Very complex phone phishing on personal account

I hardly ever use my bank card, and never online. Mostly use PayPal or credit card. Not saying it is any safer but just feels that way.

As I've mentioned elsewhere, I had a 13 fraudulent transactions between 21st and 22nd July. For some reason (probably CrowdStrike) I wasn't notified of the transaction until well into Monday morning. (I get notified by SMS of all transactions over a certain limit). How do they use my card? For the reason you outline. Surprised at Amazon though.

I do know the payment providors like Stripe, Cashflows and others don't care about the name. Someone used my details but their card on a site once so I tried it and put any old name in and it went through. Problem is they are an absolute pain in the bum to get hold of when there is a problem. Their pages are all set up for their paying subscribers to contact them but nothing for the general public. Did surprise me when I found out. I'm also surprised if this is true for Amazon but I am guessing they will be just using a similar payment provider so same rules. Interesting one that.

I very rarely use my debit card, business or professional. I don't know if every bank does this, but in my card setup in online banking / app I have options to restrict its use to certain things or to freeze it.

So for instance Contactless, Online & Telephone, Gambling, International , Chip and pin can all be individually enabled or disabled. Freezing it disables all use. That's how mine sits 99% of the time.

Next, I use a normal credit card for purchases from big companies I trust, Sainsbury , Waitrose, Amazon etc.

Finally I have a Revolut account, this is very powerful in the level of control it gives you. The best thing is being able to create single use card numbers. As the name implies the number is destroyed after a single transaction, so you never have the problem of them losing your details or being hacked, or automatically renewing something in a years time to "help you". I always use this for RAC for instance.

Next it allows you to create virtual cards which can be tied to specific reasons (if you wish). So for example I have a virtual card that only PayPal has that number. I can then freeze that or set a spending limit per month. Or you can destroy a card at the click of a button. So if it was ever in the news that PayPal was hacked for example, I can destroy that card and create a new one in seconds. As this is a debit card you do lose the protection a credit card gives you, so there is a downside.

Pretty much the same here, except I don't have any cards, or bank accounts, linked to PayPal. I periodically do a bank transfer from a savings account to PayPal. If PayPal ever gets hacked, the most I can lose is the hundred quid or so I keep there.

I stopped using Amazon a few years ago, for various reasons, but partly because they don't accept PayPal and I don't want my credit card stored there. I pretty much use eBay/PayPal for most things these days.

Like you, the only places I have my credit card stored are Sainsburys and one other site I use regularly. In both cases, larger transactions require text pass code authorisation.

And, like you, I hardly ever use my debit card for anything, and never online.

I use cash or, occasionally, barter.
much simpler IMO.

Use that a fair bit too, and it's all we ever use on holiday abroad.