PBP2011 - (likely) stolen credit card details used for registration

[AndyH]

The only scenario I could think of was insuring a stolen car.

Probably some stupidly fast chavvy Honda Civic.

















 

[simonp]

Found online with a little googling:

"In fact, Mr Ewen explains that "people can go online and use a stolen credit card to set up a policy under a fake name for a car whose registration they have invented and the minute that is accepted they can claim against that vehicle. The insurer may go back to them and say the vehicle doesn't exist and they can say 'that's your problem, you have written the policy and I was hit by that car'.

Read more: http://www.postonline.co.uk/post/analysis/1558537/a-brighter#ixzz1jC9TbXKK
”

Though I would have thought the insurers should be doing some basic checks on ownership etc these days?

[Paul D]

The only scenario I could think of was insuring a stolen car.

Probably some stupidly fast chavvy Honda Civic.

Being driven like its stolen through a Dorset village near you.

[GraemeMcC]

Found online with a little googling:

"In fact, Mr Ewen explains that "people can go online and use a stolen credit card to set up a policy under a fake name for a car whose registration they have invented and the minute that is accepted they can claim against that vehicle. The insurer may go back to them and say the vehicle doesn't exist and they can say 'that's your problem, you have written the policy and I was hit by that car'...”
Though I would have thought the insurers should be doing some basic checks on ownership etc these days?

Bloomin' 'eck! No wonder my car insurance premiums have just gone thru' the roof. 
Having turned 50 yrs of ancien-ness, I was expecting premium reductions, not the jump from £400 to £700 that I was quoted for my old Honda Accord chav-mobile. (Ditched the broker and got it down to £500 thru' being confused-dot-com).
(Any Chav's out there wanting to buy a cheap X-plater with 139K on the clock for about £500 - need to act v. quick. Auto-emocion awaits me on S(e)at-urday. )

[Grandad]

Some people have a card that is only used for particular transactions, particularly online ones.  I might take this path

Have done that since my first ever internet purchase.

[border-rider]

Somewhat surprised that everyone did not take this action rather than wait for a call from the card provider..

There's no real benefit in doing that; if the credit card is abused then you can quickly stop it when that happens and get a new one, and it takes no longer than doing it pre-emptively. And since it's not clear that everyone's card is going to be affected there may be no need to do anything at all. If you used a debit card then OK, pre-emptive action might be wise.

Some people have a card that is only used for particular transactions, particularly online ones.  I might take this path.

It's prompted me to get round to filling in that application for a Waitrose credit card in addition to me usual one, then at least I'll have 2 (which is finer 'til; I lose my wallet) 

My experience over the years, BTW,  has been that my card has been cloned/copied several times in hotels, restaurants & once in a petrol station, and only once (this time) have I had any trouble with an online transaction.

[simonp]

Just a word of warning to the unwary - Simon's link above really is as very work-unsafe and probably illegal as it sounds.

Sorry, wasn't my intention to create a link. Forum SW did that. I've deleted it.

[Paul Rainbow]

Well today was my turn for a bogus transaction on my credit card, a purchase made for an apple product on the same card I used for PBP registration.

Card company rang and said the transaction was declined anyway and have canceled the card

Could it be coincidence or just I was next on the very long list of details they are working through?

[MattH]

Same here - £1 Apple test purchase declined by my card company, card now cancelled.

[toontra]

....... or just I was next on the very long list of details they are working through?

^That^ 

It's been pretty clear for weeks that the cards used with Klik&Pay for PBP registration/extras have all been hacked.  Just because you weren't hit in December doesn't mean you've got away with it.  Any and all cards used are vulnerable and it really would be easier to cancel now rather than have to go through all the bother of being hacked, speaking to the bank, sorting out the fraudulent payments from the legit ones, etc. 

It also means the scumbags don't get away with any money, whether the bank cover it or not.  It's the principle.

[border-rider]

It's been pretty clear for weeks that the cards used with Klik&Pay for PBP registration/extras have all been hacked.

How do you know that ?

[AndyH]

My experience over the years, BTW,  has been that my card has been cloned/copied several times in hotels, restaurants & once in a petrol station, and only once (this time) have I had any trouble with an online transaction.

That mirrors my experience

It's been pretty clear for weeks that the cards used with Klik&Pay for PBP registration/extras have all been hacked.

How do you know that ?

Isn't it becoming a more than reasonable assumption?

[border-rider]

Dunno, that's why I was asking.

400 or so UK entrants; how many people do we know have had problems ?

