Jump to content
House Price Crash Forum
Sign in to follow this  
US Citizen

Internet Fraud - Card Companies Saying "enough"

Recommended Posts

I have a Gold Mastercard which I use for all my online purchases. I use it because it is seperate to my current account and I am covered for fraud as long from £49 - £5,000.

However, credit card companies are using the "Reasonable Care" clause which helps them get out of re-imbusing you should you get scammed on the web.

Card companies are saying enough is enough, why should we pay out, because you cant be bothered to do checks on the companies and websites your dealing with.

The Financial Ombudsman agrees, that reasonable care should be taken by consumers and at the moment it is not, because consumers automatically think they are covered.

You will be expected to follow the "Reasonable Care" guidelines if you expect to be able to make a claim :

Did the company have contact details and did you verify them.

How long has the site been trading and did you even bother to check

Did the site display any trust logos

etc etc etc

If you fail any one of these pre-requisites, you could be nursing your own losses.

This isnt some idea that is being thoughtout, this is in practice today and 50% off all claims are subsequently been rejected since 30 June 2009.

Share this post


Link to post
Share on other sites
I have a Gold Mastercard which I use for all my online purchases. I use it because it is seperate to my current account and I am covered for fraud as long from £49 - £5,000.

However, credit card companies are using the "Reasonable Care" clause which helps them get out of re-imbusing you should you get scammed on the web.

Card companies are saying enough is enough, why should we pay out, because you cant be bothered to do checks on the companies and websites your dealing with.

The Financial Ombudsman agrees, that reasonable care should be taken by consumers and at the moment it is not, because consumers automatically think they are covered.

You will be expected to follow the "Reasonable Care" guidelines if you expect to be able to make a claim :

Did the company have contact details and did you verify them.

How long has the site been trading and did you even bother to check

Did the site display any trust logos

etc etc etc

If you fail any one of these pre-requisites, you could be nursing your own losses.

This isnt some idea that is being thoughtout, this is in practice today and 50% off all claims are subsequently been rejected since 30 June 2009.

You could turn this round and question what checks they have done before allowing transactions to be processed through their systems.

Share this post


Link to post
Share on other sites
This isnt some idea that is being thoughtout, this is in practice today and 50% off all claims are subsequently been rejected since 30 June 2009.

Do you (or anyone) have a first-hand experience of this?

I thought the law was that both the retailer and the CC company were responsible for any transaction (with some minimum and maximum). Has this changed? The OFT don't see to know about it if so: http://www.oft.gov.uk/advice_and_resources...equal-liability (NB: just be clear, this applies to CCs but not charge or debit cards)

Share this post


Link to post
Share on other sites
The big up-and-coming fraud vehicle is likely to be the phishers playground "verified by visa".

Ben Laurie is possibly Britain's #1 cybersecurity expert. His take on it is at http://www.links.org/?p=591

indeed, without reading the article, the scam is obvious.

you make a purchase on a scam site, then you are transferred to the "Visa Verifying site" and the questions begin.

scammers have your details, and bobs your uncle.

remember, no more than normal 3 or 4 numbers in, If you "got it wrong" and more boxes come up...sign off immediately.

Share this post


Link to post
Share on other sites

I don't see why you can't use a Paypal account or a pre-paid debit card for interwebby purchases.

If you are buying from a co.uk site perhaps worth checking the WHOIS and looking for who the registrant is. If they have hidden their details using the WHOIS opt out, then avoid.

Edited by HostPaul TAFKA Rover2000

Share this post


Link to post
Share on other sites

I'll normaly chaeck 'whois' for a registration date'- but I think if people do get the idea that they will be held responsible for internet lossess this will kill a lot of web trade, and also online banking ect.

It makes me laugh when coporations worth millions demand that joe public become experts in online security- a total joke.

Why don't they all get together and set up a spyware/antivirus system, give it away free to their customers and then insist it be installed on users machines? The cost of this would surely be much less than eating all the losses they get from fraud?

Share this post


Link to post
Share on other sites
I'll normaly chaeck 'whois' for a registration date'- but I think if people do get the idea that they will be held responsible for internet lossess this will kill a lot of web trade, and also online banking ect.

It makes me laugh when coporations worth millions demand that joe public become experts in online security- a total joke.

Why don't they all get together and set up a spyware/antivirus system, give it away free to their customers and then insist it be installed on users machines? The cost of this would surely be much less than eating all the losses they get from fraud?

Don't get me started on PCI compliance...

Share this post


Link to post
Share on other sites

was there not some controversy that some of the trust logos organisations make scant checks for some levels of trust before allowing their logo to be used on a web page?

Share this post


Link to post
Share on other sites
I don't see why you can't use a Paypal account or a pre-paid debit card for interwebby purchases.

If you are buying from a co.uk site perhaps worth checking the WHOIS and looking for who the registrant is. If they have hidden their details using the WHOIS opt out, then avoid.

