Skip to comments.Vanity: I've been the victim of credit card fraud
Posted on 06/13/2013 12:06:12 PM PDT by Theo
I received an email and text from Discover Card this morning, saying that I might be the victim of credit card fraud.
I gave them a call, and learned that someone had charged over $10,000 worth of items over the past two days, at local stores: Walmart, Office Max, Publix, Macy's, and so on.
My wife bought two shirts for me on Tuesday from Macy's, using her Discover Card, and within a few hours someone had somehow physically re-created the card and was using it all around town.
Discover is not holding us accountable for the charges, and will reimburse us shortly. I've contacted LifeLock (where we have an account), and notified them of the breach. I've pulled my three credit reports, and it looks clean. Seems that only my Discover Card number was stolen.
I plan on filing a police report, after I receive documentation from Discover Card detailing the fraudulent use of my card. They tell me that the police can secure photos and video from security cameras at the place where the card was used, and we may be able to track down the culprit(s).
The odd thing is that just a couple of days before the fraudulent charges, we received replacement cards from Discover, because they were concerned that our account had been compromised.
Any FReepers ever been the victim of credit card fraud? Any recommendations on how to proceed? Any idea how the perps created a physical card with our credit card info on it?
I love the convenience of my cards, but I am trying to work myself up to going back to cash.
It just happened to me this week and I’m working on getting it resolved now.
1st step call the bank and make the card number no longer valid.
Employee at Macy’s swipes the card twice, once on the machine for Macy’s, then they bend down and swipe it a second time on their Square or similar card reader. The number was probably sent out instantly, fed into a list of stolen numbers, and then imprinted onto hotel keys (or dead cards).
The newest trick is to put the information on an empty gift card (lift a whole stack of those from the local market.) If the company asks for ID, you show them it is a gift card, and away you go.
All that said, please make sure that you triple check your bills for the next couple weeks.
Did you call Macy’s to alert them that one of their employees might be doing this? That would be interesting, if nothing else.
My only experience with this type of thing is very minimal. Had a single charge in another state at a Target store, for less than $100 of normal merchandise. I think it was a scanner error, or a cashier manually put the number in wrong (this was a few years ago, when that was more likely to happen).
Good luck. Hope you are able to get the problems resolved quickly.
The same happened to me with Discover. $10,000 worth of HVAC stuff, I believe it was, well, 2 5000 dollar charges. I told them I wanted to pay by mail now and they don’t even have a payment envelope. Oh well, I fill out my envelope and still won’t use their crap site. They didn’t like me telling them to start sending my bill again, either.
...or the person behind you in line takes a pic of your card with their cellphone.
Funny we both got 10,000 in charges and both Discover.
I haven’t been a victim personally, but I was responsible for credit cards given to some staff where I worked. A lot of times it’s the store clerk, waiter, etc. that steals the info. One time someone stole the card info, did a lot of shopping on the home channel (including several BBQ grills), then rented a storage to put it in. After I located the storage unit, I showed all the info to a policeman, that thanked me but said that they usually don’t have time to go after people committing CC theft.
Probably one of our future fellow citizens (present ‘undocumented aliens’), they are skilled at skirting the rules and gaming the system to their advantage all the while claiming victim status.
I travel quite a bit. I’ve met very few travelers that haven’t had their credit card security compromised at some point. I’ve had my credit cards cancelled and reissued while out on trips 3 times in 10 years. Someone at the restaurant or hotel gives your info to someone that uses your info to make a purchase. Twice my bankcard company has called me the same day it happened and caught the person at the hotel (major chain) where I was staying.
why didn’t Lifelock contact you first? I thought that was the point.
let me know how they help. I’ve considered getting it.
Hubby and I don’t use our credit cards anymore. We pay cash for everything via atm card. Everybody should be doing it this way.
We’ve been happily brainwashed by Dave Ramsey.
That’s what I was thinking!
