This week I had an alarming experience when five of my credit cards, along with one of Justina’s were compromised in 12 hours. It started about 10 pm with a fraud message from Santander and continued through the night as one by one my cards got attacked. The attacks followed a similar pattern, first a small transaction of about £5 then increasing amounts culminating in them attempting charges of £10,000 to £30,000 and in one case of £107,000.
Luckily my banks stopped or reversed all the transactions before we lost anything, but it was still an alarming experience and a reminder of just how careful we need to be with our details. The cards are from different banks, and the only connection is that at one time or another I have used them all for business transactions. I guess that one of my supplier websites was compromised, I cannot think of anything else that connects all these cards including Justina’s.
Considering this attack, I have been reviewing our security on Valentte.com and would like to reassure you of several things.
When you shop on our website, we never have sight or access to your card details. We use a third-party payment processor called “Payment sense” who have the highest security levels available. When you click checkout and submit your card details, we never see this information, nor do we store it on our server. The data is sent directly to Payment Sense who process and authorise the transaction. They then return us an authorisation code, so we know that we are going to get paid.
If you telephone us and place an order the situation is slightly different. We do temporarily record your card details on a manual credit card slip. We then process the card transaction on our portable terminals, the same way that we do at a show. As soon as this is completed, the slips are shredded.
If you shop with us at a show, we use a portable card terminal that connects via the mobile phone signal to our payment processor who in this case is First Data. They then return an authorisation code confirming payment. Our machine prints out two receipts, one for you and then ours which contains your card details including card number and expiry date. But critically it does not have the 3-digit code from the back of the card. This exclusion means the card number cannot be fraudulently used online as online transactions always require the 3-digit code.
This brings me to a significant security consideration. If any website stores your card details and does NOT require you to re-enter the 3-digit code to process your transaction you need to be extremely careful. You are vulnerable to a similar attack as I suffered if that website is compromised. Ask yourself if you want to be in this position. Should you be trusting the site that much?
The reason this is so dangerous is that no card processor will allow a transaction over £30 to be authorised without either the pin number, or the 3-digit CSV number or some other two factor authorisation system being completed. So provided a website isn’t storing your 3-digit code you are reasonably safe. If they are however, then you are wide open. If their website gets compromised, you will get hit. It’s that simple.
This experience has also made me rethink the cards I use for purchases, and I’m going to put as much of my spending onto credit card rather than debit cards. I believe the credit card companies are more used to combating fraud; they also are bound by much stricter consumer protection laws that require them to reverse transactions. This is not the same with your debit card; you are at your bank’s mercy. Not a position that I want to find myself in.
The internet offers us the most incredible shopping opportunities. We can connect with companies and customers across the globe. However, it brings significant challenges and risks. Please take care, shop with companies you can trust, those that take your security seriously and use cards that offer a money back guarantees when things go wrong.
This week, I’m at Sudeley Castle for a show with UK Grand Sales, today I heard a lovely quote which I will leave you with. Thank you as always for shopping with us.
“Happiness is not contained in what you get, happiness is found in what you become.”
16 thoughts on “My Scary 12-Hours of Fraud”
Thanks Luke for sharing your scary fraud story, I’m glad you didn’t lose any money but I know you must have been worried sick. Can I just say that I really love it when my emails from Valentte arrive in my inbox, I love your very honest and from the heart stories about your life and very much enjoy reading about whatever you get up to and of course I love safely shopping with Valentte online x
Thanks Lauren, I really appreciate your encouragement. I enjoy writing but still get very nervous when I click “post!”
Hello Luke. I’m so sorry to hear of your ordeal, there are some really unpleasant people in the world and I’m glad to hear that you’ve emerged relatively unscathed.
Thank you for your tip about the use of credit cards as opposed to debit cards.
No worries Jane. It’s a scary time, fraud seems to become more and more commonplace.
Thanks Luke, it is not nice when this happens. I was on holiday in Devon a few years back, when a credit card provider called and said have to stayed at the Hilton hotel in Washington. the Crown Plaza in New York etc etc. I said no love, i am on holiday in Devon, which made them laugh. We went through transactions and they had done a small $5 one first. I was glad they were on the ball to. Love your products. Everyone always comments on the lovely smell as they enter the house. Lemongrass is my fave with anything else in it.
I’m glad to hear your problem got sorted out without yohlosing anything as well. Its bizarre though isn’t it the places they try. One of mine was tried in a coffee shop in Atlanta for $5!
Thanks for shopping with us.
Thanks so much for writing about your experience I wish more people would be open about attempts to defraud on their cards. It’s often not the victims fault but people feel ashamed. I’m so glad you got it reported and stopped. I had my card cloned a couple of years ago it was very scary but like you I noticed early on. Again mine started with a small amount to see if you noticed then increased and I got all my money back. Thanks again for being open
I agree with you, Claire. I believe the more transparent we are about the good, the bad and the ugly that happens in life, then the more likely we are to be able learn from each others experiences.
Just read your blog and know how you must have felt as my debit card has been cloned twice in the last eighteen months Fortunatly my bank spotted this straight away and stopped payments,and cancelled my cards. It was inconvenient but was only for a couple of days .
Hope you are feeling better today
I’m feeling much better today, thank you. It was a shock, but feel very relieved, not to have lost any money. I’m glad to hear that you didn’t lose anything either.
Thanks for the info about the security numbers. I prefer to use PayPal when I shop online so I rarely purchase anything where I need to put in my card details.
I’m thinking about putting PayPal onto our website as I know many customers prefer it as a payment option.
Some weeks ago I took up your offer of free sample candles. If these were as god as they sounded I woould have liked to order others for candle loving friends. Sadly they never arrived. andI wonder if they ever will
Thanks for getting in touch. We have had an overwhelming number of people request scent samples in the last month or so. We currently have a backlog of around 45,000. We have just taken on a mailing house to process this backlog as we are a tiny team. They start next week with the first 1000 of them. In the meantime, I have bumped you up the list and your samples will be shipped in the next week.
I did the same Sarah & sent a message. Its nice that Luke replied as with this kind of thing you usually dont hear anything. Hope I get bumped up too x
Thanks for your comment and interest in our range. I have bumped you up the list and they will be sent next week for you.