A recently established account on Twitter has begun retweeting photos of credit cards posted on the social network, outing security gaffes by hundreds of users.
The account, @needadebitcard, taps into Twitter’s search functions to locate tweets that include the phrase “debit card” and a link to credit or debit cards stored on photo sharing websites.
It has gained 2673 followers since it emerged earlier this year and features the tag line "please quit posting pictures of your debit cards, people".
Credit cards posted to the sites could be used in Australia to transact with businesses that do not require CVV or CVC security numbers for 'card not present' purchases.
Visa and Mastercard require the use of the CVV numbers — often on the back of a debit card, and not visible in the tweeted photos — for all e-commerce transactions. However, not all small businesses comply with such requirements, according to a former Visa fraud expert.
The “mum and dad” businesses that accept only credit card numbers, expiry dates and names, typically for phone orders, would accept full liability for fraudulent transactions. Requiring the additional verification number would reduce that liability.
.png&h=140&w=231&c=1&s=0)
_page-0001.jpg&w=100&c=1&s=0)
.png&w=120&c=1&s=0)
Tech in Gov 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
