Theft of credit card data is a widespread form of criminal activity, while taking delivery of items one has not ordered, in addition to losing the money, is a rare side-effect. This is what happened to a Tallinn resident who received a letter from customs notifying them that a scarf suspected of being a forgery has been confiscated.
A Tallinn resident who seldom orders from foreign online shops recently received a letter from the Tax and Customs Board (MTA) according to which an item she had apparently ordered from China was found to be a forgery.
"We have forwarded the notice and pictures of the confiscated product to an authorized representative of Burberry Limited. Should the trademark holder confirm that the product is a forgery, the item will be destroyed under customs supervision. We will notify you of the decision," the letter, complete with photos of the confiscated scarf and packaging, read.
The photos revealed that the scarf had been shipped from Guangzhou, China, with the unsuspecting recipient's correct address on the package.
Because she had not ordered the scarf or anything else online, the recipient of the letter was baffled. However, a look at her credit card history revealed that €79 had indeed been paid to a company in Singapore on December 1. She contested the transfer.
Kertu Laadoga, head of media relations for the MTA, told ERR that while such things happen, they are in the jurisdiction of the police as cases of fraud, identity or data theft.
"We are concerned with the goods. If they are not allowed, in this case because the item was a forgery, that is the side of things we deal with," she explained.
Destroying forged goods is standard practice for the tax authority. Goods arriving in the EU pass through customs, with any banned goods seized and destroyed.
Vjatšeslav Milenin, head of the severe crimes bureau of the North Police Prefecture, said that credit card fraud happens often and is usually perpetrated through fake websites.
Where the data could have leaked remains a mystery in this case as the victim said that while she purchased something from a German online shop in fall, she has never ordered anything from China.
Milenin said that are many ways criminals can gain access to data and recommended checking the background of online shop operators and whether their websites are the real thing as criminals are adept at copying them.
"Fraudsters do not copy the whole site, which means that some menus won't work and same pages won't load," he said.
Bank needs to be called when fraud discovered
Debit and credit cards should only be used to pay under the card holders eyes as the card being taken out of sight makes it possible for the data on it to be copied. The police also recommend regularly checking bank statements and having sensible transfer limits.
"When a person finds money has been taken from their account by way of deception, they need to call their bank for further instructions," Milenin said.
Eero Ergma, head of financial crime prevention at Swedbank, said the bank has seen cases of fraud in the form of SMS messages and emails sent in the name of delivery services in November and December. Customers are informed of a package having arrived or been redirected and asked to make a payment to get things moving again.
The customer is asked the enter credit card information that the criminals will use elsewhere. Receiving such a message could be the first sign that a fraud is being attempted if the person knows they have not ordered anything.
"The chances of getting one's money back are heavily case-dependent," Ergma said.
Editor: Marcus Turovski