HIFlya

I just got notified by Chase that someone using my SSN and mother's maiden name had tried to access my Chase accounts and use my reward points. Chase suspected fraud so did not carry through with the instructions on transferring my rewards balance to a bank account (something I didn't know someone could do). Anyway, I called Amex to warn them about this and to ask them to note it on my cards and future applications in case someone tries to do the same thing with them, but the CSR said there was nothing they could do until an actual fraud had been attempted. Does this make sense to anyone? Why can't they just put an alert on my file that my SSN and mother's maiden has been compromised?

mia

Those are not the details that American Express uses to authorize a Membership Rewards redemption.

HIFlya

Thanks for the information. Even if that specific information is not used by Amex for MR redemptions, that is still personal information relevant to Amex for my account, I just wanted to have it noted that it was compromised in case someone tries to access my account in the future so they are wary. It seemed like it would be a small thing to do that could help prevent bigger headaches later.

I just contacted Amex over chat just now and was referred to the fraud department directly. The fraud CSR was great and said she would notate everything and gave me their fraud department number to reset any identification passkeys as well. Again something the CSR I called yesterday didn't do. Oh well, just wanted to note my disappointment at Amex for what happened last night in a period of high stress for me (having just been informed my PII was compromised), but glad the service was better today.

mia

I do not recall providing my mother's name to American Express, but I may forget. Do you think they use it as an authenticator? Just curious.

Happy

AMEX does not use mother's maiden name. It uses the place of birth, which is not any more secure than mother's maiden name. In fact it is not secure at all because such info is very easily obtained.

HIFlya

I could have sworn they used it for the application process at least? Or am I thinking too old school?

HIFlya

You are telling me, a google search of my name turns up WAY too much information.

Bradhattan

I had a CC that i lost and someone found it and had a shopping spree...not AMEX, anyway they said they wouldn't do anything unless i filed a police report.....maybe that should be your next step? Not sure how a local police department would handle identity theft however, as it seems is your scenario. Maybe try contacting credit reporting bureaus? Sorry for your troubles!

Happy

No.

You confuse AMEX card with may be Citi, which used to, but not any more. Older Chase cards use mother's maiden name or best friend's name, but I believe that is not the case for cards applied in recent years.

acregal

I have had a poor experience with the fraud department at AMEX before.

When I had an AMEX card, someone fraudulently applied for cards with AMEX and one other issuer with my name. I got some random call from AMEX fraud asking me to call them back. I called the number on the back of my card who then confirmed that everything was okay. A few weeks later, I noticed that an account I hadn't applied for had been opened at another bank and added to the list of my existing accounts. One call to customer service there cleared it up.

I then googled the AMEX number and discovered it was a legitimate AMEX number. I called and got transferred a few times between departments (as apparently fraud prevention is only some people's job at AMEX) and left a voicemail for the person who called me. I never heard anything back so I called back a few days later to confirm it had been taken care of and the person just seemed so totally indifferent.

I just walked away with the conclusion that AMEX didn't care about fraud.

HIFlya

Thanks for the feedback. I did contact one of the bureaus that Chase recommended so put out a fraud alert. I contacted my two banks as well in case they know about my accounts with them. Chase didn't mention anything about filing a police report, I think it would be difficult for me to do at this time because I don't even know who is the Chase employee that took the call (in order for the police to get a statement etc.) If it ever comes to that I will do it.

Does anyone know if CC companies work with law enforcement on these types of matters? The person tried to transfer my reward points into a random bank account that had been opened. They also had a caller ID on the phone (admittedly could be spoofed) but the opening of a bank account has to leave some sort of paper trail right?

mia

Credit card companies deal with hundreds of attempted fraud incidents every day. From Chase's perspective this is a win because their algorithm detected it before the transfer was made. Card issuers are not going to discuss what they do, or how the do it, with customers. They are not interested in individual cases, only patterns.

Frazell

You could file a police report, but that'll likely be a waste of time unless you're talking fraud in the hundreds of thousands of dollars or more. Police departments are too busy to deal with fraud on a small scale especially considering the fraudster may not even be in the United States or a country with extradition treaties with the United States so arresting and prosecuting my be unrealistic.

In the modern era, you should have credit monitoring in place considering all of the breaches lately as places like Experian with troves of credit data (and others). If you see something that is a problem you can work with your credit monitoring protection to get it corrected (stuff such as opening CC accounts you never opened, etc.).

Stuff like reward point fraud is small potatoes because the bank is what's on the hook here. If someone fraudulently took all of your MR points then Amex can, and would, give you back those stolen points. Since they value them at 1 cent a point the fraud loss to them would be extremely small compared to someone stealing your card and testing out your "no credit limit" bounds. But in either case, they are playing with Amex's money not yours. So if Amex isn't worried I wouldn't be either... I would only be worried about stuff that you can't immediately see (as I mentioned a moment ago regarding credit monitoring).

I've been bitten by CC fraud an OK number of times. I just shrug and move on. A quick call to the bank, like Amex, and I'm using my new card within 24 hours... Hell I had Starbucks Rewards fraud where someone hacked into my Starbucks account somehow and emptied it out for a few hundred bucks in a few minutes on the other half of the country. Starbucks had be back up and running in under 10 minutes.

Centurion

You are wasting your time and energy being worried. Try and relax and move on to some fun flyertalk threads

javabytes

They do care, but it's a routine part of doing business for them. They invest considerably in detecting and preventing fraud, but it will never be perfect. So they invest up to the point that it yields satisfactory results, and they (or merchants) just absorb the costs of anything not prevented. It may be a rare and concerning experience for any individual whose account is used fraudulently, but Amex literally deals with this thousands of times a day. So yes, it is routine for them.