Identity Theft / Unauthorized Charges in the UK

Theft of one's credit card information can happen in all kinds of ways. Once the information is stolen, fake cards are made and used, all over the place. My recent story: I was in Holland in April 2012, and while I was there, my card was "used" at a supermarket in Virginia (I live in New York). Thankfully, I had told my bank (also Chase) I'd be in Holland, so they blocked the charge! The thieves tried twice; when both charges were blocked, that was the last of their attempts. Luckily, my bank didn't block my monthly auto-payments on that account, or my train ticket purchased in New York upon my return. When I got home, I had a message waiting for me on my home phone from the fraud department. I had to cancel the card and have a new one issued, then give this new number to my auto-payment accounts (I kept forgetting about these, so for a few weeks I was getting calls, e-mails, and letters about needing to my information). Again, I never used this card in Virginia, and the card number theft was only picked up so fast because I happened to be in Europe when it occurred. My card was never lost, and it only left my sight in US restaurants, when they take it away to process the charge. It wasn't even used at all in Holland (I used ATM's to get cash; many places in Holland don't even take a US credit card without a chip and pin). How did the thieves get the number? Who knows. But they did - and once they have it, you have to get a new one. So, you should follow Chase's advice - cancel your card and get a new one (they will overnight it if you need it right away). If you've booked anything where you need to show the card used for purchase to pick up the ticket, hold on to the old one; otherwise, shred it.

Sorry you're having trouble. I've not experienced the problem in the UK; only in the US. It happened to me about six months ago with my company card. Just this past week one of my staff had the same problem. In each case we canceled the number and got a new card. That's the best action you can take. My card was used at a Walmart in Florida at the same time I was eating lunch in NYC. I haven't been to Florida in over a year so who knows how the number made its way south. It was the dead of winter so I wish I had been with my card. My staff member was in Kentucky and the card use was in NYC and he hasn't been to NYC in a year. So,card numbers move around and it wouldn't surprise me if they can move globally. Pam

Harold, The answer is within your own post: "My card was never lost, and it only left my sight in US restaurants, when they take it away to process the charge....How did the thieves get the number?" Probably the most common place thieves get your number (besides going through your trash) is in restaurants. Some dishonest waiters carry a "swipe" machine with them to swipe the number for themselves or to communicate it to an accomplice. They then do the legitimate restaurant charge and bring your card back to the table. Opportunity #2 for theft of your c.c. number and signature: At this point you sign the charge slip, leave it on the table for the waiter to pick up, and you leave the restaurant. How do you know that the person who picks up your signed charge slip off the table is your waiter? It could be someone at the next table who wants to steal it, if they get their hands on it before the waiter. This stuff has happened to me so many times, I always pay cash.

Jim, My suspicion is that your phone called was intercepted in some way. Very easy if the B&B owner in St. Andrews was on a cell phone. The email communication would have been much safer, encrypted and harder to intercept. Another possibility is that the owner of the B&B in St. Andrews wrote your information down on a piece of paper as you gave it to him over the phone. He then entered the information into his system and possibly threw the piece of paper into the trash; the number one place security experts say thieves get your credit card numbers and personal information. But there is no real way to know for sure how this happened.

@Rebecca, "My suspicion is that your phone called was intercepted in some way. Very easy if the B&B owner in St. Andrews was on a cell phone." Actually, Cell phone signals are not that easy to intercept. That used to be a problem with the older AMPS analog phones (I know that as I had the capability to listen to them), but the newer digital models are encrypted. Some technologies use a spread spectrum principle, which means it bounces between ~10 different frequencies making it very hard to access both sides of a conversation (since each side is on a different frequency). Governments (of course) can monitor, but the equipment to do that is very expensive, and out of reach to criminals. @Jim, Based on what you've said, it's likely that the online booking was compromised. Can you recall if the Hotel website used a secure Server (ie: https) for booking? If that was the case, the information was likely quite secure between your computer and theirs. I suspect an unscrupulous employee copied the information and used it for nefarious purposes. Another possibility - if the Hotel staff verbally repeated your credit card information (including expiry and CVV number), they could have been overheard by anyone within "earshot". The only time one of my cards was compromised was during a trip to Las Vegas. I used the card several times, so not sure which transaction was responsible. I had no idea there was a problem until I was contacted by the credit card company. They immediately closed the account and issued a new card. Cheers!

