fraud transactions done on axis cc

Good reminder to everyone to disable all international transactions unless when required. 

papa_kancha wrote:

Good reminder to everyone to disable all international transactions unless when required. 

Ya i disabled intl for all cards mostly but forgot this, i thought spam call n didn't answered 1st time later I saw msgs n answered, mobile is in silent too don't know how my card details exposed n axis also triggered fast from their end

Yup.. I have also received the same sms..

Txn on Axis Bank Credit Card no. XXXXXX is declined as Intl online usage is not enabled. Enable via Control Center on Axisbank.com/CCUsage or call 18605005555.

Same 15USD..  

Better disable international usage getting your money back from axis bank is a pain in the ass

semcularbaaz_kitepetals wrote:
Yup.. I have also received the same sms..

Txn on Axis Bank Credit Card no. XXXXXX is declined as Intl online usage is not enabled. Enable via Control Center on Axisbank.com/CCUsage or call 18605005555.

Same 15USD..  

Wtf looks like targeted many good u switched off where u saved the card details i saved in swiggy n cred only

timelord wrote:

Better disable international usage getting your money back from axis bank is a pain in the ass

Any similar experience? Ideally if an international txn is flagged as suspicious by a credit card company system & blocked within few hours then such txns should be reversed within next 1-2 days & if they don't then you know your credit card company's fraud prevention customer support is shit compared to amex.

This is why I keep international transactions turned off on every card and turn on only when needed. BTW are you using any software to store card details on your mobile or computer ? Or are you storing in plain text in notes or have you given to someone on WhatsApp or anything ? 

happened to my Indusind card but ROMAN ROMAN merchant name

romilq wrote:

This is why I keep international transactions turned off on every card and turn on only when needed. BTW are you using any software to store card details on your mobile or computer ? Or are you storing in plain text in notes or have you given to someone on WhatsApp or anything ? 

I'm using axis iOS app, card details saved in Zomato swiggy cred and  Flipkart didn't used any where offline

Dileep_kumar wrote:
I'm using axis iOS app, card details saved in Zomato swiggy cred and  Flipkart didn't used any where offline

Hmm. No idea how can it be leaked then :>

The concerning part here is the source of card details (Need min Card number & expiry for a successful International Transaction + Billing address for certain websites). Last i remember, mobikwik leak had cc number + expiry of users (Alongside name/email, addresses / gps coordinates, Aadhaar & PAN). 

Any other recent leak?

semcularbaaz_kitepetals wrote:
Yup.. I have also received the same sms..

Txn on Axis Bank Credit Card no. XXXXXX is declined as Intl online usage is not enabled. Enable via Control Center on Axisbank.com/CCUsage or call 18605005555.

Same 15USD..  

.

romilq wrote:

Hmm. No idea how can it be leaked then :>

Not only online but i think these offline store machines are also culprit here. They also have the information.
Not sure but these POS machines could also be culprit here.

getready wrote:

The concerning part here is the source of card details (Need min Card number & expiry for a successful International Transaction + Billing address for certain websites). Last i remember, mobikwik leak had cc number + expiry of users (Alongside name/email, addresses / gps coordinates, Aadhaar & PAN). 

Any other recent leak?

International Transactions should be off for debit cards also? + @guest_999

First things I do after getting a new CC/DC (even reissue/replacement):

• Turn off international transactions.
• Change PIN.
• Set low total transaction limit.
• Set ATM , POS, online limit according to total limit.
• Turn off NFC/contactless transactions (or wifi as billing desk staff prefer to call).
• Turn off ATM transactions for card I'll never use for ATM access (like CC).

i turn off all transactions even domestic,i temporary block all cards

Agnivo007 wrote:

First things I do after getting a new CC/DC (even reissue/replacement):

• Turn off international transactions.
• Change PIN.
• Set low total transaction limit.
• Set ATM , POS, online limit according to total limit.
• Turn off NFC/contactless transactions (or wifi as billing desk staff prefer to call).
• Turn off ATM transactions for card I'll never use for ATM access (like CC).

