[Update] Issues With Unauthorized Charges On Wells Fargo Bilt Credit Cards

Update: Impacted Bilt cardholders are reporting receiving an e-mail with the subject line ‘Recent fraudulent activity’ stating the following:

We are aware of recent fraudulent activity that may have impacted your Bilt Mastercard.

What happened: 
This incident occurred as a result of an external fraud attempt to guess account numbers and other card related data (for example, expiration date) to commit fraud. In short, the fraudsters tried random combinations of account information to see which ones work. The large majority of these are blocked through monitored controls, but in this case, attempts from trusted merchants impacted a subset of Bilt customers. Remember, as a Bilt Mastercard cardholder, you won’t be held responsible for promptly reported unauthorized transactions.1

What we are doing: 
We continue to implement new security measures to help protect our cardholders and we remain committed to providing you with safe and secure products and services. Please closely monitor your credit card statements and if you have been impacted, contact us immediately at 833-404-2272.

As a thank you for your patience, we are issuing 1,000 Bilt Points to your Bilt Rewards account. It will appear in the next 30 days.

Original post: Recently there has been many reports of unauthorized charges (1, 2, 3) on Bilt credit cards. The issue seems to only be affecting cards that are issued by Wells Fargo and not the cards issued by Evolve. A representative from Wells Fargo provided the following statement:

We recently discovered fraudulent activity that has impacted some of our Bilt Mastercard cardholders. We take these matters very seriously and are working closely with our partners at Bilt and Mastercard to resolve this issue.

A statement provided by Bilt on reddit states that this has been caused by a BIN attack:

Hey all – quick update from Bilt. We have been made aware of a global fraud ring that has been launching what are called BIN attacks. In short, they use compromised merchants to randomly test millions of potential card numbers to see which ones work, focusing in on one card range at a time. While many of these card attempts get blocked (often invisibly to the customer), occasionally charges make it through. This has been happening across banks and we are aware that a few of Wells Fargo Bilt cardholders have experienced fraudulent charges as part of that. Please note that you will never be liable for any fraud. Wells Fargo is reaching out to any impacted customers. And you can also contact Wells Fargo’s fraud team directly at 1-800-723-5533. They will remove any fraud charges and overnight you a new card. We put our customers’ security first and will make sure that this is resolved for you quickly. Thank you again for your patience!

Update: We have been informed that the better number to call is 1-833-404-2272.

If the above is accurate and the unauthorized charges are a result of a BIN attack then personal information such as SSN, address etc should still be secure.

View Comments (70)

  • The fraud charges are back again. Sigh.... I had one on 5/20. Called bilt / wf. Immediately cancelled the card. Got a text asking me to verify charges.

  • I received a bill from them and knowingly I haven't used it since I applied for it. I was so upset because I was being charge almost every 2-3 days from $39.99 - $49.99 . I called 24-hour Customer service at 1-833-404-2272 and reported all these charges and the customer service asked me If I subscribe to dating sites. I told her I just applied for this card maybe a month ago and I'm getting charges already even though I haven't use it since acquiring it. She said she gonna send me a new card in 5-7 days and cancel my current card, and she assure me don't worry about the charges and will send me form to fill up for those fraudulent charges. I'm not sure if I will activate the new card they will send to me because I lost trust of them already.

  • This has happened again as of 4/15/2023. I never use this physical card, only use it for Apple Pay transactions outside of the monthly rent payment. Noted approximately 5-10 foreign Uber transactions over 1 day. Clearly they have not solved this vulnerability, if the same thing happened to them in the space of a few months.

  • I similarly had a bunch of fraudulent charges all in the small, less than a dollar range. It was annoying being bounced around from a Wells Fargo rep saying that I needed to speak to a Bilt rep, when I'm like YOU'RE the BANK.

    • Been using the card nearly a year, no problems (aside from the fraud, which happened to my Chase card too). Why "you person" choose not to do bidniz with them and leave money on the table can be perceived as equally nonsensical for everyone on the other side of the aisle. Choose any aircraft type flying right now - the probability that someone else died at some point is quite high. Doesn't mean you'll meat the same fate (pun intended), and choosing not to fly would be silly.

      "Correlation does not imply causation".

    • I get $40 in points from rent, and while the fraud was detected on my account nothing went through. So I basically had to get a new card and that's it, otherwise I continue to earn $40/mo in points just paying rent..

  • This must be targeted, YMMV. I had fraudulent transactions on my Bilt card that I reported, and I did not receive this email, nor any extra points. I should still be able to pay my rent this month even though I have not received my new card yet. This is because I have Bilt Protect turned on to take the rent payment right out of my Enzo checking account. However, I have not been able to make my full 5 purchases this month to earn 1x the points since I have been waiting to long to receive my new card in the mail. Therefore, I plan on contacting Bilt once I receive it and make my rent payment to see if they will give me any extra points for that at least.

    • Got the email a few hours later, and the 1k Bilt points were applied to my account the next day. I wasn’t able to make my 5 required transactions for the month because of this, so at least the points helped make up for it.

  • Their other cards are also affected. Just had my regular card WF breached, although the algo declined the transactions. This time I'll have to keep it inactive by default, I guess.