Rebecca, your scenario number 1 is certainly possible (which is why I mentioned that while my card was never lost, it certainly was not always in my "possession" all the time). But scenario number 2 is not. Credit card receipts slips no longer include the whole CC number, and haven't for many years - precisely because of the possibility of number theft. They only include the last 4 digits. Check your receipts, and you'll see what I mean. I learned this from a thread here, about the old "zip-zap" or "knuckle buster" machines, that physically took an imprint of the embossed numbers, instead of swiping the strip. Credit card companies did everything they could to stop zip-zapping, since these receipts have the whole number as well as the expiration date, and were so easy to steal. I've read, however, that the most common thing these days is that numbers are hacked from banks and other websites, by rings in various countries, who then sell the numbers to others, who in turn make duplicate cards. So, most numbers aren't stolen from physical cards any more. To the Jim, the OP: luckily, theft of a credit card number isn't the same as identity theft. If all they have is your credit card info, they don't have your Social Security number, driver's license number, mother's maiden name, date of birth, or other info. A friend of mine had his driver's license info stolen (again, method unclear), and with this thieves were able to make a duplicate, then use this as ID to get credit cards for two stores and charge lots of stuff before he got the bills (thankfully, the stores reversed the charges, but he said one was much more helpful than the other). Fixing this was all much more hassle than the time he merely had his credit card info taken (which had also happened to him, a few years earlier - some guys have all the luck).

My debit card information was stolen, I know not how, and used in China and Australia on the same day. My credit union called me immediately, since I had not said I would be traveling (I was at work, here in central Illinois at the time). I never did figure out how this information could have been taken. The card NEVER left my possession, even for a second.

This happened to me in a similar way that it happened to Jim, the OP, though not while in UK. We were living in Germany at the time and my card was from a US based bank. Yes, these operations do tend to be global, so you do not have to have been in a particular location for it to happen. I am protective of my card so I do not know how it was compromised. My credit union caught a small fraudulant charge on my card, credited it, and then we canceled the card. I was told that thieves often make a small charge just to check to see if it slips by, and if it does, they will then make larger charges. Eventually you may get a huge charge, but they might also just make several smaller charges in hopes that it will be less noticeable and won't be caught. It is good advice to cancel the card immediately, even if the first unathorized charge is caught and credited, because they still have your number and will keep trying. We were advised never to just assume that a small unauthorized charge is a simple mistake, but to assume it is a test to see how easy it is to compromise the card. We also check our account more frequently now because you can't be sure the bank will always catch the unauthorized charges. The small initial "trial" charge may not ring any alarm bells. I heard of one person who had a $10,000 unauthorized charge caught by the bank, but when she examined her account more closely, there had been a previous $10 charge that wasn't noticed.

Never had anything like this happen in planning numerous European trips. Did have an a situation with a brand new Chase Visa. Fraudulent charges. All foreign transactions for computer and electronics. Discovered this when I went to use it and it was denied. Called customer service who told me it had been "used" that day in Prague. Informed them "that's interesting since I'm standing in Nordstroms at The Grove in LA and haven't EVER been to Prague." Also said "you just issued me this card last week, I just activated it this morning how can there be a week's worth of charges on it already??!!" Cancelled the card immediately of course, resolved the charges, got a new card. Kept it for a month before using it and the very same thing happened the first time I tried it. You can imagine the frustration and disbelief. Cancelled the card, numerous phone calls about my concern the problem was within their organization. Apologies were accepted but no Chase credit cards in my house now! Now have alerts on the other credit cards I have. Truly sorry you've had to experience something like this. BTW am I the only person who creates a ruckus when seeing a new doctor when I won't put my SS# on the forms every doctor's office asks you to fill out. Always causes a problem but I calmly inform the person at the front desk that "unless you lock up this form and are the only person with the key, countless other employees can access these records and see my social security number. In this day of identity theft I'm not about to let that happen."

Interesting reading this thread. After we got back from a trip to Paris last year I was looking over my credit card bill and saw a $10 bill for a Walmart in the DC area the same time we were out of the country. They told me they used an actual card. I cancelled the card and got a new one. Who knows where and how they got my number but glad I noticed the $10 charge.

2 Lessons here: 1 - You rarely known when or how your card info has been stolen. It's almost impossible to link events. It happens to almost everyone though at some point. 2 - People come here sometimes worried about sending card info over email, or telling someone info over the phone, etc... The reality is that most card info is stolen by an employee or by someone's careless action AFTER they have your info. High tech gadgetry is unecessary and used more by pro's looking to steal hundreds-thousands of cards at a time. BTW - that first charge was almost for sure a test charge to see if the card info was real. You should have cancelled it then. Once confirmed, the thief of buyer had free reign until stopped.