You use anything except a credit card, and pay for something. That product doesn't arrive, you lose. I have a mate who paid £600 odd for some alloy wheels off of Ebay, used a shonky (i.e. any) non-credit card protected payment and never got the product. The guy obviously got the money. Now I'd never use anything except for a credit card for any online payment for this reason. You have no protection. The police? :lol::lol::lol: It is irrelevent to them, not worth the bother. And my friend was a friend of a relation of the chief of police. They simply don't care. They are not paid to solve petty crime (unless it satisfies targets obviously). I could turn crook and feel safe that as long as my theft was small enough each time (say £1k per hit x 100 hits per year to live off of) if I were unscrupulous, that is. You can make a killing. Simply offer up non-existant crap on Ebay, persuade your victim to use anything except a credit card, and collect. Payday. Paypal? They are useless, they have no public relation concerns, you'll be on your own, mate. Website registrants are irrelevent, they never took your money. Perhaps they are legit, perhaps not. Go by how long the site has stood, perhaps run them by archive.org to see how long their site has existed. Still, it's unlikely to be the site owner who will steal from you! The only reason I have a credit card is to buy stuff online. That is it's only sensible use. You take away the protection, you take away the predominant requirement of credit cards to exist, they become pointless.

Share this post


Link to post
Share on other sites
indeed, without reading the article, the scam is obvious.

you make a purchase on a scam site, then you are transferred to the "Visa Verifying site" and the questions begin.

scammers have your details, and bobs your uncle.

remember, no more than normal 3 or 4 numbers in, If you "got it wrong" and more boxes come up...sign off immediately.

Verified by visa should be relatively OK provided you MAKE SURE THEY GIVE YOU YOUR SECRET PHRASE.

Basically at setup you give them a codephrase that only you and them know, so if you see it, you know it's from them.

There may be ways to game it but I suspect victims of any verified by visa scam faile to check for their codephrase.

Share this post


Link to post
Share on other sites

I'm sure that some time ago an Irish Bank came up with the idea of a temporary, limited credit card for internet use.

You topped the temporary card up with the exact amount needed from your base card and made your purchase. The minute you'd made your purchase, you'd reached your limit and the card was no longer any good.

When you needed something else, you just ordered another temporary card....

Maybe I was p1ssed and made it up.... :rolleyes:

Share this post


Link to post
Share on other sites
Shit, that's some serious overhead to be done on all transactions.

Another way of nobbling online business though and forcing punters back to the shops.

TFH

Not really it just means that brand names have some validity you obviously don't have to check M&S, Halfords, Amazon etc.

If you buy a Sat Nav from "Under the arches GPS Inc" because it is £20 cheaper you probably deserve all you get - you probably wouldn't do that on the high street so why online?

Edited by Greg Bowman

Share this post


Link to post
Share on other sites

I have bought on-line just the once from necessity.

Usually I check it out online then pay by phone. Having first found the site by independent google rather than a link through.

For people who do buy online a lot, particularly small purchases, a good idea is what my friend does. They have a separate credit card for online transactions which has a £100 limit.

Share this post


Link to post
Share on other sites
Verified by visa should be relatively OK provided you MAKE SURE THEY GIVE YOU YOUR SECRET PHRASE.

Basically at setup you give them a codephrase that only you and them know, so if you see it, you know it's from them.

There may be ways to game it but I suspect victims of any verified by visa scam faile to check for their codephrase.

never seen that....but a phisher will ASK you....thats how it works.

Share this post


Link to post
Share on other sites
Verified by visa should be relatively OK provided you MAKE SURE THEY GIVE YOU YOUR SECRET PHRASE.

Basically at setup you give them a codephrase that only you and them know, so if you see it, you know it's from them.

There may be ways to game it but I suspect victims of any verified by visa scam faile to check for their codephrase.

What's a codephrase? Who gave it to me, bearing in mind that with VBV (by phisher-friendly *policy*) I signed up from a merchant's site as an extra hoop to jump through, not at my bank's site as a voluntary action?

When I buy (online or elsewhere), I'm thinking of my purchase. Not my mother's maiden name, my first school, or other such low-security "private" information.

Far less some masonic handshake I've long-since forgotten, and which a phisher could guess with an expectation of being right (or at least credible) in enough cases (from a store's total traffic) to pay handsomely.

I'll check that the site cert is indeed registered to the merchant, and that's more than a non-techie is expected to do. VBV makes that harder, by deliberately embedding wrong-site material and making it "OK" to accept an imposter!

