Phantom Withdrawals is a resource site with the mission statement:

Your bank statement arrives in the post, and you find a thousand pounds missing. Someone has been making ATM withdrawals using your card and your PIN. Yet your card wasn’t stolen, you’ve told no-one your PIN, and you’re careful to make sure you’re not watched as you type it in. If this sounds like you, you’re a victim of a phantom withdrawal, and this website is designed to help you.

.

Technorati Tags: fraud, phantom withdrawals, debit fraud, atm fraud, banking

Short answer, it is fraud

Organized criminals have your credit or (much much worse) your debit card number. They are going to rip you off for as long as they possibly can. It won’t end until you take drastic action. If you have a credit card, possibly closing the card and getting another is sufficient, though I doubt it. But if you have a debit card, the hard and bad news is that you must physically close the actual linked checking account to stop the debit fraud drain.

My Experience

The fraud started with a huge hit of $1,200, followed by sets of four to eight smaller withdrawals every week to ten days. It continued for six months until I closed the attached checking account. Closing the debit card had no effect, and did not stop the fraud. Calling the bank and reporting the problem only got each fraud refunded after it was committed, it never cut off the fraud source itself.

When I was tracking down the companies involved with the fraud, I was initially quite confused. They included the following:

• A.C.E.S.A BRA.MARTBARCELONA
• A.C.E.S.A BRA.TARBARCELONA
• A.C.E.S.A BRA.TARRBARCELONA
• A.C.E.S.A BRA.VENDBARCELONA
• A.C.E.S.A ENT.ACC.BARCELONA
• A.C.E.S.A GRANOLL-BARCELONA
• A.C.E.S.A LA JONQ-BARCELONA
• A.C.E.S.A SAL.ACC.BARCELONA
• AUTOPISTAS AUMAR SVALENCIA
• AUTOST CONFINE STAENZA
• AUTST VENEZIA ESTZA TARV
• Alimentacion Nostacullera <— This is the one which hit me for $1,200

What I think is happening in Spain

No Spanish citizen has confirmed this for me, but I did have some spanish translation help in figuring out what ties these companies together. From what I gather, “A.C.E.S.A.” is the Spanish toll-road system. The companies listed appear to be a combination of toll-taking stations, and restaurants/convenience-marts along the toll roads.

What I’ve pieced together from these clues and from hints in other articles is that the fraud works by the scammers cloning the card somehow. I am still not certain how they got mine, as it never left my possession. Regardless, they clone it and do the big initial hit. They know that after that hit, the card will be closed, so they sell it to “little fish”. The little fish use it to buy little things and to pay tolls along the toll road. The international Credit Card authorization system does not appear to require actual confirmation/authorization for amounts under approx. $25. Or, if it does require it, it doesn’t require it as a hard-and-fast rule, so if a system just runs the card a few times, it will probably be accepted.

That last part was confirmed by Visa employees, who noted that my account showed tons of rejections for the closed card. They said “the system is just running it until it goes through”. My guess is that the Spanish toll-credit system does that for “efficiency”, and that it only incidentally supports international organized crime.

The cure is to close the account

Let me repeat emphatically, these criminals are really good at what they are doing. They know the system better than the bank employees do. The only way to stop it is to close the linked account. Do yourself a favor, don’t fight it once the fraud starts its steady slow drain, hoping that “this one will be the last one”. Yes, you can call and dispute each and every one. I did. By the time you get the refund, you’ll have another $100 drained from your account. Stop the losses as soon as you get your first initial “big hit” refunded, close the account and completely change banks. Sorry, but that’s the only thing that worked for me.

Technorati Tags: banking, credit fraud, debit fraud, identity theft

The only positive element I can come up with is my lessons learned:

1. Banks and credit card companies simply do not care. They will not follow up, and they will certainly not take any proactive actions to block credit fraud. That means it is all on you. Do not expect any help.
2. Start by keeping a written log of timeline, amounts, actions taken, people and companies spoken to. I keep mine as a spreadsheet.
3. If you have any fraud at all, you must close your account.
4. This is especially true with a debit fraud. Your liability is unlimited, and has no horizon. Put more bluntly, once debit fraud starts, you are liable for an infinite amount of money for an infinite time.
5. If you must close your bank account due to debit fraud, it is better to change banks entirely. That way the bank will not be able to “attach” the money in your new account during the inevitable dispute to follow.
6. Actively follow-up. Return all information requested by the creditor or bank. Do this even though legally you may not have to do so.
7. Always look up any unknown charges. Do a quick internet search on the company name. Many scammers will put a test charge in, and if it is not challenged, they’ll start a regular “leak” on your account. Worse, they may hit you with an enormous charge after their trial is not noticed.
8. Charges under $20, especially foreign charges, appear to be possible with no authorization. I personally suspect that this is deliberate on the part of the credit companies, and I consider it to be criminal negligence. The lesson here is to be especially suspicious of such charges.
9. Find out if your credit card allows you to generate “one time use numbers”. American Express, Discover, MBNA and many other companies now allow you to create these numbers via their websites. This works by making a number you can enter on a website which will be valid only once and which must be used within a set amount of time, usually a few months. That way your card is not potentially saved or skimmed from a processing company.
10. Strongly consider ceasing the use of debit cards. Use a cash back credit card and pay it off every month. I know Dave Ramsey would slaughter me for this advice, but it is what I am going to do once I finish changing banks.

