Fraudsters are linking stolen card details to digital wallets on their own phones — then spending your money while your card stays in your purse.
A fraudster obtains your credit or debit card details — often through a fake website or phishing message — and links them to a digital wallet such as Apple Pay or Google Pay on their own phone. Once set up, they can spend freely online and in shops, even though your physical card never leaves your possession.
It works because most people do not realise their card details alone are enough to set up a digital wallet. The scam often begins with something that looks routine — a parcel delivery text, a fake offer, or a copycat website asking for payment details. By the time you notice unusual transactions, the fraudster may have spent hundreds of pounds.
Transactions appearing on your bank statement that you do not recognise, even small ones. Your bank sending a one-time passcode you did not request.
Check your bank statements regularly and set up real-time spending alerts in your banking app if available. If you see anything you do not recognise, contact your bank immediately and ask them to check whether any unauthorised digital wallets have been linked to your account. Be sceptical of any website or message asking for your card details — if in doubt, go directly to the company's official website rather than clicking a link.