Share this post


Link to post
Share on other sites
You use anything except a credit card, and pay for something. That product doesn't arrive, you lose. I have a mate who paid £600 odd for some alloy wheels off of Ebay, used a shonky (i.e. any) non-credit card protected payment and never got the product. The guy obviously got the money. Now I'd never use anything except for a credit card for any online payment for this reason. You have no protection. The police? :lol::lol::lol: It is irrelevent to them, not worth the bother. And my friend was a friend of a relation of the chief of police. They simply don't care. They are not paid to solve petty crime (unless it satisfies targets obviously). I could turn crook and feel safe that as long as my theft was small enough each time (say £1k per hit x 100 hits per year to live off of) if I were unscrupulous, that is. You can make a killing. Simply offer up non-existant crap on Ebay, persuade your victim to use anything except a credit card, and collect. Payday. Paypal? They are useless, they have no public relation concerns, you'll be on your own, mate. Website registrants are irrelevent, they never took your money. Perhaps they are legit, perhaps not. Go by how long the site has stood, perhaps run them by archive.org to see how long their site has existed. Still, it's unlikely to be the site owner who will steal from you! The only reason I have a credit card is to buy stuff online. That is it's only sensible use. You take away the protection, you take away the predominant requirement of credit cards to exist, they become pointless.

well the fraud on my card must have been their petty crime targets then because they sorted it out and the fraudster was nicked, found guilty and banged up - for petty amounts of card fraud. police 1 __ petty fraudster 0

Share this post


Link to post
Share on other sites
was there not some controversy that some of the trust logos organisations make scant checks for some levels of trust before allowing their logo to be used on a web page?

I can see that ending up a bit like the rating agencies, give us some commission and you get your "trust" certificate for your site no questions asked.

The problem is how hard would it be just to copy the logo and put it on your scam website.

Share this post


Link to post
Share on other sites
I don't see why you can't use a Paypal account or a pre-paid debit card for interwebby purchases.

If you are buying from a co.uk site perhaps worth checking the WHOIS and looking for who the registrant is. If they have hidden their details using the WHOIS opt out, then avoid.

Exactly, this is showing "Reasonable Care" and most people arnt as vigilant as you, me and most posters on this site. They chase the lowest price and when they get stuck (and they will eventually), then they expect their credit card company to pick up the mess.

Share this post


Link to post
Share on other sites
I'll normaly chaeck 'whois' for a registration date'- but I think if people do get the idea that they will be held responsible for internet lossess this will kill a lot of web trade, and also online banking ect.

It makes me laugh when coporations worth millions demand that joe public become experts in online security- a total joke.

Why don't they all get together and set up a spyware/antivirus system, give it away free to their customers and then insist it be installed on users machines? The cost of this would surely be much less than eating all the losses they get from fraud?

Why dont the General Public, just use some common sense and personal responsibility, they would if it was their cash on the line. Thats the point.

Share this post


Link to post
Share on other sites
I'm sure that some time ago an Irish Bank came up with the idea of a temporary, limited credit card for internet use.

You topped the temporary card up with the exact amount needed from your base card and made your purchase. The minute you'd made your purchase, you'd reached your limit and the card was no longer any good.

When you needed something else, you just ordered another temporary card....

Maybe I was p1ssed and made it up.... :rolleyes:

Yes they were/are called Irish Life & Permenant. They do business under the name of 3V (http://www.3vcash.co.uk)

Share this post


Link to post
Share on other sites
well the fraud on my card must have been their petty crime targets then because they sorted it out and the fraudster was nicked, found guilty and banged up - for petty amounts of card fraud. police 1 __ petty fraudster 0

More like Police 1 ~ Petty Fraudster 259142 but well done anyway.

Share this post


Link to post
Share on other sites
Exactly, this is showing "Reasonable Care" and most people arnt as vigilant as you, me and most posters on this site. They chase the lowest price and when they get stuck (and they will eventually), then they expect their credit card company to pick up the mess.

I can see the legit online trading businesses (i.e. the Amazons of this world) putting intense pressure on the card issuers to back down over this stance because, as an earlier poster pointed out, it has the potential to decimate online retail sales as the sheeple get their fingers burnt and decide not to buy online again.

Incidentally, every now and again when I get a phishing email I go to their site (making sure to only 'allow for session' cookies, disable all executables in web pages and running the browser as a restricted user to prevent infections) and enter junk credit card data (i.e. a string of random numbers). I figure that if the scammers attempt to charge cards and get rejected enough times, the card issuer's system will eventually notice and trigger an investigation.

Edited by The Ayatollah Bugheri

Share this post


Link to post
Share on other sites
I can see that ending up a bit like the rating agencies, give us some commission and you get your "trust" certificate for your site no questions asked.

The problem is how hard would it be just to copy the logo and put it on your scam website.

Quite difficult actually. The site certificates are impossible to fake, but the good immitations that look fake would fool someone who was looking for deals too good to be true.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

  • The Prime Minister stated that there were three Brexit options available to the UK:   296 members have voted

    1. 1. Which of the Prime Minister's options would you choose?


      • Leave with the negotiated deal
      • Remain
      • Leave with no deal

    Please sign in or register to vote in this poll. View topic


×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.