Last week, "Jiahao" sent me a message, telling me that his bank card had just been skimmed for "50,000 dirhams" twenty minutes ago.
I always care about such things. Firstly, I want to know exactly where the information leakage occurred that led to the bank card being skimmed. Secondly, I want to figure it out so that I can publish it to warn more netizens.
So I have been contacting Jiahao, following up on the progress of this matter, until today, April 30th, when Jiahao told me, "The money has been recovered."
The fact that no property was lost is the most gratifying thing. Now let me briefly review the process of Jiahao's incident.
On April 23rd, Jiahao's bank card was debited 51098.36, with a round figure.
Generally speaking, for bank card skimming, there is always a recipient account, either personal or corporate, with a name. However, strangely, when Jiahao logged into the bank system on his PC and checked, he found that the recipient was a string of numeric codes "FT241149WSVV 012001645054."
The first thing Jiahao did was to immediately call the bank, inform them that his card had been skimmed, request the bank to freeze the transaction that occurred a few minutes ago, and freeze his bank card.
Then Jiahao rushed to the bank counter within two hours to handle the skimming matter.
The bank's customer manager checked Jiahao's transaction records but couldn't explain how the money was skimmed. However, they had frozen the transfer.
"It should be possible to recover it!"
From the 23rd to the 30th, 7 days, the bank called to say that the money could be picked up at the branch, and the issue was resolved satisfactorily. Given the efficiency of dealing with matters in the UAE, Jiahao was moved to tears.
I asked Jiahao to carefully recall whether his bank card information had been leaked anywhere.
Jiahao also looked back at his past consumption records. He told me: The card was issued at the end of 2021. Because his friend had suffered financial losses due to bank card information leakage on a counterfeit express website, he was particularly concerned about personal information security.
In 2024, apart from consuming at Starbucks and YouTube, there were no other transactions. He also entered the bank card number on the Amazon website, but it prompted that the binding was unsuccessful.
Going back further, he may have entered the card number on some shopping websites, but it was too long ago to verify.
In summary, the card usage environment is different from that in China. Now in China, when using a credit card for payment, you need to enter the card number, password, and an OTP mobile real-time verification code to complete the payment.
However, on many websites and in many consumption environments abroad, an OTP code is not required. Only knowing the card number and CVV code is enough to complete the transaction, so it is very important to keep your CVV code safe.
Do not leave bank card information on websites, even if you temporarily enter it for each payment, and do not choose to save bank card information.
Differentiate between bank card passwords and your commonly used passwords. Do not use the same password everywhere. Nowadays, many smartphones can save passwords to this cloud or that cloud. In case of being hacked and leaked, originally, the password for your bank card login or payment may also be leaked because they are all the same.
Make sure to leave your mobile phone number in the bank system and activate SMS notifications for balance changes and app notifications. In other words, every expenditure of yours has both bank app and SMS notifications, making it easy for you to know the changes in bank card funds for the first time.
Save the customer service phone number of the bank in your mobile phone. When encountering skimming, please, please, please, please contact the bank customer service as soon as possible, report the skimming situation, and apply to freeze the card; then go to the bank branch immediately to report the situation in person.