Disabling NFC is not of much use though, there has never been a NFC fraud in all these years for the reasons I mentioned in this thread. In fact I have also not seen any reports of stolen cc being used for NFC txns either though there might be some rare cases.
https://www.desidime.com/discussions/tap-and-pa...

sukant1989 wrote:

i turn off all transactions even domestic,i temporary block all cards

A bit overkill but biggest issue is that you can't rely 100% on some banks services to correctly re-enable your card all the time. A friend once disabled ecomm txns on some bank cc using their app & then some app update happened & afterwards he was unable to re-enable it for some days. It is better to set per txn limit very low like 4-5k on domestic txns instead of completely disabling them.

guest_999 wrote:

A bit overkill but biggest issue is that you can't rely 100% on some banks services to correctly re-enable your card all the time. A friend once disabled ecomm txns on some bank cc using their app & then some app update happened & afterwards he was unable to re-enable it for some days. It is better to set per txn limit very low like 4-5k on domestic txns instead of completely disabling them.

I keep per transaction limit at 1k and change it when have to do a bigger transaction, bilkul risk ni lene ka

guest_999 wrote:

A bit overkill but biggest issue is that you can't rely 100% on some banks services to correctly re-enable your card all the time. A friend once disabled ecomm txns on some bank cc using their app & then some app update happened & afterwards he was unable to re-enable it for some days. It is better to set per txn limit very low like 4-5k on domestic txns instead of completely disabling them.

True. I got live experience when sale was live and hot card gateway was busy couldn't respond.

romilq wrote:

Hmm. No idea how can it be leaked then :>

14-15 years back, on a general forum (or may be it was about technology or may be it was esato dot com), had heard some regular users (turned acquaintances) mention some (data dump¿) site called 'pastebin'.

‎ ‏‏‎‏‏‎ 

Then some other (online user turned friends) members mentioned that it (pastebin dot com/ it / org) was the hotbed of exchanging restricted (porn or rapidshare premium) links.

‎ ‏‏‎‏‏‎ 

They told that even criminals use it to pass on messages/ data to each other.

They can chose to keep their 'paste' as private. (Possibly similar to the latter 'private' feature of youtube).

‏‏‎ ‏‏‎‏‏‎ 

Someone else gave validation and added that yeah, there are many pastebin dumps/links/ pastes with credit card details of (Visa/ Maatercard) users.

‏‏‎ ‏‏‎‏‏‎ 

Curiosity killed the cat took better of me😢.

I wanted to Vyomkesh Bakshi/ Sherlock/ Anoop Soni.

‏‏‎ ‏‏‎‏‏‎ 

Indeed there were many such lists/ allegedly stolen (restricted) details.

‏‏‎ ‏‏‎‏‏‎ 

Scared but cautiously I ended up becoming a perp (perpetrator).

Despite being scared that it is wrong, likely risk of me getting traced... I tried using 10/ 20/ 30/ N of those card details online on Microsoft site itself.

‏‏‎ ‏‏‎‏‏‎ 

None worked.

‏‏‎ ‏‏‎‏‏‎ 

Week - ten days later.. I reconnected with the person (forum friend) and chided him. Or told him that all this information on the open internet is useless. It is not working.

(Forum had international users from all over. Cannot say with authority.. as to.. which country s/he was in).

‏‏‎ ‏‏‎‏‏‎ 

He said okay fine, I am giving you some details. BUT DO NOT LET THAT FALL UPON ME/ ENSURE THAT THINGS DO NOT TRACE BACK TO ME. And whatever you do .. is at your own risk.

[This conversation is happening in direct messages, but obviously everything is recorded/saved on that site. Just like this site too saves erstwhile PM/DMs for eternity (even if user marked the PM as 'deleted'). Thus nothing was as safe/rosy. We knew that we could get traced.]

‎ ‏‏‎‏‏‎ 

This time, and I always tried to be Raja Harishchandra while using Anti-virus and Operating system, I checked the Microsoft site if any 'free' media was there.

