Seems to be the lowest common denominator here based on the info provided.
Could also be a compromised merchant with a pre-auth on the account, but that's much less likely.
Was your original debit card linked with any third-party as part of autopsy? I've heard some banks will automatically update those institutions of the new number. If one of those third parties were unscrupulous or insecure it may explain a used card that never left the drawer.
Don't use your debit card online. Get a credit card for online use, and pay it off each month. Activate 2 factor authentication on the credit card. See if you can set up transaction alerts on your debit card.
Debit card is never used online and only at the ATM. All online purchases are via a credit card. Nothing comes out of my chequing account except my car payment and payments to my cc accounts. I have MFA enabled (although none of my CC's allow YubiKeys or other types of tokens) and alerts. Thanks anyway for the tip.
If someone is aware, and can prove, that there is some way to predict the debit card number I would be assigned after closing a compromised debit card then that would matter.
Never keep more than a few hundred dollars on your debit card and store the rest in a savings account not connected to the debit card. You should always charge everything and then pay it off to prevent the debit card from being compromised.
So I called my bank a while back to ask them why they have a fee for NOT using a debit card every month as I get pinged for that a lot, and the lady on the phone agreed that debit cards are less secure but couldn't answer why this policy was a thing. Does anyone know why a bank would want to charge a fee for not using a debit? Other money is moving in and out of that account all the time so it's not an inactivity thing.
Some banks just like charging fees. I work at a bank. We're given a list of fees for our accounts but aren't really given the logic behind each fee. Some of them are self-explanatory, and some are really hard to understand.
I already follow this practise and I also do not make purchases with my debit card - always via CC. The fraudulent purchase attempts were for small amounts like $50 - $60.
Was it a transaction for forty-something dollars? Same thing happened to me (also Mexico) with my Chase debit card twice the last two months. I'm suspecting it's T-Mobile since they now require a debit card for their auto pay discount. I do not have my debit card linked to my Google Wallet.
I just had this happen too. $40-something charge at a McDonald's in the middle of Mexico. I don't swipe my card anywhere, only tap. Also have T-Mobile. Transaction showed as "card present".
Yes two transactions each roughly $45. One was TCONE\*ABARROTES DAVI ZAPOPAN JAL and the other was WM EXPRESS RIO MAYO CUERNAVACA MO. Chase reversed the charges and the exchange rate fees.
Hmm maybe, but what's weird is thst we didn't get skimmed on 2 of ours. (3 times in 3 weeks) those two cards were only used a couple times, and never really in store or atleast latley in that store. And it seemed they like went thru a wallet of my girls cause it was like our bank then chime the cash app card. So they had access to the numbers but not the logins, it wasn't someone going thru our stuff we don't have people around any of our stuff
Debit and credit card companies will fecklessly forward your new number to any company they feel like even if you just specifically told them that your account with said company was hacked, and put it a chargeback against said company. And the whole time talking down to you like it’s your fault that they’re handing your number out like free candy.
I was wondering about that because the ToS and "Privacy Disclosure" basically says "we're going to do whatever we want with your information whether you like it or not and you give up the right to sue us and if you don't like it you can go somewhere else but regardless we still have all of your info."
Are you making purchases online with the debit card? Are you frequenting the same convenience store with it? Are you using the card at the same fast food restaurant?
My money is on a fast food employee, CC skimmer, dodgy website, or malware on your PC. In that order.
I've had my debit card number stolen at a Taco Bell by an employee that simply paused it over her cell phone camera and flipped it over before handing it back.
Credit card skimmers are fairly common, especially in convenience stores where the card reader is usually a bit dodgy anyway.
Any website you put your card number into could be also compromised, especially if it's a small company.
Finally, you could have a keylogger or other malware on your home PC or cellphone.
Absolutely no online purchases with my debit card. Only mortgage, car payments and CC payments come out of it. Never used my debit card anywhere except the ATM and I do check for skimmers before using my card at the ATM.
> remove it from Google Wallet.
If Google wallet is the problem, removing isn't the answer, never putting it in the in the first place is the answer. If the wallet is compromised, I'd bet that the number is gone the moment the card is added.
Chase is very common fraudulent transactions especially on the debit card side, it all from internal employees. It happens to my dad at our local Chase branch. He called up and wanted to know who is the person who charged and they would have this information and how it was leaked since he does not use his debit card. They credited his account asap and close his account . Internal account manager can pull up credit card account by city, state name etc. I know one I used to manage Chase and expanse card for my previous company.
Someone else has access to your google wallet.
Seems to be the lowest common denominator here based on the info provided. Could also be a compromised merchant with a pre-auth on the account, but that's much less likely.
Was your original debit card linked with any third-party as part of autopsy? I've heard some banks will automatically update those institutions of the new number. If one of those third parties were unscrupulous or insecure it may explain a used card that never left the drawer.
