FNB customers should be aware of the increase of “enumeration” or “account testing” used by criminals to identify their bank card details and steal their money.
This issue was recently brought to MyBroadband’s attention after fraudsters attempted to use an FNB customer’s new and unused debit card to transact online.
The customer contacted us because he suspected FNB had suffered a data breach or that the bank’s employees or third-party card delivery services had been compromised.
His predicament started a few months ago when his card was being charged for a Netflix subscription that he had not signed up for.
He called FNB and after the bank investigated the matter, they refunded him and confirmed it was not Netflix but another service that was using Netflix as a description in its payment details.
The bank cancelled the card and a new one was sent to the customer.
When he received it, he had already started using a secondary bank card. He told MyBroadband he always had two cards, keeping a spare should his main card get damaged.
“Since the new card was only going to be a backup, I put it away in a drawer and never even took it off the paper that they stick it on to or opened the security window where the PIN is,” he said. “I only activated the card within the FNB app.”
He also sent MyBroadband an image as proof of this and told us that no one else had access to the drawer where it was kept.
On Friday 13 August 2021, he received five notifications from FNB within 30 minutes that a transaction was declined due to CVV failure.
“I reckoned an online store where I previously purchased was trying to charge for a service, but because I have been using the FNB virtual card for online transactions, the transaction probably failed,” the customer said.
Two days later he received the same message in nine notifications within a 20-minute period.
He called the FNB fraud department, and an agent told him the card being used was not his virtual card but his new, unused debit card.
The customer then placed a temporary block on the card within the app to try and figure out what was happening.
The next morning he received about 20 more notifications of declined transactions due to the temporary block.
He called the FNB fraud department again and an agent blocked the card. He was informed that it was not clear who was charging the card.
“I believe within the bank or where the cards get printed or put inside the envelope, there are bad actors that are taking down card details and are then trying to use it for transactions a couple of months later,” he said.
“Normally, someone will not pick this up because they would have used their debit card many times in retail stores or online and would not be able to understand where the card details were breached. What makes my case very strange is that the card is basically still in the box, unused,” he said.
However, FNB Card head of fraud Trish Ramdhani told MyBroadband that the incident was related to a new modus operandi adopted by merchant fraudsters.
“This fraudulent activity is called ‘enumeration’ or ‘account testing’, where fraudsters use automated scripts or software to obtain or validate payment account information,” Ramdhani stated.
“It is becoming more prevalent in the industry and globally as we see ecommerce transactions increase due to Covid-19 and lockdown restrictions.”
Ramdhani explained that the fraudster was able to generate the card number but not the CVV number.
“From time to time, these fraudsters target unsuspecting victims. Fortunately, with the increased levels of security controls, we proactively block these merchants from future attempts,” Ramdhani said.
In this instance, FNB detected the fraudulent attempts and blocked the merchants.
Ramdhani confirmed that the previous fraud case the customer had experienced was unrelated to the incident.
“To help minimise the risk of fraud, we recommend that consumers use trusted websites for online shopping,” said Ramdhani.
“Our customers can easily cancel their cards or report possible fraudulent activity by using the Report Fraud On App function on the FNB Banking App.”