I was a victim of debit card fraud (almost)

[tibilicus]

Title. Basically I needed to register the domain 'madegaming.com'. Not for me, but for a friend who currently doesn't have the money to pay for it himself. I was advised to use a service called bluehost.com, what seems to be a legitimate business. Anyway, after trying to authorise the transaction three times it was declined because I was trying to pay via visa debit whereas only straight visa is accepted by most companies for monthly standing orders abroad. After the decline in transactions however, I received a phone call from a US number. This seemed rather unusual and set alarm bells ringing a bit. The women appeared to be from bluehost which wasn't out of the ordinary and the number matches their hotline number. What did alarm me was what she said next. She offered to "run the transaction through the system" for me. Not only does this company appear to have dubious privacy policies if she can see me authorising transactions before they've even debited essentially key logging my movement then I'm more than suspsicious.

Anyway, I wake up this morning to hear the bank has blocked two payments of £200, as it should be doing to a website called 'madgaming.com'. A domain registered in 2012 within the last 24 hours.. So it would appear that someone took my card info, created a fake domain similar to the one I was trying to register in an attempt to rob me. They either thought I was an idiot or failed to understand how explicitly difficult it is to commit fraud these days. I do however admire that touch, make a domain similar to one I was trying to register so I might be duped into authorising the transaction. Clever, if it wasn't for the fact I declined the original transaction.

So now I'm stuck as to what to do. I've obviously cancelled my card but I imagine trying to take action is futile? I'm pretty certain its someone from bluehost trying to rob me, its the only company I entered my card details into last night. I cannot however prove this and I'm more inclined to let this rouge employee continue their crime spree so perhaps the company will rethink its quite frankly pervasive privacy policy.

[HoreTore]

I'd say you should share your suspicions with your bank. While you can't inestigate much, they can. Remember, they didn't try to rob just you, they tried to rob the bank as well. And banks don't like being robbed...

[Tellos Athenaios]

Yes that would be my advice, too: forward it to your bank. It is in their interest to weed out any fraud they don't commit themselves, and they probably know the right authorities intimately enough to get that sorted.

[HoreTore]

Yes that would be my advice, too: forward it to your bank. It is in their interest to weed out any fraud they don't commit themselves, and they probably know the right authorities intimately enough to get that sorted.

I lol'ed.

[tibilicus]

The bank earmarked bluehost for me and reassured me should any transactions somehow take place despite the fact my card is now destroyed because I've taken preventative measures they would reimburse me. I guess I'm just put off more by the grotesque invasion of privacy. The fact someone tried to mirror the domain I was registering to steal is a bit sickening. Unsurprisingly the fraudster has domain protection for the bogus site. It just makes me feel sad that had it been a more unsuspecting person on this day they would be down some substantial money. Guess it highlights how indiscriminate internet crime is.