Credit/debit card fraud

You notice on your bank account that there are several payments to a foreign business that you did not make. Your credit/debit card information has been stolen.

Description of the fraud

If your credit/debit card information was used to make online purchases that you did not yourself make, and if you are still in possession of your card, you are victim of credit/debit card fraud.

How to avoid the fraud

  • Before each and every purchase online, verify the security of the payment website by checking if it has the image of a lock and if the URL begins with https:// (and not “http”).
  • Never share your card information.
  • Always hide your bank numbers when you type them and never leave your card out in the open.
  • Don’t keep your security code and your card together.
  • Always keep the telephone number and address of your bank on you, as well as the emergency number of your bank to oppose to a payment or ask for cancellation of your card.

What to do once trapped?

  • Contest any payments you notice on your account you did not authorise.
  • Ask your bank or the issuer of your card to proceed to a reimbursement (chargeback) for a non-authorised payment.
  • If your card was used without you knowing, for example when you still have your card but its number and expiry date have been stolen and used fraudulently following a hack, you could be held responsible. Contest all fraudulent debits on your account via a written statement as soon as possible and, at the latest, within 13 months for a debit in the EU, Lichtenstein, Iceland, and Norway, or within 70 days for a fraudulent payment out of the European Economic Area. After receiving your registered letter, the bank will recredit you immediately with the amounts contested. More information in our article "means of payment in France".
  • File a complaint at the nearest police station.

Funded by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or the European Innovation Council and Small and Medium-sized Enterprises Executive Agency (EISMEA). Neither the European Union nor the granting authority can be held responsible for them.