BA Amex compromised

Old Jan 3, 2019, 8:43 am
  #16  
 
Join Date: Oct 2007
Posts: 4,636
Originally Posted by DYKWIA
I wonder if Amex are able to push some of these fraudulent charges onto BA (or other companies that have suffered data breaches)?
Given the amount of recent breaches I doubt that they would be able to prove that any one case of fraudulent activity was the fault of BA, however likely it may be.

I think that Amex will just have to suck it up.
SteveF is offline  
Old Jan 3, 2019, 9:27 am
  #17  
Ambassador: Emirates Airlines
 
Join Date: Sep 2004
Location: Manchester, UK
Posts: 18,554
Originally Posted by SteveF
Given the amount of recent breaches I doubt that they would be able to prove that any one case of fraudulent activity was the fault of BA, however likely it may be.

I think that Amex will just have to suck it up.
I suppose adding 0.01% to the rate they charge BA would cover it
DYKWIA is offline  
Old Jan 3, 2019, 9:36 am
  #18  
 
Join Date: Sep 2015
Location: London
Programs: BA GGL, IHG Spire Elite Ambassador, HH Diamond, Avis Presidents Club
Posts: 357
This happened to me the other day. Still have the card and have only used this card in the past 4 months on BA.com

almost 100% certain it was from this

Amex blocked it straight away as it popped up on my apple wallet and I called them within minutes of it happening
ianfly is offline  
Old Jan 3, 2019, 9:36 am
  #19  
 
Join Date: Jan 2011
Location: North of Carlisle
Programs: BAEC Silver
Posts: 1,529
Interesting reading this and that John Lewis is being targeted. I bought a new iPad today from JL using my BA PP Amex card and received a security check via a pin code on my mobile. First time I’ve had this, so looks like they’re double checking JL transactions.
mike&co is offline  
Old Jan 3, 2019, 2:52 pm
  #20  
zsc
 
Join Date: Aug 2015
Location: LHR / LCY / DXB
Programs: QR Silver / BA Silver
Posts: 324
Same here, was one of the affected during both BA data breaches, and had a John Lewis transaction post on my account at 4am on the 31st - immediately called Amex up and had a new card arrive in the mail today. Charge is still on my account but they have said it will be adjusted come end of month.
zsc is offline  
Old Jan 12, 2019, 1:30 pm
  #21  
Original Poster
 
Join Date: Jan 2018
Posts: 62
Amex hard stop

Just had another fraudulent transaction on my BA Amex card (which Amex approved). Only had the replacement card a week. The fraudulent transaction was PayPal Uber and it didnt come from my PayPal account.

Called amex fraud team and asked them if this was against the new card and they said actually it was against the old card (which I cancelled 10 days ago). They have now done a hard stop on that old card and admitted that they had stopped it but it would still allow any recurring payments against the old card. So it seems on a cancelled Amex all any fraudster has to do is initiate a payment with a vendor you have pre-authorised in the past and they can carry on defrauding.
travellingowl is offline  
Old Jan 12, 2019, 1:35 pm
  #22  
 
Join Date: Oct 2015
Location: London, UK
Programs: BAEC GGL/GFl, HH Diamond, BW Diamond, Virgin Voyages Deep Blue Extra, Blue Peter Badge Holder
Posts: 3,933
Had no issues here and my details were compromised with the data breach.
navylad is offline  
Old Jan 12, 2019, 1:39 pm
  #23  
 
Join Date: Jul 2005
Location: Scotland
Programs: BA Gold, Marriott Lifetime Titanium
Posts: 2,447
I woke up the other morning to find 3 text messages with one-time codes on my phone. They'd apparently tried to link the card to a PayPal account and signed up to Netflix.

All sorted with a call to Amex who, unlike BA, seem to have decent customer service.
thegoderic is offline  
Old Jan 12, 2019, 2:07 pm
  #24  
 
Join Date: Jan 2019
Posts: 44
Originally Posted by cosmo74
Friend of mine also had fraudulent John Lewis transactions on his BA Amex, some of which went through before an authorisation code was sent. Will Amex have bothered to contact the police about this in order to try and track down the fraudsters?
They wont do anything about it. Amex dont care because any funds to be recovered come from the retailer who accepted the stolen card details (providing goods are shipped or services rendered before the charges are spotted and reported).

