Update 1/27/23: Bilt has sent a follow-up e-mail to cardholders confirming that the fraud issues where the result of a “BIN attack:”
This incident occurred as a result of an external fraud attempt to guess account numbers and other card related data (for example, expiration date) to commit fraud. In short, the fraudsters tried random combinations of account information to see which ones work.
In the same e-mail Bilt said that cardholders would have 1,000 points deposited into their accounts within 30 days as thank you for being patient with the company. It also changed the number to report fraud. The new number is 833-404-2272. (h/t: DOC)
It sounds like there are fairly widespread issues with unauthorized charges popping up on Bilt credit cards issued by Wells Fargo. The first version of the Bilt card that was issued by Evolve doesn’t seem to be affected. At least one reddit user reported fraudulent charges on his card before he even received it.
A Bilt representative issued this statement on reddit:
Hey all – quick update from Bilt. We have been made aware of a global fraud ring that has been launching what are called BIN attacks. In short, they use compromised merchants to randomly test millions of potential card numbers to see which ones work, focusing in on one card range at a time. While many of these card attempts get blocked (often invisibly to the customer), occasionally charges make it through. This has been happening across banks and we are aware that a few of Wells Fargo Bilt cardholders have experienced fraudulent charges as part of that.
Please note that you will never be liable for any fraud. Wells Fargo is reaching out to any impacted customers. And you can also contact Wells Fargo’s fraud team directly at 1-800-723-5533. They will remove any fraud charges and overnight you a new card. We put our customers’ security first and will make sure that this is resolved for you quickly. Thank you again for your patience!
BIN is short for “Bank Identification Number.” It’s the first 4-6 digits of a credit card number and it identifies the card issuer. If these charges are indeed the result of such an attack, it would mean that personal information linked to the card most likely hasn’t been compromised. Hopefully, that’s the case. Note that, while the statement says “a few,” DP’s suggest that this problem has affected “quite a few” cardholders.
If you currently have a Wells Fargo-issued Bilt credit card, check your statement ASAP and call the Wells Fargo fraud team at 1-800-723-5533 if you notice any fraudulent activity.