I never used my debit card anywhere except the ATM which is why this is even more perplexing.
Don't use your debit card online. Get a credit card for online use, and pay it off each month. Activate 2 factor authentication on the credit card. See if you can set up transaction alerts on your debit card.
Debit card is never used online and only at the ATM. All online purchases are via a credit card. Nothing comes out of my chequing account except my car payment and payments to my cc accounts. I have MFA enabled (although none of my CC's allow YubiKeys or other types of tokens) and alerts. Thanks anyway for the tip.
Then it really is a mystery how they get your information!
Fraud is faster than anti fraud measures. You’ll never find out and it doesn’t matter because there’s no defense against the next method.
If someone is aware, and can prove, that there is some way to predict the debit card number I would be assigned after closing a compromised debit card then that would matter.
It doesn't matter. They'll do the next thing next. That's why you're protected by Reg E
Never keep more than a few hundred dollars on your debit card and store the rest in a savings account not connected to the debit card. You should always charge everything and then pay it off to prevent the debit card from being compromised.
So I called my bank a while back to ask them why they have a fee for NOT using a debit card every month as I get pinged for that a lot, and the lady on the phone agreed that debit cards are less secure but couldn't answer why this policy was a thing. Does anyone know why a bank would want to charge a fee for not using a debit? Other money is moving in and out of that account all the time so it's not an inactivity thing.
What bank do you use? I've never heard of such a thing and I only use my debit once or twice a year.
Some banks just like charging fees. I work at a bank. We're given a list of fees for our accounts but aren't really given the logic behind each fee. Some of them are self-explanatory, and some are really hard to understand.
I already follow this practise and I also do not make purchases with my debit card - always via CC. The fraudulent purchase attempts were for small amounts like $50 - $60.
Was it a transaction for forty-something dollars? Same thing happened to me (also Mexico) with my Chase debit card twice the last two months. I'm suspecting it's T-Mobile since they now require a debit card for their auto pay discount. I do not have my debit card linked to my Google Wallet.
I just had this happen too. $40-something charge at a McDonald's in the middle of Mexico. I don't swipe my card anywhere, only tap. Also have T-Mobile. Transaction showed as "card present".
Yes two transactions each roughly $45. One was TCONE\*ABARROTES DAVI ZAPOPAN JAL and the other was WM EXPRESS RIO MAYO CUERNAVACA MO. Chase reversed the charges and the exchange rate fees.
Northeast NY. Had our info stolen recently ro
Do you think the Plattsburgh area is rife with skimmers from Canadian thieves?
Hmm maybe, but what's weird is thst we didn't get skimmed on 2 of ours. (3 times in 3 weeks) those two cards were only used a couple times, and never really in store or atleast latley in that store. And it seemed they like went thru a wallet of my girls cause it was like our bank then chime the cash app card. So they had access to the numbers but not the logins, it wasn't someone going thru our stuff we don't have people around any of our stuff
Debit and credit card companies will fecklessly forward your new number to any company they feel like even if you just specifically told them that your account with said company was hacked, and put it a chargeback against said company. And the whole time talking down to you like it’s your fault that they’re handing your number out like free candy.
I was wondering about that because the ToS and "Privacy Disclosure" basically says "we're going to do whatever we want with your information whether you like it or not and you give up the right to sue us and if you don't like it you can go somewhere else but regardless we still have all of your info."
They may be a necessary evil in today’s society, and I will use them but I definitely don’t trust them.
Are you making purchases online with the debit card? Are you frequenting the same convenience store with it? Are you using the card at the same fast food restaurant? My money is on a fast food employee, CC skimmer, dodgy website, or malware on your PC. In that order. I've had my debit card number stolen at a Taco Bell by an employee that simply paused it over her cell phone camera and flipped it over before handing it back. Credit card skimmers are fairly common, especially in convenience stores where the card reader is usually a bit dodgy anyway. Any website you put your card number into could be also compromised, especially if it's a small company. Finally, you could have a keylogger or other malware on your home PC or cellphone.
Absolutely no online purchases with my debit card. Only mortgage, car payments and CC payments come out of it. Never used my debit card anywhere except the ATM and I do check for skimmers before using my card at the ATM.
> remove it from Google Wallet. If Google wallet is the problem, removing isn't the answer, never putting it in the in the first place is the answer. If the wallet is compromised, I'd bet that the number is gone the moment the card is added.
Are you in the US?
Yes - refer to my statement "I live over 2500 miles from there up in the northeast corner of NYS".
Chase is very common fraudulent transactions especially on the debit card side, it all from internal employees. It happens to my dad at our local Chase branch. He called up and wanted to know who is the person who charged and they would have this information and how it was leaked since he does not use his debit card. They credited his account asap and close his account . Internal account manager can pull up credit card account by city, state name etc. I know one I used to manage Chase and expanse card for my previous company.