They had the 'Service Pack 3' media (disk) of Windows XP.

‏‏‎ ‏‏‎‏‏‎ 

But while proceeding to 'order' it would first ask of billing addrss, shipping address, payment details.

‏‏‎ ‏‏‎‏‏‎ 

Hesitant but with a mindset to test if the CC details were legitimate, I ended up adding the billing address as per the information of the (North American) credit card owner, the card/payment details too

and added an Indian shipping address (one of the ..practically empty flats of an acquaintance.. two buildings away from mine. Phone number.. though scared of the fraud.. was a landline number of another unaware/trusting neighbour).

‏‏‎ ‏‏‎‏‏‎ 

Microsoft site was ready to process the zero value order (A disk/media of just the Service Pack 3/SP3 of Windows XP).

‏‏‎ ‏‏‎‏‏‎ 

I glossed over the details, but it seemed I missed to notice that the nearest main despatch hub of Microsoft Asia was selected as Singapore.. and ☹️somewhere I inadvertently selected the check box to pay delivery charges.

Do not recollect the exact SGD-INR exchange rate at the time, but the INR equivalent of the delivery charges (in SGD) would have been about ₹480-490 at that time (14-14½ years back).

‎ ‏‏‎‏‏‎ 

I tried cancelling the (supposed to be zero value) order.

It did not work out.

I was panicking that if I contact Microsoft support, to cancel the order.. it might bring the order to prominence (undue attention).

‏‏‎ ‏‏‎‏‏‎ 

I reached back to the guy, who had provided me the (stolen) credit card details.

His advice: Lay low/ forget you ever placed the order and do nothing now.

‏‏‎ ‏‏‎‏‏‎ 

I asked, what about the victim though?

Being a European or wherever.. the (stolen CC detail giver cum forum friend) guy said that the amount is peanuts. The owner may not even notice.. or if he does.. he will dispute it and get a settlement.

‏‏‎ ‏‏‎‏‏‎ 

I did nothing.

Few weeks passed and sure enough.. our neighbour (landline number) got a call that ..I am speaking from post office... your parcel (to the mostly closed apartment) has been brought back by postman.

Where are you?

‏‏‎ ‏‏‎‏‏‎ 

It got decided, that someone who knows postal staff there (by face) would go and collect the parcel... without giving any photo ID card.

‏‏‎ ‏‏‎‏‏‎ 

I finally received the Microsoft provided official disk of just the SP3.. delivered from Singapore to India.

‏‏‎ ‏‏‎‏‏‎ 

I have no way to know if the victim ever disputed those 15-20SGD or whatever charge on his card.😢 #guilt

‏‏‎ ‏‏‎‏‏‎ ‏‏
‎ ‏‏‎‏‏‎ ‏‏
‎ ‏‏‎‏‏‎ ‏‏
‎ ‏‏‎‏‏‎ ‏‏
‎ ‏‏‎‏‏‎ 

Now of-course.. any backend data entry operator or operations persons or disgruntled employee or data verification (outsourced) agency can be the likely source of such leaks (of Card details).

‏‏‎ ‏‏‎‏‏‎ ‏‏
‎ ‏‏‎‏‏‎ ‏‏
‎ ‏‏‎‏‏‎ ‏‏
‎ ‏‏‎‏‏‎ ‏‏
‎ ‏‏‎‏‏‎ 

Back when VDIS (Voluntary Disclosure of Income Scheme) tax amnesty was brought in by the first NDA government or Atal.Bihari government....

... and later when NRIs were given an option to invest in (big ticket/ HNI) bonds issued by RBI..

.... within few weeks.. one of our seniors/ Vice presidents.. handed over to us.. huge lists of potential leads (who could be approached for HNI investments). I was associated with a reasonably reputed AMC/ Asset Management Company.