We regularly encounter huge attempted frauds in work, five figures and six figures not uncommon. The police dont have the resources to deal with them and only go after the biggest of frauds.
ihatechoosingusernames is offline  
Old Jan 12, 2019, 2:11 pm
  #25  
 
Join Date: Jan 2019
Posts: 44
Originally Posted by DYKWIA
I wonder if Amex are able to push some of these fraudulent charges onto BA (or other companies that have suffered data breaches)?
Amex push the chargebacks/disputes back to the retailer who accepted the payment from someone using a stolen card. The retailer then has to prove the transaction was genuine to keep the funds (assuming they didnt refund before the goods were sent or services rendered) - this is usually not possible, so Amex get the money back and the retailer loses out.

Amexs only cost will be the time spent dealing with fraud reports over the phone, and money spent issuing and dispatching new cards to customers affected.

ihatechoosingusernames is offline  
Old Jan 13, 2019, 3:43 am
  #26  
Ambassador: Emirates Airlines
 
Join Date: Sep 2004
Location: Manchester, UK
Posts: 18,554
Originally Posted by ihatechoosingusernames


Amex push the chargebacks/disputes back to the retailer who accepted the payment from someone using a stolen card. The retailer then has to prove the transaction was genuine to keep the funds (assuming they didn’t refund before the goods were sent or services rendered) - this is usually not possible, so Amex get the money back and the retailer loses out.

Amex’s only cost will be the time spent dealing with fraud reports over the phone, and money spent issuing and dispatching new cards to customers affected.


Thanks. So John Lewis will be will forking out for a fair few cases here, and BA get away it...

Although... surely the cards were not stolen? John Lewis wouldn't know that the card details had been leaked, and the card could still be used legitimately by the holder.


DYKWIA is offline  
Old Jan 13, 2019, 3:55 am
  #27  
 
Join Date: Sep 2001
Location: UK. BAEC AAdvantage
Programs: Mucci Des Oeufs Brouilles et des Canards
Posts: 3,668
Originally Posted by DYKWIA
Thanks. So John Lewis will be will forking out for a fair few cases here, and BA get away it...

Although... surely the cards were not stolen? John Lewis wouldn't know that the card details had been leaked, and the card could still be used legitimately by the holder.

You're right, but what you'll find is that they've measured the risk of some fraudulent transactions getting through over the inconvenience to legitimate customers by implementing tighter controls. IT Security staff would have a raft of proposals to get to close to zero risk of fraud as possible, but that would be outweighed by possibly the cost of doing so and the possible extra factors. It's interesting to see that most people are happy to accept two factor authentication now however, but that's probably as they are more concerned about data theft than card fraud that would be covered by the retailer/card provider.
dddc is offline  
Old Jan 13, 2019, 4:15 am
  #28  
 
Join Date: Jan 2019
Posts: 44
Originally Posted by DYKWIA
Thanks. So John Lewis will be will forking out for a fair few cases here, and BA get away it...

Although... surely the cards were not stolen? John Lewis wouldn't know that the card details had been leaked, and the card could still be used legitimately by the holder.

It is up to the retailer to determine the card information presented is being used by its rightful owner.

I imagine John Lewis would have been pretty on the ball with this and would be surprised if many fraudulent transactions actually got through, had the goods shipped etc. Even if they did and JL rumbled the scam 24 hours later, they could still recall the goods from couriers providing they hadnt been delivered already.

From what I have been told, a huge number of fraudulent transactions were attempted on JL. They were quickly identified, and the fraudsters then moved onto Selfridges who rumbled them pretty quickly.
ihatechoosingusernames is offline  
Old Jan 13, 2019, 4:31 am
  #29  
 
Join Date: Jan 2006
Programs: SAS Eurobonus - Blue / Emirates Skywards - Blue
Posts: 618
I had to have a new card DHL'd out to me in Japan too.

Started with a Netflix auth on 2nd January and then pretty quickly had a Safe Key code. Thank god I've got my AMEX on my Mac / iPhone so I can see instantly when charges hit my account.

Thank god I'm not the only one..
mrploddy is offline  
Old Jan 13, 2019, 4:33 am
  #30  
 
Join Date: Oct 2018
Location: London
Programs: BAEC blue dust
Posts: 256
Originally Posted by dddc
It's interesting to see that most people are happy to accept two factor authentication now.
I really wish more places offered the option of using an authenticator app instead of sending a sms - at least that way you're not dependent on your mobile signal or any issues with the network
Irreverent Medusa is offline  

Thread Tools
Search this Thread

Contact Us - Manage Preferences - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service -

This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.