another annoying scam!

[Wihtgar]

Got me too. Pretty sure I got hooked clicking on an account conformation link purporting to be from Nexus models. I can't believe I got caught by that one. Anyway, new card on its way after bank spotted small amount Lifewatch taken out of the credit card account.

 

Thing is I thought the automated call from the bank was from scammers until I contacted the bank after the third call. I couldn't see any suspicious activity on the account as the bank had stopped the transaction so beware folks.

[FlyinFlynn]

Perhaps an angle worth thinking about is the cvv2 code written on the back of everyones credit & debit cards. This is the one you need to make an internet transaction, not your PIN which is the code you need for a face to face transaction. 

There are just three pieces of information any trader needs to make a debit on your card, the card number, the expiry date and the cvv2 code - all 3 are on your card. If an unscrupulous trader (or anyone with access to your card for a very short while for that matter) made a note of those three pieces of info then they would be able to make a fraudulent transaction on your card.

I NEVER buy anything on the internet from anywhere other than on my chair in my home so it is easy for me to scratch the cvv2 off my cards after making a note of the number on a piece of paper stuck to my noticeboard, that way, no one would have the info required to make a transaction on my card. ........  makes you think huh! How many of those with these fraudulent transactions on their cards can honestly say they have never let anyone have access to their cards for long enough for them to make a note of the cvv2 and the expiry date because they already have the card number in their tills! 

 

There is talk of a brute force attack being employed in this current wave of fraud, which might indicate the fraudsters don't have one of the 3 pieces of info and have to try many different combinations of cvv2 (for example) which is why the banks are able to detect the attack so perhaps, while you are busy scratching off the cvv2 code it might be worth considering doing the same to the expiry date if your replacement cards come with only printed and not embossed dates.

[Martin Harris - Moderator]

How would this protect against a typical on-line transaction where you have to supply an unencrypted cvv code?  The 3 pieces of info are typically provided to multiple suppliers and organisations so it only requires a single crooked employee to leak your details.

[Denis Watkins]

1 hour ago, Martin Harris - Moderator said:

How would this protect against a typical on-line transaction where you have to supply an unencrypted cvv code?  The 3 pieces of info are typically provided to multiple suppliers and organisations so it only requires a single crooked employee to leak your details.

 

You can't protect, as you point out, against this Martin. Those details are all that is needed to complete a transaction.

online purchases, done electronically, do not provide the shop with your cvv, so is safer than speaking down the phone

 

 

 

[John Lee]

I've also been hit.

 

A few pence for JetFrog was spotted by my bank (NatWest) who immediately blocked the transaction and my card. I sorted it out with them today & a new card is on the way.

 

In common with many others I'm a Nexus customer.

[Ariel]

Plus one for the Scam attempt. Lifestream the bank said so maybe there is another one. Cards blocked by the bank and new ones being sent to my home address. Great, except i'm not there. Setting up two stage verification on all my transactions from now on. Seems like a pain until something like this happens! 

[Valve]

Just to add had a bogus Lifewatch transaction of 72p and attempt to use card manually in a bar in California, it was declined thankfully, but like many on here have Nexus and Bmfa transactions on my card….

[leccyflyer]

There's a very real chance of introducing a strong selection bias in these repeated noting that -surprise, surprise - this online community of modellers contain a disproportionate number of people who have made credit or debit card payments to one of the largest modelling related retailers and the national body. You can be fairly certain that those who have been scammed also include multiple people who have used their card in B &Q, or Tesco or a BP filling station, but, due to the forum these are being noted in, that is not mentioned.

[john stones 1 - Moderator]

5 minutes ago, leccyflyer said:

There's a very real chance of introducing a strong selection bias in these repeated noting that -surprise, surprise - this online community of modellers contain a disproportionate number of people who have made credit or debit card payments to one of the largest modelling related retailers and the national body. You can be fairly certain that those who have been scammed also include multiple people who have used their card in B &Q, or Tesco or a BP filling station, but, due to the forum these are being noted in, that is not mentioned.

 

Well said, in other news most people hurt by modelflying propellors fly aeromodels.

You could cause damage to the trade that supports us and the BMFA et al, think what you post.

[Philip Lewis 3]

Doubt very much that these have either used their credit card for the BMFA or Nexus.

 

https://www.news.com.au/finance/aussies-warned-to-watch-out-for-mysterious-jet-frog-bank-charges/news-story/4f415a8aa9d94ca8c653a0524d65777f

[FlyinFlynn]

23 hours ago, Martin Harris - Moderator said:

How would this protect against a typical on-line transaction where you have to supply an unencrypted cvv code?  The 3 pieces of info are typically provided to multiple suppliers and organisations so it only requires a single crooked employee to leak your details.

As Denis says...and if you lose your wallet? I believe you are liable for any transactions made before you inform your card supplier, why would you NOT prevent, or at least deter the finder from helping themselves to your bank account? You might think you could prove the item wasn't bought by you because it was not delivered to your address but I can order stuff to a local locker, all it needs is a temporary email address and the cahoonas to go pick it up.

 

.... and for what?  How much of an imposition is it for you to delete those numbers off your card?

 

 

 

[Jonathan W]

Of the 7 cards cancelled and reissued on Monday, 3 have already arrived today, so not too bad. Although they were the most difficult to get through to on the phone, it is Halifax/Lloyds/BOS group who have delivered the new cards quickest.

[Adrian Smith 1]

That's good, Jonathan. I am still waiting for my two cards reissued on Monday. I had sort pencilled in Friday, but Royal Mail round here is useless and it delivers bundles of letters here saved for only twice a week at best. 😒

Edited February 14 by Adrian Smith 1

[EarlyBird]

Me too.

£35 to GROVESNOR then four more including Jetfrog. I emptied the account before they could. New card is on the way.😊

[Adrian Smith 1]

Sorry to hear that EB. Given the apparent large scale nature of this scam it does seem to point to some sizeable data breach somewhere, although I doubt we will hear about where for some months, if at all,  based on recent history of these type of events. 

[FlyinFlynn]

14 hours ago, EarlyBird said:

Me too.

£35 to GROVESNOR then four more including Jetfrog. I emptied the account before they could. New card is on the way.😊

 

It might be interesting to see if you get reimbursed for this as it appears to be so widespread. The banks can hardly argue it is a genuine transaction!

 

"The scam appears to be spreading across Australia, although similar social media posts about Jet Frog in Europe and the US stretch back to 2021."

 

It makes me wonder why any bank in the world would still process any card transaction from 'jet frog'

[EarlyBird]

There were five attempts, all blocked by the bank, GROVESNOR £35, 10, Another gambling site, Just Eat and Uber. None were succeeded because they are new for this card and my bank requires second authentication for new firms. The first was at 23:58 and my phone was asleep.

 

I am thinking that if I had used any of these sites they would not have been blocked, then it would be for me to check my statement and alert the Bank.

 

Talking to the Bank I was told never allow card details to be stored by the web site as this is a common method used to steal users details.

[Andy Stephenson]

1 hour ago, EarlyBird said:

...Talking to the Bank I was told never allow card details to be stored by the web site as this is a common method used to steal users details.

Some of the larger companies do this automatically with no obvious way of opting out.