Michael Snow, 30/11/2014 19:40:
As the rest of the message discussed, the fraudsters can use the IBAN to make a "donation" in order to test that stolen card information belongs to a real credit card.
Are you sure you know what an IBAN is?
Anyway, please inform the European Central Bank of your findings, I'm sure they'll be interested in hearing them. Currently their website seems unaware of such fraud possibilities and contains statements such as «Sensitive data payment: Data which could be used to carry out fraud, excluding the name of the account owner and the account number». https://www.ecb.europa.eu/pub/pdf/other/pubconsultationoutcome201405securitypaymentaccountaccessservicesen.pdf
Nemo