As I sit and type I have – or rather my bank account – has been fleeced to the tune of £670.31 thus far.
The back story is this … late last night at approx 23:30 I logged n to one of many eMail accounts. I have those I use for family, friends and official business, etc and then I have others for newsletters, penpals and even more again for logging in to forums and yet another for online shopping. The idea is security by obscurity.
Anyway I’m in one of the accounts that is not for official business and I note an email from my bank. First thoughts are it’s spam and then the second thought is that is unlikely as googles gmail is excellent at filtering spam. So I open it up and these words jump out at me:
“This message confirms you have changed your Halifax Secure password. If you did not change your password, please contact us immediately using the number on the back of your card.”
Hmm, says I. Must be a fake. So I click on google’s handy show original link and it opens up a plain text version of the email complete with headers, etc. Now I’m no expert at reading email headers but I’m also no fool either – after all I’ve been working with computers for 25yrs and one of my regular mantra’s is security. Anyway it looks ok to me but I don’t even know where or how or even that I could change my Halifax Secure password – for those that don’t know it’s meant to provide additional online security when shopping to prove you are whom you say you are.
Anyway, with no real concerns I log into my online account and note at the top some very strange transactions. I also note my account balance is a good £300 or so less than it should be. So like the email says, I immediately phoned the 24×7 banking number and a very helpful lady took the details, listened to my story, cancelled my cards and then said I can’t do any more until Monday when the fraud section are back at work. Not only that, it’s me who has to ring them! Argh.
The very nice lady was ever so helpful though in advising that there were another 11 debits set to come off my account but she couldn’t tell who or where they were from, only the amounts at this point. So to date I am down £670.31 (having checked this morning) and none of the amounts she read off last night – so by my rough estimate, before I can phone the fraud squad I’ll have been fleeced to the tune of some £1,400.
I don’t doubt I’ll get it all back but its the indignity of it and I’ve been racking my brain trying to work out who, how or where this might have happened. Sure I’ve been on holiday recently to Tenerife but all of these transactions are at least 3 weeks after I’ve left. Secondly I didn’t take my debit card with me and third all of my transactions out there were done with a credit card I got expressly for the purpose – because they don’t charge for every transaction (Post Office if you care) – and I’m supposed to be paying that bill in 3 days time! Well not if I don’t have the funds I won’t be.
I’ve searched my ‘leetle grey cells’ and nothing comes up. Any recent online transactions have all been with people or companies I’ve shopped with for years. Any other transaction the card has never left my site.I’ve run no less than thee (3) separate anti-malware scans on my PC’s just to be certain it isn’t a trojan or root kit or similar. I’ve re-checked my Anti-Virus is up to date and my firewall is running and working as expected (ask Owen – he tried to test it recently) and all come out cleaner than clean – as I’d expect.
So someone, somewhere has been naughty and passed on my details or not destroyed or cared for a credit slip properly. But I’m stumped if I know whom.
Oh well, let’s see what tomorrow brings. Which brings me to my final point for now … why is the fraud section not working 24×7?
