Each of our Debit cards used fraudulently one day after another. DH had never used his.

[audreyh1]

Here’s a suspiciously weird one:

Yesterday DH was notified from BofA that his debit card was used. He was able respond to a text notification and query that it wasn’t him and later confirm in the app that it wasn’t his charge. It immediately took him to issue a new debit card. BofA immediately reversed the charge.

​

​ Hi, DH, your debit card was used online, by phone or by mail​

​ ​ ​ ​ ​ Account:​ Debit card ending in XXXX​ Amount:​ ​ $ 74.01​ 1 Made at:​ WALMART.COM -BENTONVILLE ,AR​ On:​ February 22, 2025​

So after that I logged on and locked my debit card (different number). Actually they both should have been locked, all our other debit cards are.

But the thing is, DH has never ever used his BofA debit card. So how would someone have the info?

I have used mine rarely to withdraw cash and in the last 10 years only at this one local BofA branch and it’s been years since then. In fact our BofA debit cards were reissued a couple of years ago as the old had expired and I have never used my current one except as an ID inside the bank (which is how we learned they had expired). So they were both relatively new numbers.

Then lo and behold today I get this email from BofA:

Card locked: Transaction could not be processed

Debit card ending in YYYY

Hi, AUDREYH1,

We're letting you know that a transaction could not be processed because you have locked your card.

Here are the details of the transaction:

Card ending in : YYYY Location: BOFA CHARLOTTE US Transaction date: 02/23/2025

Interesting location: BofA Charlotte. What does that mean? Attempted ATM use?

Since my card was not lost, or stolen, or stuck in an ATM, I called in to the bank (after logging into my account to get the debit card info) and asked what I needed to do. The number immediately reached the fraud department, and they said they had to issue me a new debit card. I reported the suspicious activity, including that DH had his credentials used yesterday even though he’d never used his card. And we’ve never used them for purchase, online, blah blah blah.

How did the numbers get out there? Must be an inside job. One day after the other? Unbelievable, not a coincidence.

 

[Koolau]

Inside job was my first thought. But why go for such a small amount? Very puzzling. I hope getting new cards will be the end of it for you. Almost certainly they will never figure it out nor will anyone ever be charged.

I don't use debit cards.

 

[rk911]

Inside job was my first thought. But why go for such a small amount? Very puzzling. I hope getting new cards will be the end of it for you. Almost certainly they will never figure it out nor will anyone ever be charged.

I don't use debit cards.

Maybe a test transaction to see if it would go thru.

 

[audreyh1]

Usually a test transaction is a smaller amount. The first attempt was an online order I think. Bentonville AR is the Walmart headquarters.

 

[Dtail]

That is strange. Almost has to be an inside job. I also only use my debit card for BOA ATM use and have thought I would never have issues.
I have found BOA to be very responsive and timely as to CC fraud.

 

[disneysteve]

Here’s a suspiciously weird one:

How did the numbers get out there? Must be an inside job. One day after the other? Unbelievable, not a coincidence.

Have you never heard of data breaches?

It’s not an inside job. It’s hackers gaining access to records including thousands or even millions of SSNs, credit and debit card numbers, etc. I also had a breach years ago on a card I had literally never used, not once, that never even left my house. I didn’t keep it in my wallet. These breaches are relatively common these days.

 

[MdaPetralia]

But the thing is, DH has never ever used his BofA debit card. So how would someone have the info?

Same thing happened to me, but twice, at a different bank.

I only have the debit card in case of emergency and I need cash. Don't think I ever used it after activating it. Noticed a small transaction on bank statement it said was from my debit card. Called bank and told them I don't use my card and the transaction was not from me. They canceled my card, reversed the transaction and sent me a new card in the mail.

About 1 year later, same thing happened again with my 2nd card. I activated the card when I received it but never used the card. Noticed another small transaction from the card that I didn't make. Bank reversed transaction, canceled card and sent me another one.

Closely watching statements to see if it happens again with my 3rd card.

My wife and I have our own debit cards with this bank on a joint account but her card has not been comprised, just mine.

 

[Dtail]

I do review my CC and checking accounts every day, so will catch this error besides any bank fraud alerts, plus alerts I have set up.

 

[ShokWaveRider]

We do not use debit cards, never had the need, never seen the point. CCs are safer, protected and easy to dispute. OP was lucky that the reversal was instant. Too many sob stories saying otherwise.

 

[mystang52]

Hard to tell, for sure, from the OP so let me ask: Are you sure that initial notification was from BofA?

 

[Healthy Lifestyle]

Here’s a suspiciously weird one:

Yesterday DH was notified from BofA that his debit card was used. He was able respond to a text notification and query that it wasn’t him and later confirm in the app that it wasn’t his charge. It immediately took him to issue a new debit card. BofA immediately reversed the charge.



So after that I logged on and locked my debit card (different number). Actually they both should have been locked, all our other debit cards are.

But the thing is, DH has never ever used his BofA debit card. So how would someone have the info?

I have used mine rarely to withdraw cash and in the last 10 years only at this one local BofA branch and it’s been years since then. In fact our BofA debit cards were reissued a couple of years ago as the old had expired and I have never used my current one except as an ID inside the bank (which is how we learned they had expired). So they were both relatively new numbers.

Then lo and behold today I get this email from BofA:



Interesting location: BofA Charlotte. What does that mean? Attempted ATM use?