Technorati Tags: Credit Fraud, Debit Fraud, scams, cons, credit cards

It all started on September 24, when I got a call from Visa card services. They asked if I had just spend $1200 in Spain at “Alimentacion Nostacullera”. No, in fact I’d just had surgery and was at home recuperating. They told me they’d cancel the card, but that I should call my bank and get the amount refunded. That seemed odd. Why should I do that when they clearly were already on top of things. OK, I tried. No luck. The fraud department was not open on the weekend. This was at the end of the month, and luckily I had enough in the account to cover my mortgage even if the fraudulent transaction wasn’t refunded for a while. This was luck indeed, as there have been many months in the past where that would definitely would not have been true.

I called Washington Mutual immediately on the Monday following my first alert. They were very gracious, saying that they’d credit the account right away and that I’d need to fill out a fraud report. If I didn’t fill it out, the money would be re-deducted from my account. (This is illegal, from what I have been able to find out. Customers do not have to swear anything to chargeback. However, the whole debit card area is very loose and poorly regulated, so I may be wrong.) I did not get any fraud report sheet for two weeks! The “provisional credit” did appear in my account on October 3. I finally panicked and went to the bank to manually fill one out on October 14th. Technically, this is after the time they said I had to fill out the form, but they didn’t quibble.

Note that the debit card was closed immediately on the initial report. September 24 2005.

On my next checkbook balancing, October 14, I had a rude awakening. More charges on my account! These were odd ones. All of them were under $20. Example charges: $3.69 to A.C.E.S.A BRA MART BARCELONA, $14.84 to AUTOPISTAS AUMAR SVALENCIA. At that time there were 6 charges like this. I called Washington Mutual right away. Supposedly, these were charges that had been authorized before the card was closed. That sounded fishy, but I reported each charge and accepted it for the moment.

The charges continued. Approximately once every week or two, I got a string of charges. It would be four or five of them, always from $5-$25. I called Washington Mutual each time, and each time they acted surprised. They would start to say “was the card in your possession?” and I’d say “please look at the history in my account record.” “Oh” they’d say, when I would point out that the card was closed in September. Every time, I asked them how the thieves can be charging using a closed card. “They are forcing it through” repeated the clueless bank employees.

Most recently, I asked them “how long can this continue?” They had no answer. Then I asked them “how will you stop it?” They said they weren’t sure. I pointed out that with that combination, they are saying that I am potentially liable for an infinite amount of money for an infinite period. They had no response. I asked them how that could happen, and they explained “it is because your bank account is still linked to the number.” “So, unlink it” I said. The fraud specialist admitted that was a good idea, went away for ten minutes, and said it was done. That was November 14. I received “provisional credit” for everything reported on November 15th.

Imagine my lack of surprise at my most recent checkbook balancing. Twenty-two (!) new fraudulent entries. I’ll call tomorrow, but now I’m going to have to bite the bullet and change accounts, possibly even banks. It is a pity, and it will be such a huge hassle, since I am a fan of automated billpay, but I no longer believe they can or will do a thing to help me besides reluctantly issuing provisional credits.

Names of accounts used in the fraud:
A.C.E.S.A BRA.MARTBARCELONA
A.C.E.S.A BRA.TARBARCELONA
A.C.E.S.A BRA.TARRBARCELONA
A.C.E.S.A BRA.VENDBARCELONA
A.C.E.S.A GRANOLL-BARCELONA
A.C.E.S.A LA JONQ-BARCELONA
A.C.E.S.A SAL.ACC.BARCELONA
AUTOPISTAS AUMAR SVALENCIA
AUTOST CONFINE STAENZA
AUTST VENEZIA ESTZA TARV.
Alimentacion Nostacullera

Technorati Tags: Debit Fraud, scams, fraud, cons, Credit Fraud, Identity Theft, Spain

I did a quick search on the internet. about.com, dslreports, robertkbrown all verify that this is a scam. Some propose that is may be due to the Card Systems heist that came to light earlier this year.

I found it about 7:00 PM on a weekday. Bank of America’s fraud department was not open at that time. I needed to call during the work day. The next day, I did so, calling from work. It may be the single worst runaround I’ve ever gotten from a company. At every turn, they transferred me and made me repeat every bit of personal information, as well as my fraud claim. I think I repeated my whole story at least 8 times over the course of two phone calls. Of course, they managed to disconnect me the first time I tried. The whole ordeal took about 45 minutes. For a $9.95 charge which they undoubtedly knew was a con and which was already claimed fraudulent by thousands of other victims. It was enough for me to reconsider ever having any account with them in the future. They simply did not care at all about my piddly little fraud problem.

Final resolution: 45 minutes of annoying phone calling during prime work hours. Dispute letter sent within a week, postage paid on the return envelope. Card cancelled and new card issued immediately.

Technorati Tags: Credit Fraud, Bank of America, scams, cons

This will be a four post mini-series which will name names and give details about my experiences.

Next post: credit fraud
After that: debit fraud
And finally: conclusions, silver-linings, and plans for the future

Technorati Tags: Credit Fraud, Debit Fraud, Scams

Technorati Tags: Credit Fraud, Debit Fraud, Scams