‎ ‏‏‎‏‏‎ ‏‏
‎ ‏‏‎‏‏‎ 

One spreadsheet/ printout literally mentioned the list was printed somewhere in 'block N - Aaykar bhawan' (Income Tax office, Delhi).

‏‏‎ ‏‏‎‏‏‎ ‏‏

‎ ‏‏‎‏‏‎ ‏‏

‎ ‏‏‎‏‏‎ 

I did the blunderous stupidity of showing the printout to the same (vice president) senior and asking: 'sir where did we/you get this from?' [Sir, aap ko yeh (confidential) list kahaan se mil gayi?]

‎ ‏‏‎‏‏‎ ‏‏

‎ ‏‏‎‏‏‎ 

He looked me in the eye. Stared for two seconds. Emphatically said "none of your business' and moved on to flirt with the girl/lady half his age... on whom he always doted.

‏‏

‎ ‏‏‎‏‏‎ ‏‏
‎ ‏‏‎‏‏‎ ‏‏
‎ ‏‏‎‏‏‎ ‏‏
‎ ‏‏‎‏‏‎ ‏‏
‎ ‏‏‎‏‏‎ Cc: @getready , others [FYR ONLY]‏‏

budhe-baba-senior wrote:
@budhe-baba-senior

Checkout: https://haveibeenpwned.com/PwnedWe...es

Do read Troy Hunt's FAQ section on pastes, breach, etc.

Also, if podcasts are your thing, do check: https://darknetdiari...om and their episodes, especially the ones like VTech breach which happens to be one of the most bizarre one. Eps tagged with bitcoins, research, cyber-crime might be more engaging though.

P.S: For carding, do give this one a shot: https://darknetdiaries.com/episo...2/

kukdookoo wrote:
International Transactions should be off for debit cards also? + @guest_999

Its the same thing with DCs (No OTP authentication / CVV requirement for some international websites) and yes, keep them off (these are rare transactions for most of us, so no point in keeping them "on" all the time).
+ By default, banks / cc issuers keep these international transactions disabled (Remember One card app update force changed the int txns state from OFF to ON once.. but never noticed similar stuff with any other)

Flipkart order was cancelled.

Refund was to be processed to the Credit card.

But for some reason it failed amd Flipkart is asking for bank details to process the refund.

Here's the tricky part - I do not have access to the phone number.

The email id is an imaginary one . Not even @gmail one

And they are sending the SMS either kn phone number or SMS.

Any workaround please ?

kukdookoo wrote:
International Transactions should be off for debit cards also? + @guest_999

It's common sense, isn't it. If you are not doing intl txns which don't need otp then why would you enable it.

Topsey wrote:

Flipkart order was cancelled.

Refund was to be processed to the Credit card.

But for some reason it failed amd Flipkart is asking for bank details to process the refund.

Here's the tricky part - I do not have access to the phone number.

The email id is an imaginary one . Not even @gmail one

And they are sending the SMS either kn phone number or SMS.

Any workaround please ?

No simple solution, be prepared to spend lots of time & effort talking/emailing flipkart customer care & your credit card issuing bank.

Blocked the airtel axis card n replaced i have to receive cb axis wil credit to my new card r should I ask them n how to pay my due date is nov 2 @getready @guest_999

guest_999 wrote:
Any similar experience? Ideally if an international txn is flagged as suspicious by a credit card company system & blocked within few hours then such txns should be reversed within next 1-2 days & if they don't then you know your credit card company's fraud prevention customer support is shit compared to amex.

No, but I've seen others come to the branch with similar issue when I worked at axis bank one guy gone to court to get his money back for fraud international transaction axis usually don't honor chargebacks without many follow ups

Dileep_kumar wrote:
Blocked the airtel axis card n replaced i have to receive cb axis wil credit to my new card r should I ask them n how to pay my due date is nov 2 @getready @guest_999

Axis should credit the cb to new airtel axis card but I think you will have to follow up for this as fraud txns won't be considered for cb calculations & depending on axis investigation procedure they may withhold your cb of all the txns done in this/previous month on old card until it is over.