My wife and I keep getting our debit cards stolen online. We notice the charges and are able to dispute them and cancel our cards, but it sure is annoying.
We don’t put our card information on suspicious websites. They’re on well known websites like amazon and Facebook.
We ran out emails through a data breach checker and it found nothing.
I don’t think there’s any malware on our devices.
Any idea what could be happening and how to prevent it?
Something tells me you’re keylogged if you keep cancelling, ordering new ones and getting pwned within days of the new card arriving. Format your computers. Use more open source tools whose code you can audit. Firefox instead of Chrome, no sketchy extensions like Honey and cash back stuff. If you pirate stuff, try to do it from verified sources.
It happens within months, not days. I don’t use honey and I don’t pirate. I use both chrome and Firefox, but maybe I should stick to Firefox.
Don’t save your cards in browsers anywhere.
I cannot agree with this more. It maybe a PITA to have to enter each time but the peace of mind is worth it. Also, if you use a password Manger, which you you should be, do not keep the cars stored in there either.
Or just use a credit card.
If my capital one card is stolen? Odds are, capital one will cancel and re-issue the card before I even notice. Otherwise, I notice it when I skim my transactions while paying my bill. And with a credit card? Absolute worse case scenario, I have a lower limit for a few days while they resolve the fraud. More often they just instantly pretend it never happened and deal with it themselves.
Contrast that with debit cards where you potentially have the equivalent of a hold on your bank account.
I have zero concerns over having my credit card stored in firefox because it really barely affects me if it is stolen. Which is the way to go.
Is there a particular (probably online) shop or service you go back to?
Two times it happened to me one was a local gas station running a skimmer the other was an online hotel comparison site that turned out to be dodgy.
First was in local paper and caught a few of us out…the second my bank actually contacted me about saying it was dodgy
For one thing, stop using debit cards on the internet. Credit cards do not take the money out of your account first, thus offering you an additional layer of protection, and many like Discover in the USA are known for offering $0 liability for unauthorized purchases. They can be more of a hassle to use like they may call your mobile number to check on a suspicious purchase, but at this point it seems you want that level of paranoia. Don’t miss a rent (or any important) payment bc you have nothing left in your debit account to work with! (Even if it is added back quickly, will it be handled quickly enough?)
A shop you both go to has a machine with a fake overlay swiping your info. You can find online how to spot those. I doubt it’s happening online.
As noted elsewhere, do everything you can to avoid handing your card to anyone.
Use tap to pay wherever possible, then chip - neither of those methods give the card number to the merchant. Do not swipe unless you absolutely have to, and then inspect what you are swiping to make sure nothing is attached to the card reader.
For online purchases, do everything you can to avoid giving your card number to anyone - use ApplePay / GooglePay / Amazon Pay / PayPal etc. wherever possible. These can be used to put charges on your card without giving your card # to the merchant. These are one-time authorizations (unless you explicitly identify it as a subscription / recurring charge), so they can’t reuse the transaction token they get.
Privacy.com is really good for online payments that don’t accept apple/Google pay. It creates a virtual credit card that’s locked to that particular vendor so even if the vendor has a data beach hackers can’t use the card.
What’s your wifi situation like? Is your network secure? Are you often using a shared or public network? Perhaps it’s time to change your wifi password or look into a vpn if you are often using public networks. This is all on top of the usual changing your passwords, setting up two factor authentication (not via sms, use an Authenticator app) etc. you could also consider a service like Privacy (card number generators with limits or one time use)
We have a private wifi network in our house. It’s password protected.
What protocol?
Wep or wpa ?
wpa
Credit and debit cards are not as secure as banks pretend them to be. Chips can be cloned with a cheap device sold in the black market (this is known as “skimming”). PINs can be easily stolen simply by eavesdropping.
My personal opinion: A business you frequent has been constantly skimming credit and debit cards. If you give your card to any salesperson and lose sight of it, the probability of it getting skimmed is pretty high.
NEVER give out your card. Ask for the salespeople to give you the terminal and scan it yourself.
Other than that, change your passwords, and NEVER reuse them.
EDIT: As others have said, NEVER EVER use your debit cards on the internet. Ask if your credit card company provides virtual credit cards (which require you to use a phone app to authorize every transaction). If not, choose another company.
You said you use your credit card on Facebook and you’re not sure why it’s getting stolen …🙄🤔
Look for common patterns, are there places you both regularly use your cards? Look at those places. Sometimes even your bank can be compromised.
If you are financially able, use a credit card instead of a debit card. I do realize that only makes sense if you are able to pay it off every month, and when we were younger that was impossible. But maybe get one to only use online?
Interesting.
Does it concern the cards from the same bank? I’ve read about some banks actually abusing their own clients and meddling with their money…
Yeah they’re all from the same bank.
Not likely but could be that the bank is compromised. Not that it makes much difference, but is it a major bank? Do you have cards from other banks that don’t get stolen regularly? Do you use a specific local atm regularly? Always tug on the card scanners at ATMs and gas pumps to ensure a skimmer isn’t being used. If there is a skimmer you will likely be able to pull it off or it will wiggle in a strange way, letting you know it’s not “stock”
Could you try and set up a test account in different bank and check whether the problems spread onto the new card too?
I have a credit card too, but I don’t use it as much. It’s from a credit union, not my bank. I don’t remember it ever getting stolen.
I think we may be on the correct track, sir. I’d encourage you to try out different bank, if it’s not much of a hassle.
There’s an additional possible test - you may want to ask people that you and your wife know about, who have cards in the same bank, whether they’ve ever found some puzzling stuff about their financial history there.
Yeah I could try that.
Goodluck.
And if it’s going to solve your problem, please share your experience with other people.
Get some new cards to start with.
Make an account in a bank/service that lets you generate and use single-use cards. Revolut comes to mind (I have a referral code too, wink wink), people also use a service I forgot the name of. Privacy-something. They used to sponsor a lot lf YTubers, but now I use SponsorBlock so I don’t remember.
