cc fraud alert, contacting bank, getting replacement -- some questions

One of my infrequently used credit cards was compromised, apparently thieves search for cards with no recent activity, thinking the owner "forgot" to cancel the card and won't notice.

I had to replace credit cards while traveling a couple of years ago, I just bit the bullet and called the area code number. My Italian SIM card charged less than one euro per minute.

In my experience, FedEx can take up to five days to get the new card to you. Perhaps your host can use his/her address? "Presso" = "in care of" in Italy, don't know what country you are in.

AT&T USA Direct and AT&T Wireless are under the same umbrella, but otherwise are completely different. That's why you're not getting accurate information about it - it's not at all related to cell phones.

What you need to do is find a land line, and use AT&T USA Direct to make a collect call. You use a local access number that is free from a land line in that country; you get an English speaking operator, and you have them place the collect call to your credit card's non-800 number.

The AT&T USA Direct number for Spain is 900-99-0011. At least in 2006 when I had to use it, the system worked fine!

Here's a PDF with full details: https://www.att.com/media/att/2012/support/pdf/USADirectTravel-AccessCodes.pdf

Good Luck!

Furthermore, you have to receive the four number code in a separate mailing. One of our kids handled it for us: activating, changing pass-code, and "overnight " post which took a week. Our CU had had a breach--all accounts affected.

Edit: as for phoning, at least for credit cards, we were given a worldwide number that patched us through to the US card center, which in turn patched us through to our CU. To call directly, I used the local number, not the 800, on skype.

Q 1. You cannot call "800" numbers from foreign countries - toll-free calling is not a worldwide service. That's the issue - not calling from cell phones. When I call the CC people to tell them I will be traveling abroad, I always ask them for a non-800 number to call if there is a problem. I've had to do that twice, and ate the cost.

Q2 wouldn't be ATT's fault. See Q1.

Nobody can make this painless.

The call experience doesn't surprise me (especially with B of A, I used to work for them, and AT&T, I used to have my cell with them). I'd say pursuing reimbursement probably won't work, but as long as you don't invest too much time, it's worth a shot.

I've never been through your scenario (yet) but canceling the card in response to a fraudulent charge is routine. The way fraud works these days, the Legoland Seattle purchase could be directly related to someone stealing your information in Paris or not, these things are international now and the time frame of the fraud may or may not be a good indicator.

Getting a replacement card is very difficult because most banks, to combat fraud, only want to send a new card to your home of record on their system. I've run into that when getting a new card on an existing account while I was moving. It's especially difficult when you're traveling and a moving target for receiving mail. I'm not sure of the best answer other than to pick a place ahead on your itinerary where they can send it when you will be there - if you can get them to do it AND coordinate with the place so they hold it for you. Having someone at home is nice but it requires the same work to get it somewhere you can receive it.

The way I deal with the possibility is to bring at least two of each (I bring five cards now). I have two debit cards from the same bank but different accounts. If one has to be canceled, I can transfer money to the other account and use the other card. For credit cards, I bring a back up (plus an American Express specifically for their car rental insurance). The credit cards are completely different accounts, don't bring a second card (credit or debit) for the same account, they won't work either when the account is frozen. I keep a debit and credit card with me, and keep a back up of each wherever I think is the safest place (my room, neck wallet, locker) at that time. The Amex is kept with the back ups and only used to rent cars.

I travel solo, so if something is compromised financially I'd really be in a bind. Like most of us here, I take a debit card in case I need cash, and that along with my spare credit card spends the trip in my belt-loop pouch. My other card is in my purse. With 3 ways to get cash if needed I feel I'm covered. 6 weeks prior to my recent trip my debit card was compromised--Chase caught the online activity immediately and cancelled my card and sent me a new one. This, of course, started a bit of paranoid thinking--what if that had happened (like it did to you) while I was in Europe? I didn't want to change my wallet or purse so instead got the RFID blocking sleeves for my debit and credit cards. It's hard to say how cards are compromised, can be done by someone with a device, skimmed off a card reader, used by an unscrupulous employee if given over the phone, etc.