Since my card was not lost, or stolen, or stuck in an ATM, I called in to the bank (after logging into my account to get the debit card info) and asked what I needed to do. The number immediately reached the fraud department, and they said they had to issue me a new debit card. I reported the suspicious activity, including that DH had his credentials used yesterday even though he’d never used his card. And we’ve never used them for purchase, online, blah blah blah.

How did the numbers get out there? Must be an inside job. One day after the other? Unbelievable, not a coincidence.

Sorry audrey that you experienced this but I am Left hanging, wondering what actually happened and what caused this unauthorized debit transaction?

 

[jebmke]

Inside job was my first thought. But why go for such a small amount? Very puzzling. I hope getting new cards will be the end of it for you. Almost certainly they will never figure it out nor will anyone ever be charged.

I don't use debit cards.

We rarely use ours; maybe an ATM transaction a couple of times a year. That is why I keep ours locked as I do with rarely used credit cards.

 

[braumeister]

Sorry audrey that you experienced this but I am Left hanging, wondering what actually happened and what caused this unauthorized debit transaction?

We'll probably never know. In my experience the fraud department seldom tells you exactly what happened or what the aftermath was.

 

[Dtail]

We'll probably never know. In my experience the fraud department seldom tells you exactly what happened or what the aftermath was.

Agree, that has been my experience. Not sure they always figure it out either.

 

[Dtail]

We do not use debit cards, never had the need, never seen the point. CCs are safer, protected and easy to dispute. OP was lucky that the reversal was instant. Too many sob stories saying otherwise.

We do use cash for certain transactions and thus the debit card only for getting cash from the ATM. For example, any of the events we go to in Florida like the state fair, never use CC.

 

[jazz4cash]

For those that don’t use debit cards, how do you access ATM? That is the only time I use mine and I am annoyed that BofA no longer supports ATM withdrawals via their app. I think I can keep the debit card in my smartphone wallet.

 

[braumeister]

Debit cards, credit cards, they are all subject to misuse.
The most interesting event I experienced was about 20 years ago and I was lucky enough to have the fraud department tell me what happened.
Seems my credit card number was stolen, and I'm just about positive it was by a waiter in a restaurant far from home. They used it to buy a couple of very expensive airline tickets (thousands of dollars). Then they took the tickets to their confederate who was manning the desk at the airport, and turned them in for a refund in cash. That kind of refund is normally unheard of, but they managed to get away with it. I assume they were caught.

 

[audreyh1]

Hard to tell, for sure, from the OP so let me ask: Are you sure that initial notification was from BofA?

Yes, it was from the BofA app. I misspoke above when I said text. It wasn’t a text message.

 

[ShokWaveRider]

For those that don’t use debit cards, how do you access ATM? That is the only time I use mine and I am annoyed that BofA no longer supports ATM withdrawals via their app. I think I can keep the debit card in my smartphone wallet.

Honestly, we have not been to an ATM in eons. We have a cash "stash" we keep in the house safe for emergencies, that is what we use for our cash needs, which are minimal, and replenish it as required. Our CU is very local and easy to use. I drive right by it on the way to Aldi's, so no biggie. We do have debit cards but they are locked away, so in the really rare occasion that we need an ATM, they re available. The last time that was necessary was about 4 years ago.

 

[audreyh1]

Have you never heard of data breaches?

It’s not an inside job. It’s hackers gaining access to records including thousands or even millions of SSNs, credit and debit card numbers, etc. I also had a breach years ago on a card I had literally never used, not once, that never even left my house. I didn’t keep it in my wallet. These breaches are relatively common these days.

You’re most likely right.

 

[audreyh1]

Honestly, we have not been to an ATM in eons. We have a cash "stash" we keep in the house safe for emergencies, that is what we use for our cash needs, which are minimal, and replenish it as required. Our CU is very local and easy to use. I drive right by it on the way to Aldi's, so no biggie. We do have debit cards but they are locked away, so in the really rare occasion that we need an ATM, they re available. The last time that was necessary was about 4 years ago.

Physically locking them away is no protection. You have to lock the cards in your account online to prevent unauthorized charges. Maybe that’s what you meant.

 

[ShokWaveRider]

Physically locking them away is no protection. You have to lock the cards in your account online to prevent unauthorized charges. Maybe that’s what you meant.

That too.

 

[audreyh1]

That is strange. Almost has to be an inside job. I also only use my debit card for BOA ATM use and have thought I would never have issues.
I have found BOA to be very responsive and timely as to CC fraud.

BofA lets you lock your debit card online. Most banks and CUs let you do so these days. Fidelity does too.

 

[Car-Guy]

The number and sophistication of fraudulent emails and texts are certainly increasing. Most involve CC's but I've received them on things like late insurance payments (w/pay here link) and even late/false toll road charges. I even got an email from Schwab a few days ago entitled "Fraudsters are targeting investors over social media"

Maybe it's time to go back snail mail for all this stuff.

 

[audreyh1]

For those that don’t use debit cards, how do you access ATM? That is the only time I use mine and I am annoyed that BofA no longer supports ATM withdrawals via their app. I think I can keep the debit card in my smartphone wallet.

Interesting. I didn’t know BofA no longer supported that. I had read about that option a while back, something about making a cash withdrawal appointment via the app. Must have been too easy to abuse or something.