Skip to content

What is a BIN attack on a credit card? Understanding this type of credit card fraud

Feb. 08, 2023
6 min read
This post contains references to products from one or more of our advertisers. We may receive compensation when you click on links to those products. Terms apply to the offers listed on this page. For an explanation of our Advertising Policy, visit this page.

Editor’s note: TPG founder Brian Kelly is a Bilt adviser and investor.


Seeing unauthorized charges on your credit card can be a headache. Having these charges removed from your account and getting a replacement card isn't fun, either.

The root cause of why you have unauthorized charges on your credit card can vary, as there are multiple types of credit card fraud.

Over the past several weeks, we've seen reports online and received emails from readers with surprise charges on their accounts. In fact, some TPG employees checked their accounts to find surprise charges on their Bilt Mastercard® (see rates and fees).

These fraudulent charges are part of what's known as a BIN (bank identification number) attack. But what is that? And is there anything you can do to protect yourself? Let's take a closer look.

Related: How to identify and prevent credit card fraud

What is a BIN attack?

The first six digits of your credit card are the bank identification number. A BIN attack uses brute-force computing to attempt to guess a valid combination of credit card number, expiration date and card verification value, or CVV, number.

While a person can attempt to guess one number at a time, a software program can try thousands of combinations in a matter of seconds. Once it finds a number that works, it can try other (similar) variations and then use those at online merchants — assuming that other cards will have the same initial six digits.

WESEND61/GETTY IMAGES

Many of these purchase attempts are blocked without customers seeing any activity on their accounts. However, a spokesperson for Wells Fargo (which issues the Bilt Mastercard) told TPG that purchase "attempts from trusted merchants" have affected some customers recently.

Sign up for our daily newsletter

A statement from Bilt confirmed that recent unauthorized transactions stemmed from a BIN attack:

We have been made aware of a global fraud ring that has been launching what are called BIN attacks. In short, they use compromised merchants to randomly test millions of potential card numbers to see which ones work, focusing in on one card range at a time. While many of these card attempts get blocked (often invisibly to the customer), occasionally charges make it through. This has been happening across banks and we are aware that a few of Wells Fargo Bilt cardholders have experienced fraudulent charges as part of that.

Which cards does this affect?

From our research, we found that these recent attacks affected more than just the Bilt Mastercard. Ultimately, a BIN attack doesn't care about the type of card you have, nor does it need to get inside a company's software. It's simply trying to find a combination of numbers that will result in a successful transaction. Once it does, the fraudsters hope the affected cardmember won't notice until the fraudsters can make additional purchases or cash withdrawals.

Thus, it doesn't matter what bank issues your credit card or what type of rewards your card earns. BIN attacks also don't require hacking into the bank website or the loyalty program website to succeed.

This reinforces the importance of checking your credit cards regularly for fraudulent charges, ensuring that problems are detected as quickly as possible and preventing further unauthorized transactions.

Related: Credit card fraud: How to spot and report it

It's also important to understand who to contact if you do find unauthorized charges on your credit card: the issuing bank. For example, if you detect fraud on your Marriott credit card, you shouldn't call Marriott's customer service team; you should reach out to either Chase or American Express, depending on which company issued your card.

In that same vein, Bilt also isn't a credit card issuer and can't issue a new credit card for you. You need to contact your issuing bank — either Wells Fargo (for those who applied since applications opened to the general public in March 2022) or Evolve (for previous applicants).

How can I protect myself from BIN attacks?

In short, you can't stop computer programs from trying to guess credit card numbers. What you can do, however, is monitor your accounts and guard your personal information to prevent other types of credit card fraud.

If you're worried about someone having your credit card number, you can lock your credit card to prevent any transactions; however, that's not a permanent solution. Some transactions will still go through, including recurring bill payments and refunds — meaning a fraudster could attempt a refund as a means of testing whether your card works. Plus, locking your card doesn't combat the chief problem: that someone else may have your card number.

