Received a phone call from my bank this morning wanting me to confirm if I made an online purchase - value of a little over £1000. I made no such purchase and am in the process of dealing with the online organisation to cancel the order and get my money back. So not only are we dealing with Covid, but also scumbags hacking into online accounts and trying to commit fraud. I have made online purchases through this organisation but nowhere near the value stated above. The people I'm dealing with are courteous and trying their best to help me. This is the first time I've experienced anything like this. I appreciate that organisations try to maintain online security however, this has really freaked me out. So my question is; just how secure is online purchasing? What are your thoughts?
If the bank called you, it should mean that they've intercepted the transaction and you should not have been charged. It just depends how you pay for stuff. No retailer should hold your card details. These are processed by the payment processor (e.g. Sagepay, Worldpay, Stripe etc). These organisations are pretty secure. The retailer never gets to see your card details. If you use Paypal to pay, then your Paypal account can be hacked, or more accurately, phised. Someone gets your email address and password from somewhere and they use that to access your Paypal account. Often, this is because people use the same password everywhere, so if they get your password from one source, they will use it to try and access the most commonly used sites, e.g. ebay, Amazon, Paypal. You should either use a unique password, or set up two-factor authentication. No human being could possibly remember a bunch of different passwords, so using a password manager like LastPass can generate and store unique passwords for you.
Update: It was a total scam. I contacted my bank and they confirmed my account was defrauded. The bank reimbursed my money so all ends well. The bank explained how I was suckered into the scam. I was shocked to say the least. Anyway, huge lesson learnt and hopefully I will never fall into that trap again. Beware of the fraudsters!
I don't know if this is needless and condescending in regards to online OPSEC but you can get a five device, year license of Bitedefender Total Security for a much lower price on Ebay. It has lasted me over 200 days without the key invalidating and they come from legitimate sources... If you use each element it offers (like SafePay for example) you should never have too many worries; works on mobile too.
It appeared to be genuine however, it turned out not to be. I was conned hook, line and sinker by the fraudsters.
Yeah, just be careful if you receive a call from a bank. They never ask you to confirm account details or PINs. Always call them back on a known number (but there's also a scam where they can hold the line open and make it appear like you've been connected). It's far too easy to spoof a number these days.
I don't deal with incoming calls from anywhere, I often tell them that they are scammers and hang up. I'm over 65 and live in the USA, I get calls claiming to be Social Security telling me that my number has been involved in some sort of fraud, I always tell them that they are frauds and hang up. SS never calls us, they send mail, or listen when we call.
Thanks for your post, really appreciate it. I've learnt a huge lesson from this experience and will do everything I can not to get caught up in a scam again.
If possible call the bank at a known number using a different phone or device that has a different number.
The timing of this thread is strange. I've just noticed two unknown transactions in my account. Wut. First time this has happened to me. Looks like it's time for a format.