Fraudulent debit-card transactions originating in China have hit at least one Akron-area credit union.
At least six customers, possibly eight, of the Towpath Credit Union have seen fraudulent transactions averaging $800 from a merchant in Shanghai that appears to be a bar, said Nancy Gardner, Towpath vice president of operations.
Customers began noticing the fraudulent activity Thursday afternoon. The credit union Friday was reviewing accounts for other potential victims.
Towpath has shut down debit card usage in China to avoid any other fraudulent activity for all of its customers. All other activity for general debit card users is normal.
If any consumers are going to China or need to do business there, they should contact the credit union and their usage can be turned on, said Rose Bartolomucci, Towpath’s chief executive officer.
Victims of the fraud have had their debit cards shut down and are getting new cards issued, she said.
Towpath customers will not lose any money.
As soon as customers sign an affidavit saying they were a victim, any money taken out of their account will be returned, Gardner said.
Bartolomucci said the institution has confirmed with the national company that handles debit cards for Towpath as well as other financial institutions that it sent out an alert June 24 of a trend it was noticing in China matching the transactions seen by Towpath customers, averaging $810.
At this time, the debit-card vendor said there had been no other reports from financial institutions.
Financial institutions are always on the lookout for potential fraud, said Bartolomucci, and Towpath already had been limiting transactions internationally for any card users online to $100 as a preventative measure in general. Customers can call the credit union for higher limits, she said.
What makes this fraudulent use unusual is that the scammers swiped actual debit cards with a customer’s account number on them to complete the bogus transaction. It is unknown if the victim’s names were on the cards, she said.
While the consumer is made whole regardless, that’s a distinction in responsibility for the financial institution, Bartolomucci said. If a fraudulent transaction is placed online using only a stolen account number, the financial institution can “charge back” the funds to the merchant.
However, when there is an actual card swiped, there are no charge backs, so the financial institution is responsible for losses, she said.
Bartolomucci said it is unknown how the account numbers were compromised. She maintained Friday that Towpath’s systems constantly are monitored and have not been breached.
Gardner and Bartolomucci said the incidents are a reminder for all consumers to keep a regular eye on their transactions and immediately notify their financial institution if they see something wrong.
It is unclear whether the scam is more widespread.
In an email inquiry to several local and national financial institutions, four — Fifth Third Bank, North Akron Savings, Medina County Federal Credit Union and CSE Federal Credit Union in Canton — responded and said they have no reports of a similar China breach.