PEOPLEIMAGES/GETTY IMAGES

Thus, it's important to get a new card with a new number if you have unauthorized charges on your account. Call the number on the back of your credit card or use the bank's website — go to the website by typing the address yourself, rather than clicking on links, to avoid phishing scams. Many banks also use email, app, phone and text alerts to verify suspicious charges, and you should make sure you know what these look like to understand which notifications you receive are legitimate.

It's also important to ensure you protect your credit card information by carefully evaluating which websites you grant access to your information and what links you click on, plus using strong passwords to protect your information.

Related: Why a password manager is a critical part of my points and miles strategy

You also should report any suspicious charges on your account. Reporting these quickly ensures you're not held responsible for the charges — yet another reason why you should monitor your credit cards regularly.

Bottom line

Multiple readers have contacted TPG to inform us they were affected by recent fraudulent attacks and unauthorized charges, asking if we know what happened. This has affected more than just the Bilt Mastercard, unfortunately, so you should check your accounts regularly to watch for fraud. While you can't prevent computer software from trying to guess your credit card number, you can take steps to minimize damage and prevent other problems.

For rates and fees of the Bilt Mastercard, click here.

Featured image by GREYJ/GETTY IMAGES
Editorial disclaimer: Opinions expressed here are the author’s alone, not those of any bank, credit card issuer, airline or hotel chain, and have not been reviewed, approved or otherwise endorsed by any of these entities.

TPG featured card

NEW BENEFIT! TAKEOFF15!
TPG Editor‘s Rating
Card Rating is based on the opinion of TPG‘s editors and is not influenced by the card issuer.
3 / 5
Go to review

Rewards

1 - 3X points
3XEarn 3X Miles on Delta purchases and purchases made directly with hotels.
2XEarn 2X Miles at restaurants worldwide, including takeout and delivery in the U.S. and at U.S. supermarkets.
1XEarn 1X Miles on all other eligible purchases.

Intro offer

Earn 90,000 Bonus Miles50,000 Bonus Miles
Earn 90,000 bonus miles after you spend $4,000 in purchases on your new Card in your first 6 months.

Annual Fee

$250

Recommended Credit

670-850
Excellent/Good
Credit ranges are a variation of FICO© Score 8, one of many types of credit scores lenders may use when considering your credit card application.

Why We Chose It

Build your loyalty to Delta by applying for the carrier's mid-tier card option, the Delta SkyMiles Platinum card. The annual fee is quickly recouped by the card's travel perks, such as an application credit to Global Entry or TSA Precheck, annual companion certificate and so much more. Plus you can fast-track to elite status simply through card spend.

Pros

  • Earn bonus Medallion® Qualification Miles (MQMs) and an Medallion Qualifying Dollar (MQD) waiver when you hit specific spending thresholds with your card within a calendar year
  • Receive a Domestic Main Cabin round-trip companion certificate each year
  • Statement credit for TSA PreCheck/Global Entry fee (up to $100)
  • First checked bag free

Cons

  • Doesn't make sense if you don't fly Delta
  • SkyMiles aren't the most valuable airline currency
  • Earn 90,000 bonus miles after you spend $4,000 in purchases on your new Card in your first 6 months.
  • Receive a Domestic Main Cabin round-trip companion certificate each year upon renewal of your Card. Payment of the government imposed taxes and fees of no more than $80 for roundtrip domestic flights (for itineraries with up to four flight segments) is required. Baggage charges and other restrictions apply. See terms and conditions for details.
  • Enjoy your first checked bag free on Delta flights. Plus enjoy Main Cabin 1 Priority Boarding and settle into your seat sooner.
  • New: Card Members get 15% off when using miles to book Award Travel on Delta flights through delta.com and the Fly Delta app. Discount not applicable to partner-operated flights or to taxes and fees.
  • Earn 3X Miles on Delta purchases and purchases made directly with hotels.
  • Earn 2X Miles at restaurants worldwide including takeout and delivery in the U.S., and at U.S. supermarkets.
  • Earn 1X Mile on all other eligible purchases.
  • Enjoy a per-visit rate of $50 per person for Card Members and up to two guests to enter the Delta Sky Club when traveling on a Delta flight.
  • Fee Credit for Global Entry or TSA PreCheck® after you apply through any Authorized Enrollment Provider. If approved for Global Entry, at no additional charge, you will receive access to TSA PreCheck.
  • Earn up to 20,000 Medallion® Qualification Miles (MQMs) with Status Boost® per year. After you spend $25,000 in purchases on your Card in a calendar year, you can earn 10,000 MQMs up to two times per year, getting you closer to Medallion® Status. MQMs are used to determine Medallion® Status and are different than miles you earn toward flights.
  • No Foreign Transaction Fees.
  • $250 Annual Fee.
  • Terms Apply.
  • See Rates & Fees
Apply for Delta SkyMiles® Platinum American Express Card
at American Express's secure site
Terms & restrictions apply. See rates & fees
TPG Editor‘s Rating
Card Rating is based on the opinion of TPG‘s editors and is not influenced by the card issuer.
3 / 5
Go to review

