I’ve received the notification of a transaction (the last one of my statement) from an unknown Chinese website that I didn’t know. I didn’t to any transaction. Fortunately I didn’t have enough money on the account. I figured out that by mistake I put my details public on internet for awhile, so probably someone stolen details and tried to pay with my card. Now I have removed those details and frozen the card. What should I do now to prevent scam? Replace card? What else?
And also, they know my address and mobile number, it will be enough replace the card to avoid more scams?
First things first, do what was mentioned above and replace your card, immediately. Now they won’t get any more money out of your account, phew!
Next best thing to do would be to let Monzo know through the chat, just so they’re aware and can investigate if need be for you.
Lastly, try and be more aware of what network your on when your inputting sensitive information like your card/bank details. On public networks this can be easily stolen. Use only encrypted/password protected networks like your home broadband or on your network data.
Also worth mentioning, and I believe it was mentioned above too, be more aware of emails, texts and if you ever get any calls within the next few days/weeks and claiming they’re from Monzo, immediately hang up.
Replacing the card is the right solution. I’d just recommend investigating how your card was compromised. If it was a shady website you entered it accidentally it’s fine, but my worry is that it might be something more nasty like malware on one of your devices, which not only means your next card will also be compromised but so is your e-mail and all your data. Be vigilant for the next few weeks and see if anything else is compromised (other accounts, etc) that would suggest the attacker has access to your devices.
Lastly, try and be more aware of what network your on when your inputting sensitive information like your card/bank details. On public networks this can be easily stolen. Use only encrypted/password protected networks like your home broadband or on your network data.
With all due respect, this is fear-mongering. The underlying network doesn’t make a difference because HTTPS is designed to protect against exactly that. Assuming you’re entering card details over HTTPS (padlock in the browser’s address bar, not to be confused with padlocks in the page content which are irrelevant for security) you are fine regardless of the security of the underlying network because HTTPS sets up its own encrypted connection over that.
