Re: Excessive fraud on Chase?

VPExecutive · ‎07-01-2020

@wasCB14 wrote:
@blindambition wrote:
@Revelate wrote:

That is absurdly unlikely.

Every access to that information is tracked these days, people would be caught and summarily made public example of. Banks simply do not F around with their internal controls and monitoring anymore at least on that front.
I agree with this. Working at Verizon and having high profile clients, that system was Ft Knox. A digital footprint with every action and keystroke. Very easy to track internal issues.
It is a stretch. Merchant breaches are common and not always detected or reported. We might just be in the statistical tail of very frequent fraud involving one bank. It just seems odd that our cards with other banks wouldn't be affected as often.

But some others have reported cards being compromised "internally" at Chase.

I haven't heard about too many breaches about merchants that have switched to EMV. The last one I've heard about is Wendy's (but they weren't EMV compliant at the time, and weren't planning on installing and using EMV readers).

wasCB14 · ‎07-03-2020

8 days ago, my mother noticed two unauthorized charges (online shopping, about $200 each) on her Chase Freedom. She called Chase immediately and reported both transactions as fraudulent. Chase changed the account number, sent her a new card, and removed one of the two transactions.

But 8 days later, the second unauthorized charge remains. She has called Chase 3 times at this point about it. Every time, they say the charge will be removed in 48 hours.

I thought it might be good to switch to written communications so she'd have a paper trail and Chase reps might be more attentive. Calling Chase doesn't seem to be very effective. Yet when I explore the Chase website, the "Dispute transaction" says to call if it is unauthorized. The "secure message" feature says it can take them a week to respond, and to call if there is an unauthorized transaction.

She doesn't have a smartphone, so calling and recording the conversation isn't easy for her. Thoughts? What to do when Chase simply isn't doing anything about the second transaction? Contact the Executive Office even if there is no paper trail provided?

Personal spend: Amex Gold, Amex Schwab Plat., BofA PR+CCR(x2), Costco
Business use: Amex Bus. Plat., BBP, Lowes Amex AU, CFU AU
Perks: Delta Plat., United Explorer, IHG49, Hyatt, "Old SPG"
Mostly SD: Freedom Flex, Freedom, Arrival
Upgrade/Downgrade games: ED, BCE
SUB chasing: AA Platinum Select

Anonymous · ‎07-28-2020

They didn't report internal fraud at Chase, they reported their own short sided conclusions

adelphi_sky · ‎07-28-2020

We had fraud charges two months ago. Chase probably got hacked and they sold the number on the dark web.

wasCB14 · ‎07-28-2020

This most recent round of fraud on DM's card was resolved by her making an appointment and going into a branch. No definitive word on whether she will close the card.

Personal spend: Amex Gold, Amex Schwab Plat., BofA PR+CCR(x2), Costco
Business use: Amex Bus. Plat., BBP, Lowes Amex AU, CFU AU
Perks: Delta Plat., United Explorer, IHG49, Hyatt, "Old SPG"
Mostly SD: Freedom Flex, Freedom, Arrival
Upgrade/Downgrade games: ED, BCE
SUB chasing: AA Platinum Select

Anonymous · ‎07-29-2020

@blindambition wrote:
@Anonymous wrote:
@Aim_High wrote:
@Anonymous wrote:
My wife and I eat out a lot. Our Reserve card number gets stollen periodically. In the US, restaurants are a big source of stollen card numbers.
^ ^ ^ This ... I think is part of the problem. My CSR has gotten a lot of restaurant swipes without compromise in two years (knock-on-wood) but I'm pretty sure it happened on some other cards in restaurants. Some restaurant servers can make copies of the card after they take it at a sit-down restaurant. It's so easy to do today with smart phones and electronic payments too. It was harder when someone had to take physical rubbings of a credit card and before it became so easy to put payment information into a computer instead of with a physical card.
This is something I didn't really think about much, but your post has made me rethink handing my card over now, it's just to easy it is in today's world. I guess since I feel that between big brother is always watching and other servers etc., that this would happen less in places like that. If only you could have a card without any numbers at all, it might help.
There is a card with no numbers, the AppleCard. You can also change the number instantly if compromised. The rewards are awful for dining. Unless using ApplePay.

Changing the number only changes the main account number. It does nothing to change the number on the physical card, which would be impossible to do without manufacturing a new card (this information is embedded in the mag strip and chip). So despite having no number printed on the card, it's still susceptible to the same "skimming" techniques you'd see at gas stations etc. And you'd still need a physical card replacement to stop fraud if that number is compromised.

sammydavidjr · ‎07-29-2020

@adelphi_sky wrote:
We had fraud charges two months ago. Chase probably got hacked and they sold the number on the dark web.

It's unlikely that the credit card numbers were stolen by hacking Chase. While card numbers can and are at times stolen directly from the issuer, that is not the weakest point in the payments system. Cards usually get stolen in the following ways:
- Card skimming: the card's magnetic stripe contains all the basic information needed to process an in-person charge (accout number, expiration date, card code), plus the name of the holder. All it takes is a bent waiter or a doctored reader at a gas station and the data is stolen. The one thing that is not in the stripe but that is needed to process a credit card charge online (a "card-not-present" transaction) is the ZIP code.
- Phishing emails and calls. A lot of users inadvertently give away their card info to scammers. There is almost no limit to what social engineering can accomplish.
- Online malware and hacking. Infected computers, public wi-fi hotspots: there are countless ways to leak a card number while going about our daily lives.
- Merchant hacks: sometimes large databases are breached and piles of credit cards are lost. But this happens more commonly with merchants that store the information than with actual banks (remember target?).

While banks aren't infallible (CapitalOne, for instance, suffered a massive breach a couple years ago) they do tend to have more effective security than merchants. And -- when banks are hacked -- credit card data isn't always what the hackers look for/find: a stolen credit card number has a shelf life of a few days and is worth on average a few dollars. A stolen social security number is worth a lot more because social security numbers can't be reissued like a credit card. Hackers can sit on stolen SSN's for years: they can wait for all those "one year of free credit monitoring" given to consumers to expire, and then begin to use the stolen identities. And if the stolen social security number is part of a package (with name, last name, date and place of birth) it can be worth thousands of dollars! Also high on the list of things crooks like better than cards: bank account numbers and routing codes.

Excessive fraud on Chase?

Get your FICO® Score for free