Amateur! It’s happened to me four times, twice this year, twice in years past a while ago, when (in years past) my keyboard stroked had been captured. This year, I dunno why or how, nothing via my puter, I’m certain, suspecting a compromised gas station pump (via a skimmer). Relatively small charges every time, nothing like your case, and no cost to me or, surprisingly, to my credit rating. And no reason for me to start an FR thread, but I’m not flaming you, it’s all good.
The worst part has been getting on the mailing list of a computer company from whom a thief in L.A. bought $200 worth of memory, but from whom I never bought anything, and now receive daily spam.
Did the cover letter for the new card explicitly state that your card had been compromised? Did the new card have a different account number?
If not, it's probably just a coincidence. If Discover doesn't think you are using your card enough, they will send you a new one out of the blue, even though your old one hasn't expired, just to kick-start you into spending mode. IOW, it's strictly a marketing ploy, not a security issue.
It's happened to me more than once. The new card has distinctively different aesthetics, but the same account number and expiration date. If you read the mag stripe, it will be the same except for an incremented sequence number.
This has happened to us many times,unfortunately. We have never lost our cards, nor have they been “stolen” officially, but the card numbers have been hacked — and it can happen anywhere now: locally, online. It doesn’t seem to slow the thieves down either way. It’s an inconvenience but no, you don’t owe anything. We also have LifeLock, but I’ve found that they don’t really do anything on these issues since you already have zero liability on CC fraud. Good for you for being so pro-active, though! You did more than we have. It’s just so common these days, sadly. Sorry you had the hassle!
I use debits cards and don’t carry much cash working in Downtown Baltimore. Cash can’t be replaced.
How is this the same as cash? ATM cards are also subject to being duplicated, and there are a number of ways the thieves have to sneak a peak at your pin code while getting the card number.
You might use cash at the restaurant, but the ATM where you got the cash is still a weak point for security.
Yes. Maybe 10 years ago.
Someone got my number on my Visa. Changed the mailing address to a PO Box in Brooklyn, NY. After a while, they started making the minimum payment and started making purchases.
I noticed that I didn’t get a bill one month. Went to the bank. They cancelled the card and told me I wasn’t responsible for any of the charges.
I asked if they were going to investigate. They weren’t interested in catching the criminals and simply dropped the matter.
If the thieves physically recreated the card, that’s more sophisticated than just stealing the info to use in online purchases.
Somebody had a mechanism to read and store the info from the magnetic strip and reprogram it onto a blank.
Never hand your card to an employee to swipe for you. Of course this doesn’t mean they can’t hack the store’s card reader, but it’s more likely that they are using a smart phone to capture the info.
Someone probably used a skimmer in order to re create the card and make it their own. Your not responsible for the charges, but DAMN 10,000 good Lord someone went on a shopping spree..the problem is many of those stores don’t ask for ID otherwise they would not have been able to purchase those items..whoever the thief was is smart, he/she knew where to go where it was less likely to get caught
I’ve had credit card fraud on two different cards. The charges were very small, and my card companies questioned the fraud early. One was a gas charge in Mexico, where I had never been. I’m having a problem with the fact that Discover allowed that much to be charged on your card in such a short time. You obviously haven’t used your cards like that in the past, so the amount of fraudulent purchases you describe should have alerted Discover that there might be a problem early on. I used to have credit cards with Bank of America, and if I was going to purchase a large ticket item, I would contact the bank ahead of time to alert them. I also used my cards overseas, and always notified the bank of the countries I would be visiting, and the dates I would be gone.
Credit Card companies work to eliminate fraud. It’s in their best interest.
I've noticed of late that cashiers will ask to see my card after I've swiped it at the register. But they don't bother to check the signature. What they do is key in the CVV code. The CVV is three digits printed on the back of the card, except for American Express, which prints four digits on the front of the card.
The CVV is not contained in the swipe data. Thus, a card made by recording stolen swipe data on a dead card will not work at, say, Staples, where they enter the CVV, but will work at a grocery store, where they typically don't. Also, I've noticed some gas pumps now ask you to enter your billing zip, a measure which also defeats cards made from stolen swipes.
