Yeah I was given 10days to return my fraud form aswell, but they did say if you havn't recievd your latest statement yet, then you'll have 10 days to send it out from when you recieve it. I sent mine via Recorded delivery anyway to be on the safe side.

On the matter of shopto removing my card details they have't repiled yet, but i've changed the name and address of the cardholder, so that should mean that even if someone was to get my card details they could use it could they?

Sorry to hear about your problems with Barclays et al. I checked my account yesterday to find that HSBC had gone ahead and refunded me what had been taken on the proviso that I return some declaration form. Took just over a week which I'm quite surprised by since I'd read some horror stories online about HSBC.

Phew, good to hear a positive HSBC story. I reported the fraud to them on Friday, still nothing in the post (inc. todays) and my online banking has gone back to normal (previously showing 'no transactions' on the card) with the fraudulent actions still intact...

Who knows?

That's the real question - we just don't know how these frauds were done. We only suspect certain retailers' are either generally insecure or have had account details hacked online or stolen directly.

We, the customers, just don't know what information they need and how they obtained it. We don't know if the CC provider knows anything more either or even whether they're actually doing anything to plug the loophole. So how can anybody be certain they're 'safe'?

All your really need is the card number- after that there are ways and means to get money from it with nothing else

It's quite shocking how bad things are, and if a layman like me can see all the deficiencies (and think of solutions) why are the big banks and CC companies either 1) doing nothing or 2) poncing around with annoying online systems that won't help anything. 90% of the fraud is based on real life theft or cloning, and then using the details with insecure or outdated systems/shops.

I had a claim form sent through immediately after having a call from their fraud team alerting me to the transactions. I completed said form and returned it and then received a letter a week later confirming receipt of my form, that they agreed with the transactions and that they would be refunding me with the amount of ...-.. an amount which was completely different to the amount on my form (out by 100's) I gave up on the form at that point and have been sending them full reconciliations in a spreedsheet, not doing me allot of good though !

Keep at it. That's what I'm doing - they (Barclays) sorted the first fraudulent transactions on my other card very quickly.

The problem I've had is with the second card and the fact the fraudulent transactions they didn't block on that have now been carried over to the first statement for the replacement card they sent me. I was worried that this was a fraud on the new card and getting confirmation it wasn't required two phone calls.

That was annoying enough but then, when the claim form didn't arrive, trying to explain this again to the Indian customer 'care' call centre personel was an absolute pain. After all that, they send me a claim form not for either my old or new VISA but for the old, now shredded and binned, Mastercard. This has, as I said, already been dealt with.

The whole thing is a pain.

What I don't understand though is that...well, wasn't chip and pin brought in to reduce this? Now even my wife doens't know my pin, so just how the bloody hell were they able to spend ?1000 in shops and on train tickets with or without my pin...?

There are plenty of places that don't have chip and pin, and it's still not mandatory.

But not those sorts of places, they'll all have chip and pin for use in direct transactions. Online there's the 3 digit security number system too. How do they get that unless they have physical access to the card. I know 100% they couldn't have physically got hold of both my cards.

The thing is, if you're a fraudster, you know where you can get away with it easily.

I'm not a fraudster, but I know a few places off the top of my head where there's no need for a pin (the pay at the pump petrol station near us, and house of fraser furniture department for example!)

Or maybe cloners are advanced enough to put their own pin on whatever host card they use. I believe the pin check is local (done on the card's chip) and it's only the balance amount that gets checked via the bank.

I also heard places like tesco who have thousands of transactions an hour don't even check cards straight away if it's under a certain limit- it's faster just to get the details and the customer out the way, and bulk process them at the end of the day.

And of course don't forget the 'inside job'. I've often signed for things 'cos the chip and pin machine is broken'. Well, that's just begging to be abused by some fraudsters.

Re-PINning a cloned card is something I've suspected might be possible and, of course, it's something the CC providers who've put so much into telling us how safe chip and pin is wouldn't want us to know about.

However, this still doesn't explain my cards frauds all of which look to have been done online (or by telephone) and must have been done using info obtained online too.

I had a strage one on my bank statement last week. Had £60 somthing took from a direct debit with orange? I phoned the bank and they said they'd refund it but didnt say if was fraud or a simple mistake As i a year or so ago canceld my contract with orange.

The three numbers on the back are all you need for orders over the phone, maybe there is a way of determining what 3 numbers are valid if you only have the number? The problem with CC numbers is there are means of working out whats valid without checking with the banks, and I think the 3 numbers act as some sort of checksum rather than being an extra 3 numbers. With CC numbers only being 16 numbers long from 1-9 (and tghe first four are default anyway), it wouldn't take long to brute force your way thru a few simple checks.

I bought some shoes the other day and I was surprised when they asked me for my signature instead of my PIN. It was a shop in the Birmingham Bullring too, so not some dodgy out of town place!