Multiple Users' Credit Cards Targeted in Coordinated Foreign Fraud; Some Victims Hit with 4 Unauthorized Charges?

Recently, on social media platforms, multiple users reported that their SPDB Bank credit cards experienced unauthorized large transactions around September 9 in Brazil and other countries, indicating card theft. Many of these cardholders were not in Brazil and had never been there, and they couldn’t understand why these transactions suddenly appeared.

A reporter from Daily Economic News found that in a group chat on a social platform, the members affected by the theft numbered over a hundred.

In the early hours of September 13, SPDB Bank’s Credit Card Center announced that they had immediately activated an emergency response with Mastercard, quickly detecting and blocking the risk.

The bank stated, “Due to external attacks.”

Cardholder Xiao Pan (pseudonym) said that the suspicious transaction on his credit card occurred on September 9, but he did not receive a transaction alert that day. He only received a deposit notification on September 11.

Some cardholders contacted SPDB Bank customer service after receiving the deposit alert. The response was, “First, report to the police and keep the receipt.” They also said, “The relevant department will follow up and contact you, and you do not need to bear the transaction amount during the investigation. Please rest assured. If there are any other issues or feedback, we will contact you promptly.”

Additionally, customer service clarified, “If the investigation confirms it was fraud and you are not responsible, the bank will cover the related losses.”

On the evening of September 15, SPDB Bank told Daily Economic News that, “Due to external attacks, some Mastercard cardholders of partner banks were affected. SPDB Bank’s Card Center and partners promptly detected, blocked the risk, and issued notices to protect cardholders’ rights, preventing customers from bearing losses they should not bear. We have contacted each affected customer individually to explain and communicate.”

From the transaction screenshots provided by multiple cardholders, these suspicious transactions mostly involved amounts around 4,900 BRL (Brazilian Real, Brazil’s main currency), which converts to about 6,400 RMB, seemingly avoiding amounts over 5,000 BRL. The merchants involved included “used car dealerships,” “dining establishments and restaurants,” and “taxi services.”

One person was defrauded in four separate transactions.

Xiao Lei (pseudonym) revealed that he was defrauded four times, all in Brazil, totaling nearly 20,000 BRL.

The affected credit cards in this large-scale theft are mostly SPDB’s co-branded World Card with Mastercard, also known as the “Red Sassoon” credit card.

The Red Sassoon card comes in two versions: a new version and an older version. The older version mainly served for overseas spending. In May 2024, the card was upgraded to a new dual-application chip card, usable both domestically and internationally.

Many affected cardholders said they held the older Red Sassoon card.

Compared to magnetic stripe cards, chip cards are considered relatively safer because magnetic stripe information is easier to copy.

The China Banking Association previously issued a notice warning that one of the main reasons for card theft is that cards are skimmed, personal information is leaked, or cards are used improperly. Consumers should enhance their transaction security awareness, use official channels to apply for and use cards, and avoid sharing personal information with others. Never lend or rent out your credit or debit cards to others to prevent malicious use. When swiping, keep the card in sight, monitor the number of transactions, and retrieve the card promptly after use. For old or unused bank cards, promptly close the accounts and do not discard them casually.

Additionally, while online payments bring convenience, they also carry risks. Criminals may illegally obtain cardholders’ online transaction authentication information, enabling theft. Consumers should protect their login passwords, withdrawal passwords, and verification codes, and not share them with third parties. Be cautious about the authenticity of online service channels to avoid phishing scams, such as suspicious calls, texts, or links. Do not download unofficial apps or enter personal information like ID, bank card details, passwords, or verification codes on insecure websites or networks.

(Edited by: Wang Zhiqiang HF013)

【Disclaimer】This article reflects only the author’s personal views and is not related to Hexun. Hexun.com maintains neutrality regarding the statements and opinions in this article and does not guarantee the accuracy, reliability, or completeness of the content. Readers should use it as a reference and bear all responsibilities themselves. Email: news_center@staff.hexun.com