BA Amex compromised
#16
Join Date: Oct 2007
Posts: 4,636
I think that Amex will just have to suck it up.
#17
Ambassador: Emirates Airlines
Join Date: Sep 2004
Location: Manchester, UK
Posts: 18,554
I suppose adding 0.01% to the rate they charge BA would cover it
#18
Join Date: Sep 2015
Location: London
Programs: BA GGL, IHG Spire Elite Ambassador, HH Diamond, Avis Presidents Club
Posts: 357
This happened to me the other day. Still have the card and have only used this card in the past 4 months on BA.com
almost 100% certain it was from this
Amex blocked it straight away as it popped up on my apple wallet and I called them within minutes of it happening
almost 100% certain it was from this
Amex blocked it straight away as it popped up on my apple wallet and I called them within minutes of it happening
#19
Join Date: Jan 2011
Location: North of Carlisle
Programs: BAEC Silver
Posts: 1,529
Interesting reading this and that John Lewis is being targeted. I bought a new iPad today from JL using my BA PP Amex card and received a security check via a pin code on my mobile. First time I’ve had this, so looks like they’re double checking JL transactions.
#20
Join Date: Aug 2015
Location: LHR / LCY / DXB
Programs: QR Silver / BA Silver
Posts: 324
Same here, was one of the affected during both BA data breaches, and had a John Lewis transaction post on my account at 4am on the 31st - immediately called Amex up and had a new card arrive in the mail today. Charge is still on my account but they have said it will be adjusted come end of month.
#21
Original Poster
Join Date: Jan 2018
Posts: 62
Amex hard stop
Just had another fraudulent transaction on my BA Amex card (which Amex approved). Only had the replacement card a week. The fraudulent transaction was PayPal Uber and it didnt come from my PayPal account.
Called amex fraud team and asked them if this was against the new card and they said actually it was against the old card (which I cancelled 10 days ago). They have now done a hard stop on that old card and admitted that they had stopped it but it would still allow any recurring payments against the old card. So it seems on a cancelled Amex all any fraudster has to do is initiate a payment with a vendor you have pre-authorised in the past and they can carry on defrauding.
Called amex fraud team and asked them if this was against the new card and they said actually it was against the old card (which I cancelled 10 days ago). They have now done a hard stop on that old card and admitted that they had stopped it but it would still allow any recurring payments against the old card. So it seems on a cancelled Amex all any fraudster has to do is initiate a payment with a vendor you have pre-authorised in the past and they can carry on defrauding.
#23
Join Date: Jul 2005
Location: Scotland
Programs: BA Gold, Marriott Lifetime Titanium
Posts: 2,447
I woke up the other morning to find 3 text messages with one-time codes on my phone. They'd apparently tried to link the card to a PayPal account and signed up to Netflix.
All sorted with a call to Amex who, unlike BA, seem to have decent customer service.
All sorted with a call to Amex who, unlike BA, seem to have decent customer service.
#24
Join Date: Jan 2019
Posts: 44
We regularly encounter huge attempted frauds in work, five figures and six figures not uncommon. The police dont have the resources to deal with them and only go after the biggest of frauds.
#25
Join Date: Jan 2019
Posts: 44
Amexs only cost will be the time spent dealing with fraud reports over the phone, and money spent issuing and dispatching new cards to customers affected.
#26
Ambassador: Emirates Airlines
Join Date: Sep 2004
Location: Manchester, UK
Posts: 18,554
Amex push the chargebacks/disputes back to the retailer who accepted the payment from someone using a stolen card. The retailer then has to prove the transaction was genuine to keep the funds (assuming they didn’t refund before the goods were sent or services rendered) - this is usually not possible, so Amex get the money back and the retailer loses out.
Amex’s only cost will be the time spent dealing with fraud reports over the phone, and money spent issuing and dispatching new cards to customers affected.
Thanks. So John Lewis will be will forking out for a fair few cases here, and BA get away it...
Although... surely the cards were not stolen? John Lewis wouldn't know that the card details had been leaked, and the card could still be used legitimately by the holder.
#27
Join Date: Sep 2001
Location: UK. BAEC AAdvantage
Programs: Mucci Des Oeufs Brouilles et des Canards
Posts: 3,668
You're right, but what you'll find is that they've measured the risk of some fraudulent transactions getting through over the inconvenience to legitimate customers by implementing tighter controls. IT Security staff would have a raft of proposals to get to close to zero risk of fraud as possible, but that would be outweighed by possibly the cost of doing so and the possible extra factors. It's interesting to see that most people are happy to accept two factor authentication now however, but that's probably as they are more concerned about data theft than card fraud that would be covered by the retailer/card provider.
#28
Join Date: Jan 2019
Posts: 44
I imagine John Lewis would have been pretty on the ball with this and would be surprised if many fraudulent transactions actually got through, had the goods shipped etc. Even if they did and JL rumbled the scam 24 hours later, they could still recall the goods from couriers providing they hadnt been delivered already.
From what I have been told, a huge number of fraudulent transactions were attempted on JL. They were quickly identified, and the fraudsters then moved onto Selfridges who rumbled them pretty quickly.
#29
Join Date: Jan 2006
Programs: SAS Eurobonus - Blue / Emirates Skywards - Blue
Posts: 618
I had to have a new card DHL'd out to me in Japan too.
Started with a Netflix auth on 2nd January and then pretty quickly had a Safe Key code. Thank god I've got my AMEX on my Mac / iPhone so I can see instantly when charges hit my account.
Thank god I'm not the only one..
Started with a Netflix auth on 2nd January and then pretty quickly had a Safe Key code. Thank god I've got my AMEX on my Mac / iPhone so I can see instantly when charges hit my account.
Thank god I'm not the only one..
#30
Join Date: Oct 2018
Location: London
Programs: BAEC blue dust
Posts: 256
I really wish more places offered the option of using an authenticator app instead of sending a sms - at least that way you're not dependent on your mobile signal or any issues with the network