At the very end of August I changed banks for both personal and business accounts. Of course we received the obligatory debit cards, a total of 4 of them. Last week we began receiving notices of “Unusual Debit Card Activity”.
Our bank caught all the fraudulent transactions
Initially the emails came about my wife’s debit card. the timing was great because we were attending the IAPP’s Privacy. Security. Risk. conference at the time. (BTW, this was a great event…you should consider attending next year.)
My wife had the expected reaction. “How can this happen? Where did I use my debit card?” Luckily our bank caught all the fraudulent transactions, so it was a simple phone call to have the debit card disabled and have a new one issued.
The next day I received a notification about unusual activity on my debit card closely followed by the same notification to my wife’s second debit card. The bank caught all the transactions again, good news.
No transaction locations in common
Three cards, just a few weeks old, with just a handful of transactions caused me to become suspicious. I reviewed the transactions and, to my surprise, did not see any retailers that we used in common. My conclusion…an inside job.
One more notification
Saturday I checked my email to find that the business debit card now had “suspicious activity”. The bank caught them all again, but I decided to go to my local branch. By the way, one of the reasons we moved to this bank was because of their fraud prevention program. Apparently it has paid off.
My banker invalidated the card, provided a temporary, and listened to my story. While concerned, they really couldn’t do much more to help or escalate my concern.
Well, maybe one place in common
I continued to think about the situation. How could a set of four debit cards all recently created without transactions from a common retailer be stolen.
Today it dawned on me. Maybe the ATM outside the branch is where the breach took place. After all, the business debit card began to receive the suspicious activity notifications after I used the card at that ATM to make a deposit.
I’ve asked the banker about the last time the ATM was checked. We’ll see what happens next.