Rewards Rate

3XEarn 3X Miles on Delta purchases and purchases made directly with hotels.
2XEarn 2X Miles at restaurants worldwide, including takeout and delivery in the U.S. and at U.S. supermarkets.
1XEarn 1X Miles on all other eligible purchases.
  • Intro Offer
    Earn 90,000 bonus miles after you spend $4,000 in purchases on your new Card in your first 6 months.

    Earn 90,000 Bonus Miles
    50,000 Bonus Miles
  • Annual Fee

    $250
  • Recommended Credit
    Credit ranges are a variation of FICO© Score 8, one of many types of credit scores lenders may use when considering your credit card application.

    670-850
    Excellent/Good

Why We Chose It

Build your loyalty to Delta by applying for the carrier's mid-tier card option, the Delta SkyMiles Platinum card. The annual fee is quickly recouped by the card's travel perks, such as an application credit to Global Entry or TSA Precheck, annual companion certificate and so much more. Plus you can fast-track to elite status simply through card spend.

Pros

  • Earn bonus Medallion® Qualification Miles (MQMs) and an Medallion Qualifying Dollar (MQD) waiver when you hit specific spending thresholds with your card within a calendar year
  • Receive a Domestic Main Cabin round-trip companion certificate each year
  • Statement credit for TSA PreCheck/Global Entry fee (up to $100)
  • First checked bag free

Cons

  • Doesn't make sense if you don't fly Delta
  • SkyMiles aren't the most valuable airline currency
  • Earn 90,000 bonus miles after you spend $4,000 in purchases on your new Card in your first 6 months.
  • Receive a Domestic Main Cabin round-trip companion certificate each year upon renewal of your Card. Payment of the government imposed taxes and fees of no more than $80 for roundtrip domestic flights (for itineraries with up to four flight segments) is required. Baggage charges and other restrictions apply. See terms and conditions for details.
  • Enjoy your first checked bag free on Delta flights. Plus enjoy Main Cabin 1 Priority Boarding and settle into your seat sooner.
  • New: Card Members get 15% off when using miles to book Award Travel on Delta flights through delta.com and the Fly Delta app. Discount not applicable to partner-operated flights or to taxes and fees.
  • Earn 3X Miles on Delta purchases and purchases made directly with hotels.
  • Earn 2X Miles at restaurants worldwide including takeout and delivery in the U.S., and at U.S. supermarkets.
  • Earn 1X Mile on all other eligible purchases.
  • Enjoy a per-visit rate of $50 per person for Card Members and up to two guests to enter the Delta Sky Club when traveling on a Delta flight.
  • Fee Credit for Global Entry or TSA PreCheck® after you apply through any Authorized Enrollment Provider. If approved for Global Entry, at no additional charge, you will receive access to TSA PreCheck.
  • Earn up to 20,000 Medallion® Qualification Miles (MQMs) with Status Boost® per year. After you spend $25,000 in purchases on your Card in a calendar year, you can earn 10,000 MQMs up to two times per year, getting you closer to Medallion® Status. MQMs are used to determine Medallion® Status and are different than miles you earn toward flights.
  • No Foreign Transaction Fees.
  • $250 Annual Fee.
  • Terms Apply.
  • See Rates & Fees