

http://www.computerworld.com/s/article/9245491/Security_firm_IDs_malware_used_in_Target_attack?source=CTWNLE_nlt_security_2014-01-17

A follow up on that Target hack...

So the info was possibly stolen at Point Of Sale... so in reality it possibly has nothing to do with keeping your data secure after online shopping but in fact stolen while you shop at a store.

Re: Online Fraud.

silverfaun — Sat, 18 Jan 2014 02:07:01 GMT

Cat, do the pay wave, that way your card never leaves your hand. Good luck.

Re: Online Fraud.

catsnknots — Sat, 18 Jan 2014 02:13:34 GMT

That PayWave is not that secure either... anyone with the right device can scan you card if they get close enough to your wallet or handbag. That is why mine is kept in an aluminium case.

The good thing is that it is PayWave is limited in the amount that it authorises.

Re: Online Fraud.

purple_haize — Sat, 18 Jan 2014 02:26:06 GMT

Target Australia said the other day, that what happenned with Target in the USA, had nothing to do with T/Australia as they are seperate companies and run differently.

Re: Online Fraud.

purple_haize — Sat, 18 Jan 2014 02:28:44 GMT

Just something else to, that you may not be aware of, in some shops you just need to wave your card infront of the machine instead of putting in your pin or signing.....

My bank told me not to do it, as anyone can get your info doing it that way, and you will have no come back.......always use your pin or sign instead of waving your card.

Re: Online Fraud.

cherry*135 — Sat, 18 Jan 2014 02:36:59 GMT

Visa payWave cards only work when the card is within 4cm of the card reader and the payWave terminal can only process one transaction at a time. Because your Visa payWave card doesn't leave your hand during the transaction, you remain in control of your card at all times.

visa.com.au'

Surely you would notice if some scammer was only 4cm away from you waving some sort of card reader at your wallet/handbag?

Visa payWave-enabled cards are backed by Visa's Zero Liability Policy1and are as secure as any other Visa chip card

visa.com.au

The eftpos machines are owned by the bank..paywave/paypass transactions info is secure as using the card in the chip reader.

Re: Online Fraud.

cherry*135 — Sat, 18 Jan 2014 02:39:20 GMT

EFTPOS transaction fraud happens when scammers remove an eftpos machine from a business (unnoticed) and replace it with one of their own (that looks the same). All the funds then go into the scammers bank account.

Re: Online Fraud.

purple_haize — Sat, 18 Jan 2014 02:41:01 GMT

@am*3 wrote:
Visa payWave cards only work when the card is within 4cm of the card reader and the payWave terminal can only process one transaction at a time. Because your Visa payWave card doesn't leave your hand during the transaction, you remain in control of your card at all times.
visa.com.au'

Surely you would notice if some scammer was only 4cm away from you waving some sort of card reader at your wallet/handbag?

Visa payWave-enabled cards are backed by Visa's Zero Liability Policy1and are as secure as any other Visa chip card
visa.com.au

The eftpos machines are owned by the bank..paywave/paypass transactions info is secure as using the card in the chip reader.

My bank told me it was not secure and not to use it.............you need to use the machine and put in your pin or sign.........if it was a secure way of doing it, my bank would have said so...........

Re: Online Fraud.

cherry*135 — Sat, 18 Jan 2014 02:51:56 GMT

How would a scammer access info that is being transmitted electronically to visa/mastercard/bank? Paywave transactions have a limit of $100 or less (can be $30 in some stores). The newer eftpos machines are wireless.

They would need to be able to divert the money from going into the stores bank account to their own account...to commit fraud.

Fraud can happen if someone drops/loses their card and another person picks it up and can use the paywave function to buy items in stores. There is a daily limit too I think.

Some of the security features of Visa PayWave

Your card never leaves your hand during the transaction
Ultra short read range - cards can only be used within less than 4cm of the card reader
Unique in-built secret "keys" that generate cryptograms to uniquely identify each transaction
A secure microprocessor on the card
The Visa payment network automatically detects and rejects any attempt to transmit the same information more than once
Your name and three digit security code are never transmitted during a PayWave transaction

Re: Online Fraud.

cherry*135 — Sat, 18 Jan 2014 03:00:01 GMT

This is what my bank says about PAYWAVE

Even though you don’t need to swipe or dip your card, sign or enter your PIN for transactions less than $100, your NAB Visa payWave card is just as secure as your current credit card or debit card. It offers the same high level of security plus multiple layers of protection which include:

The highest cryptographic and smart card technology available:
NAB Visa payWave uses the same security that keeps your chip card and PIN protected.
NAB Defence:
Your account is assessed by NAB’s security experts, high risk transactions are monitored and any suspected fraudulent activity investigated.
Our security promise to you:
NAB will reimburse you 100% of any amount fraudulently removed from your account if, despite our defences, you’re a victim of fraud. Of course your responsibilities when operating your account still apply.
Your hand:
During a payWave transaction your card never leaves your hand. This greatly reduces the risk of your card details falling into the wrong hands and being used for fraud.

Online fraud (no card involved) is the biggest type of bank account fraud.

Re: Online Fraud.

azureline** — Sat, 18 Jan 2014 03:47:18 GMT

Paywave NEVER works when I try to use it.

Re: Online Fraud.

monman12 — Sat, 18 Jan 2014 04:26:42 GMT

RFID chips and credit cards.

"Today's contactless cards don't make the user’s name, PIN, or permanent three-digit CVV code wirelessly available, they also use a one-time CVV code with each scan so as to prevent repeated fraudulent use. In six years of use, there reportedly haven't been any documented cases of this kind of fraud"

nɥºɾ

Re: Online Fraud.

purple_haize — Sat, 18 Jan 2014 04:31:32 GMT

I will do what my bank said to do AM*3, they must have some knowledge of things that have gone wrong with using this method.

I have full faith in my bank and they wouldnt tell me something if it wasnt true...........somewhere along the line there must have been problems with the wave system, so I dont intend to use it.

Re: Online Fraud.

catsnknots — Sat, 18 Jan 2014 04:46:36 GMT

My son was looking into a CC swipe machine to use for his business, he has a PP one that did not work properly, and came across an option to buy a machine that will accept paywave... That made us think that if you buy one can you use it yourself? In reality probably not unless you are a crime gang that has the right tools. but it made us think it might not be safe.

And if you need to be only 4 cm away well when I shop there are many people that you get that close too... hold one of those devices up to a persons back pocket or handbag and you might just have a winning scam.

PH I did know it was the US Target stores, I read the articles and my talk about 1/3 of the US population being exposed for example shows that.... but I think it is a very interesting topic that a business like Target can have this malware on their system and could not detect it.

How do we know our retailers don't have that same problem... or didn't in the past and that information already has been taken.

Re: Online Fraud.

catsnknots — Sat, 18 Jan 2014 04:52:04 GMT

@am*3 wrote:
EFTPOS transaction fraud happens when scammers remove an eftpos machine from a business (unnoticed) and replace it with one of their own (that looks the same). All the funds then go into the scammers bank account.

That was one of the things the guy on the phone was telling me... who allows a stranger to take their machine and "fix" it without first making contact with the company that supplies it?

The POSmalware was what appears to have caused the Target troubles... the malware was on the computer system of the company.