Someone’s shopping US stores with my credit card…

When I saw a text message to say that someone was spending $0 on my credit card in Walmart and that I should press ‘1’ if it was me or ‘9’ if it wasn’t, I deleted it, quite sure that I’d avoided another of the many scam messages that have become such a common occurrence. When, some hours later, I got a second message from the same number to say that, because I had failed to act, my card was now suspended, I blocked the number. This one was clearly persistent.

The following day I had an Amazon package arriving. But it didn’t. When I checked my account online I found that it had been held up because of an issue with my credit card. So convinced, was I that the previous day’s text messages were scams, that I still didn’t put two and two together. Of course the texts were genuine and the nice lady from AIB told me that, before blocking the card because I hadn’t confirmed that it was me on a Walmart shopping spree, somewhere in Texas, someone had gone financially wild in JC Penney with my card and my balance was now swimming deep in the red.

My card was blocked, a new one was ordered and I was told to expect contact from the fraud team. I’d be cardless for a while and I’d have to figure out if I had any standing orders coming from the card so that I could set them up again. I was rather baffled about where I could have let my guard down and given someone access to my card details. Certainly, I use it at restaurants and for online purchases, but that’s supposed to be safe. Right?

Within half an hour, I was at my sister’s house and telling her of my misfortune.

“I got one of those texts,” she said. “It’s a scam. I hope you didn’t press anything…”

When I told her the full story, and that I’d called the number on the back of my credit card – so it was definitely the bank that I was talking with, she looked puzzled. Then she reached for her phone and opened her bank app. Someone, in Texas, had been on a similar shopping spree in cost price stores and her balance had suffered. While she was on the phone to the bank, explaining what had happened and assessing the extent of the damage, I pondered over the unlikely coincidence. Yes, we both banked with AIB, but mine had been a credit card, while hers was a debit. It was when a third sister, on hearing our woes, discovered that her Bank of Ireland debit card had been similarly taken for a shopping trip in the USA, that we arrived at the only plausible explanation.

We had all booked a family holiday, together, with each of us paying for our own share directly to the Fort Lauderdale-based travel agent over the phone, calling out our card details for them to put through. It would appear that the travel agent’s system has been compromised or a light-fingered employee has helped themselves to client data, but it is the only common denominator between our cards.

I hasten to say that AIB and Bank of Ireland have been pleasant and professional and we have every hope of getting our money back. But it leaves us with a worrying uncertainty. When do you dismiss texts as scams and when do you act on them to stop your account being cleaned out? Online transactions are mundane at this stage, but this reminds me that it’s all relatively new territory, and the protocols are far from clear.