As for the call, I would hope BofA would reimburse, but probably wouldn't make a big deal of it, personally. My cards all give a toll-free number to use abroad for such circumstances and I have that programmed in my phone.

Legoland is an odd choice for a fraudster. Were you in Seattle before your trip, on your way between Hawaii and Europe?

We have found B of A to be very proactive with fraud alerts on our VISA card. Sometimes they are legit, sometimes not. My husband's card has twice been compromised after he handed it to a waiter to pay a restaurant bill here in Seattle. But we have also received fraud alerts when what BofA deemed an "unusual spending pattern" was detected, although they actually were our charges.

Fortunately we have been home when the frauds accrued, so we were able to get a new card quickly.

But last May in London, my husband lost a different card, his USAA card with a chip and PIN ( he was distracted and left it in the card reader at the grocery store). When he realized the loss we went back and recovered the card, but some employee had used it in the meantime. A call to USAA ( with his iPhone on AT&T) quickly solved the problem. They sent a replacement card to our apartment by FedEx and we had it two days later. The apartment was in a building with a concierge, so they had no issue with sending it to our address.

I've twice lost a credit card in Europe, once to a pickpocket and once through carelessly leaving the card in a vending machine. The first time, nothing could be done. My card issuers say it takes something like 10 business days to get a card to a European address; they obviously are not willing to use one of the Express services. The second time I was lucky: I was going to be looping back through the same city about 2 weeks later and had already arranged to return to the same hotel. The hotel was willing to hold the mail for me, and it all worked out fine. But there was a lot if luck involved, and I would suggest that travelers assume that any cards lost, stolen or compromised will not be replaced until after they return home.

Given Lola's story of a card compromised after use at a Seattle restaurant, I am also curious if you spent time in Seattle before going to Europe.

Wow. Thanks for all the good info and shared empathy.

After a nice day at the sunny beach and some good paella (& wine) the cost of the calls doesn't seem as dire, given that it's far less than the fraud amount that was blocked. (But I am still miffed since I believe we're overly-prepared travelers and this one caught us by surprise. It's a kick in the gut!)

Lola & Sasha - You are correct. Seattle would have been odd perhaps. Except that we live in the Seattle area half the year and had been back in WA since late May. OTOH the other (tester?) charge was for a small sum in Tenn., and we've not been there in a decade. Both charges were "out of pattern" because we'd registered detailed country lists with all cards for the travel period so the cc folks knew we were not in the US at that time, and they said these were physical charges, not phone or online.

Harold - Thanks for the explanation of what AT&T USA Direct is. Find a land line. Hmmm... That gives me something to watch for on our walks. Could be worth a try just for practice.

Christa - I'd forgotten about things like RFID blocking sleeves. I need to look into that. I'm sure we've not been anywhere that a skimmer could have been on any machine we've used but a proximity device? Another "Hmmm..." BTW, take a look at that "toll-free number to use abroad" on the back of your card. That's what I had thought I had (and, yes, programmed into my phone). But it's not a "toll free number" (as was pointed out above - no such critter). It's a number to "call collect."

And on that topic, doesn't Kaiser say to call them collect if needed from overseas? Another reason for a test run.

It's hard to imagine that the 'compromise' happened in Europe. More likely to have been here, had it been further into the trip. But before the alert we'd only been: 'bums on the plane' for the long flight, an overnight at a CDG IBIS (where the bill was prepaid on a different card), a couple of meals (where a human never touched the card - all chip, insert at cashier), then a short flight to Spain. Lots of crush at the airports and on the airport trains and Valencia metro. So only proximity grabs seem likely for this short time. In the US the card was only used at Denny's & Elmers before the trip (quality diners, us!). And at the SEATAC Red Roof Inn for the night before departure. So that aspect is still a mystery.

