British bank accounts emptied by 'sophisticated' online fraudsters

I required some parts from a web site.

All my address and Credit Card details(apart from the CVV number) had to be entered on an unsecure web site, to buy parts from this web site.

The company informed me that by not entereing the CVV number, their web sales site was more secure that ones with a 'padlock' where the site security could be verified.

Anyone else agree with this thinking?

The web site in question is:-

http://shop.swanrobes.co.uk/store/index.php/upgrades-spares.html

NOt sure what you are arguing here, as the site "use sophisticated security software (128-bit SSL) on our site that encrypts all your credit or debit card details and payment information ". So the site should be secure where you enter your financial details, and by keeping the CVV details separet it does enhance security. Accoridng to the way they word their security policy you should get the padlock as they say they use SSL encryption.

My rule is.....if in doubt don't do it! If you really need to purchase the goods then use a pre-loaded card........but NEVER use the debit card to your main bank account.

Hi Donald

Regarding http://shop.swanrobes.co.uk/store/index.php/upgrades-spares.html

They are talking rubbish, and you are right. I have looked at the site and gone as far as them wanting my full name and address via a non-HTTPS page. They fail security-101!!

Best wishes G

I have not purchased anything from the site in question so I do not know if it uses encryption or not. However based on the wording of your question it would appear not and my views would be as follows.

I would be wondering how/where all this personal information is being stored, baring in mind the company has not bothered to implement their e-commerce site securely.

To assume that because one part of the information is missing it is ok to transmit all the other personal information unencrypted over an untrusted network is misguided at best. Just remember you have no way of knowing what path the posted information takes over the network or who is gathering that information on route.

I would go with Ian's view, if you are unsure don't do it.

I agree with Geoff, I wouldn't even consider entering bank or cc details on a non HTTPS web page.

i would also echo Ian and Skint 'if in doubt, don't do it'

why aren't we being told which bank??

Take out a new additional credit card and insist on a low limit (mine is £1000) and use that for internet payments but also take the precautions mentioned above.

well done John H you are spot on i did that 5 years ago after a dubious bid on E-bay.

John H is right with his advice. I do the same. I have a card only for Internet purchases and this has a low limit. The card company are also sharp at spotting the unusual - even when it is down to me. I once had the card locked because I had made two software purchases that were downloads for a US site and therefore charged in dollars. The card company thought this suspicious and blocked the card until I contacted them. The card companies do have good measures in place - and they need them. There is far too much made of virus and malicious code stories. Spam is the only means for these people to get into your computer and if you use Windows Vista or later it should kick in whenever software tries to install. You should not get problems this way - but no one should ever click through a link on an email that came unsolicited.

Natwest will, on request, put a limit on a card which cannot be exceeded.