[teethgrinder]

Seems like a very reasonable assumption to me.
It's the first time I've had any trouble. I often book hotels on line and buy things on line. Enter events, not just cycling events and book tickets for entertainment and travel.
A bit of a coincidence, that the only time I've had trouble was when I entered an event which many others have who also had trouble.


400 or so entrants. Not everyone has had trouble, but maybe many more will. How many have had trouble? I don't know. Not everyone uses YACF. Not everyone on YACF will fess up or possibly even know about or bother to read this thread.

[border-rider]

I just question the wisdom of making such a definitive statement in public without the data to back it up, for reasons that I hope are apparent but which I'm not  sufficiently stupid to state explicitly.

[Nonsteeler]

Just for the record, I've been hit by this, too. Again it appears very likely the fraud is directly connected to my PBB entry as I don't use 'proper' credit cards online apart from when there is no other option. In 2011, the card was only used for PBP and for hiring a car, twice. I got the call from the bank a week before Christmas.

[toontra]

How do you know that ?

If that's a serious question and you really want to know the answer, go back read the thread from the start thread.  On page 1 (early December) I explained why I was almost certain it was a Klic&Pay issue at that early stage.  Every subsequent victim (from all over the world!!!) made me personally 100% sure by mid-December.

Or maybe you are just being rhetorically rude, in which case don't bother.  Are you really more concerned about possible defamation of a company who have probably allowed their system to be hacked than you are about the welfare of your fellow audaxers?

[border-rider]

It was perfectly serious question.

I agree that it's likely Klic'n'pay; my question was the basis for the statement that everyone was going to be hit

I am not remotely concerned about defamation. I am concerned about fellow audaxers

[toontra]

I agree that it's likely Klic'n'pay; my question was the basis for the statement that everyone was going to be hit

But I didn't say that.  I actually said:  "Any and all cards used are vulnerable..."

I really think you should have read the whole thread and my post you quoted in particular before quipping in.  You input isn't adding to the thread, which is actually about safeguarding audaxers and their banks from being ripped off and trying to do something to prevent it if possible in a timely manner - not semantics.

[border-rider]

you actually said that  the cards used with Klik&Pay for PBP registration/extras have all been hacked, which is rather different from them all being vulnerable. There is rather more to that distinction than semantics.

I really think you should have read the whole thread

You know, I did.

You input isn't adding to the thread

Did you read my PM explaining my concerns ?

I'm not sure what I've done to deserve this sustained attack by the way 

[Von Broad]

Same here - £1 Apple test purchase declined by my card company, card now cancelled.

Just as a slight side issue, what I don't understand is this: on what basis will a CC company decline a transaction of a small sum. If the fraudster has the car number then how does the CC company know it is likely fraudulent and not the genuine you that is making the purchase?. Large transactions and those made abroad without prior warning I can understand, because they go against your profile. But smaller amounts you would think would pass through undetected, provided they have all the right information of course.

In my case it was a debit card and the bank let the first two payments go through, £30 and £281, it was only when things got obviously crazy that they stepped in. [Not that I'm complaining, I was grateful they were more attentive than I was about my own money!].

[toontra]

you actually said that  the cards used with Klik&Pay for PBP registration/extras have all been hacked, which is rather different from them all being vulnerable. There is rather more to that distinction than semantics.

You are conflating two things.  I said: "It's been pretty clear for weeks that the cards used with Klik&Pay for PBP registration/extras have all been hacked".  That is my reasoned opinion and based on the information contained in this thread (and other places) and personal experience.

I then said: "Any and all cards used are vulnerable...".

I'm wondering how you go from those two statements to: "...my question was the basis for the statement that everyone was going to be hit".

There is a big difference in implication and I can't think for the life of me why you would want to mis-interpret me and add confusion.  Maybe you can explain and we can all relax.  In plain English, a card can be hacked without the victim losing a dime - but they are undoubtedly extremely vulnerable to fraud.  I don't know how I can make it clearer.

If my post was alarmist then that was it's intention.  Several new victims are posting almost daily.  It really think it's time people took action rather than passively waiting.  My bank lost several hundred £.  Maybe other people's banks can be protected from the same fate.

[Hot Flatus]

[toontra]

Hope you're keeping score 

[border-rider]

I'm still struggling to understand why I had my head bitten off.

Ok: if all the cards have been hacked (i.e their details have been extracted from K&P & sold on) then they're all going to be hit. I don't think we know that (yet).  I was merely questioning how you know that the details of all the cards used for PBP have been stolen.