Apparently (& thank goodness) it wasn't the account that was locked down, just DH's card. My cc (& the 2 debit cards) on the account all still work. The tips about mixing up those combinations (cards & accounts) for better coverage (protection) are some things to work on for future trips.

BofA did say that they could get a new card out in 2 days, but that they could not (understandably) say if it would be held up once out of the US. Had this been the only (or one of a few) then we might have tried some scheme for delivery at an upcoming host. In the end the thought of the new card floating around internationally, trying to catch us, seemed more risk than value. And I'd not factored in the separate matter of that 4-digit code sent in a separate mailing.

Lots to ponder.

I did a bit of reading on the subject of RFID blocking. Here is an article that presents an alternate view of the concerns:

http://www.infoworld.com/article/3023422/security/why-you-dont-need-an-rfid-blocking-wallet.html

Keri--Actually, I realize I was mistaken re the toll-free number on my card--the one I programmed for use internationally was from the bank/card company websites, not an 800 or 888. If that didn't work you'd better believe I'd be calling ALL the numbers without a concern for the cost! I have taken to never using my debit card on any terminal that's outside, like the gas station, and rarely use the ATM for cash, prefer to get it when I shop. My card was used at 2 online retailers, not absurd amounts ($200-300) so I figure what triggered the fraud alert was a lack of my 3 digit security code, or some other key info. Constant vigilance seems to be our only option against all forms of thievery, alas.

keri,

I'm a bit late getting into the discussion, but I wanted to mention a few things based on my experiences in dealing with credit card issues while abroad. I've been travelling with a cell phone for many years, and this has really been valuable on a few occasions.

Toll free numbers generally don't work from Europe (there may be some exceptions). All credit cards provide a "regular" number on the back of the card, with the instructions to "call collect." I've found that trying to make a collect call from Europe is a frustrating and futile exercise. The easiest solution is simply to call the regular number and just accept the long distance charges. On one occasion while in Greece, I was on the phone with a credit card firm in Canada for 15-20 minutes and the call was surprisingly not that much.

As you've already noted, it's prudent to have several credit and ATM cards, so that you have a backup if one card is compromised. I also make sure that I have a list of credit card numbers, phone numbers to call and other details in case a card is stolen or lost. There are a variety of ways this information can be kept in a secure manner during travels.

Enjoy the rest of your holiday!

Here is the toll free Visa number I was given 17 years ago to use from France: 0800-90-20-33-59-39. This gave me an international Visa call center which could either handle the problem or patch me through to my CU call center. As you can see, it's an European number, not NA. I last used it about 5 years ago. It would be good if people overseas could try it and see if it still works.

Keri---when you paid at Denny's and Emer's, did you pay at the register? I seem to recall that is how you pay there. But if your husband gave your card to waitstaff to process, that could have been the place it was compromised. As I mentioned above, that happened twice to my husband's BofA card---once after dinner at Salty's in Redondo Beach, and again after dinner at a trendy place on First Ave. whose name I have forgotten. We know this because we somselfom go out to dinner at home---like twice a year at most--- and both times the fraud started within hours after our dining experience. My husband does not do any online shopping (I am the one who takes care of that) and otherwise only uses his card for in-person transactions like groceries, hotels, etc. where the card does not leave his sight.

Or maybe Red Roof Inn? Most hotels and motels run the card the night before just to test a transaction, and maybe the number and details are available to an employee with inside access after that. Just guessing here, but perhaps it is possible.

Another thought---did you by any chance visit Seattle Center in the days before your departure? Legoland is at the Science Center. . . .

After an incident, we were told by police that all thieves need to do is take a photo of the front and back of your card (on their phone) and they can send the information anywhere in the world to create a duplicate card. In this case, they suspected a restaurant employee.

On recent trip to UK, we were told it was against the law for restaurant servers to take you card out of your sight, therefore why they have those handheld card-readers and process payment at the table. Another good idea, the US is not ready for.

FYI, there is a workaround for calling 800 numbers from Europe. If you have a Skype account, an Internet connection, and some credit, you can use Skype to call that number from anywhere in the world.