Sorry in advance if this is old, irrelevant or annoying news.
We had to disable a credit card due to a fraudulent charge last week, which is not that unusual these days I suppose. The “interesting” thing was that when my wife logged on to the account for the bank that issued the card the thieves had somehow managed to access the website and change our physical address to a location that we have never lived. Had she not caught that we suspect the new replacement card likely would have been sent to the invalid address.
The moral of the story (for us anyway)…
If you have any type of account (credit card or otherwise) that you can access online it would be wise to enable two factor authentication for all log in and other activities if they offer that as an option.
Although it may be a bit of a pain we now have automatic text notifications turned on for essentially all credit card transactions.
If you do happen to have a fraudulent charge on a card, check your personal information with the card issuer as soon as possible.
Perhaps the most annoying part is the fact that these are all things that we should have done in the first place.
This kind of thing is never old, irrelevant, or annoying. We can all get complacent, so the dangers of these kinds of thieves should be talked about regularly.
Just a couple things to add to what you said:
When possible, change all of your accounts over to paperless billing/statements. In my area, mail theft is a big, recurring issue. I used to prefer getting paper, so I had a visual cue that something needed attention. Just got burned by that in the past few weeks because thieves stole my mail. So, the risks posed by receiving paper in the mail have been proven to outweigh the benefits.
Never click on a link in any e-mail claiming to be from a place that you do business with on-line, even when you have every reason to believe its a legitimate communication. Always use your normal method of logging into your accounts, and you’ll be able to access whatever information it was that they might have been communicating to you. Its too easy for thieves to send you bogus e-mails that look just like what you might see from your bank, for example. Links in those e-mails can take you to a site that looks just like theirs, but is set up solely for tricking you into giving them your login information.
I get those every now and then and I never open them and simply delete them. Then I go to my saved log in info and check to verify. NEVER answer the emails asking to verify account info, this is the oldest trick in the book.
If you have a really good anti-virus program like Norton, it should stop it. However, if running thru your phone or iPad, I won’t do any banking transactions on it - especially if you don’t have any security protection on them.
I am curious though, did she open the email thru her phone? If so, there it is…
1- We recieved an email and text message from the card issuer (bank) asking if we had just made a transaction of $2200 in another city.
2-My wife saw the text message on her phone and immediately called the bank to notify them of the fraudulent charge and the card was locked/canceled.
3-She decided to check the statement online using her laptop to verify that there was only one fraudulent charge and while she was at it she decided to double check our profile information to ensure that the new card would be sent to the correct address. She logged into the website directly, not by clicking any links or responding to the email. After logging in she verified that there was just the one bogus charge and checked the profile information for the account. That information had been edited and contained an address that was in a location we had never lived (different state as well). We know the address had been right because we had received correspondence from them by mail within the last month. We are continuing contact with the bank regarding the apparent illegal accessing (or error on the part of the bank?) of their online profile information for our card account and the correction of that information.
4-The card account is not accessed online very often by us but if so it is done using a desktop or laptop PC that is running Win10 with all current patches/updates and antivirus software.
5-IMHO our biggest error was not having two factor authentication enabled for log in/access to the card account and that has since been remedied.
Apologies if this does not address your question and thanks for the additional recommendations that you and others have shared.