I read somewhere that total fraud volume amounts to five or ten basis points. It's a big number, but proportionally, it's tiny. You may recall during the 2012 election that Newt proposed out-sourcing immigration security to the card companies.
Never let anyone see the CVV, just the signature. Cover it with your finger.
The only credit card I have ever had “compromised” was a Discover account 15+ years ago - and it was used to “buy” some kind of services in Russia... We never figured out how someone got the account info - as it had never been used outside of “brick-and-mortar” stores...
I had my Gold card compromised a few years ago and Amex made it right.
One thing they suggested (and that I have done) is you can set it up so an email or text message will be sent to you immediately if any charge is for over a certain amount (pick the max you might charge regularly), and/or if the charge is made with the card not present.
Unfortunately, there are cases where credit cards are essential - try renting a car on your Debit card... not a good idea.
Cards that give airline miles and other rewards, paid off monthly, are a great idea too.
But they all take discipline - something the vast majority have no concept of.
I have. Several years ago I recived my monthly credit card statement and saw that over $7,000 were charged to my account down in Louisville KY (I live in S.E. Michigan). It was no big deal. What really pissed me off tho, they said I had to file a report with the Michigan State Police and their closest post was about 35 miles away.
When I went in to the post, they told me it wasn't necessary that all I had to do was file with my local sheriff dept......sheesh!
Anyway, I took the report back to my bank and that was the end of it, I wasn't responsible for the charges.
A couple months ago I noticed a charge on my debit card for about $10.00 and an "800" number. I called the number and asked about it and they told me it was for a pair of socks which they sent to an address in California. My bank took care of that too and issued me another card...........
I have no idea where my card numbers were compromised and other than paying cash for everything, I can't see an end to the problem. Just keep a close eye on all your credit card and banking transactions.........
My Discover Card was used in Seattle, while my wife and I were at home in Arizona.
Discover took care of everything, and we’ve had no problems since then.
I notified Visa that I don't go shopping every day in Key West......and they smoothly and politely handled the whole affair, giving me total dollar credit on my next bill.
The only thing Visa wouldn't do was give me any information regarding if the culprit was caught, who it was, or any and all other details. The case was closed for me after my phone call and there was no feed-back call.
I really didn't care to pursue it anyhow, it wasn't worth my time....seeing I was reimbursed and their Fraud Department was handling things.
These petty identity thefts are happening every hour of the day everywhere across the fruited plain....and I can easily figure it out that the credit card companies DON'T want to get involved following up a case with every single customer out of thousands and thousands after an offense has been committed.
They probably have all they can handle with trying to CATCH the perps.
I honestly don't know of any POS system that asks for the CVV code. Typically, when any numbers are keyed in, it is the last four digits of the card, to prevent re-encoded credit card fraud. As for gas stations, if you show them it is a gift card (hence why they've switched to them), they will waive the zip code requirement, or not require it at all if you pay inside instead of at the pump.
Fraud, though, is a tiny number overall mostly because credit card companies tend to try to enforce investigations into the crime. Vs fraud in insurance claims which dwarfs credit card fraud by at least two orders of magnitude.
In order be useful against fraud, the CVV must be part of the information presented to the card company in order to get the transaction authorized or declined. Of course, it would be more secure to have the customer enter the data at the customer-facing card reader. But the requirement to enter it at the POS appears to be recent, and they evidently haven't had a chance to update the card readers with appropriate hardware and software. So, they instruct the clerks to enter it instead.
As far as signatures, on AX, the CVV is on the front, above and to the right of the card number. When I use my AX at Staples, they don't even look at the back of the card.
Ours was hijacked by the Russian mob (out of Baltimore) not too long ago and they managed to take close to 7500 before our bank shut it down and called us.
We’ve set it up with them that they call if there is a purchase over $250 and a withdrawal at a non affiliated ATM higher than $100.
It’s so common place that the state police and the treasury agent pretty much yawned on the phone and the bank had our money back in the account in 48 hrs.
that $10 charge was a test as was someone charging a small item on my old BOA Visa (which I never use)that was cancelled immediately.
I noticed that every once in while when I went to use my card, it would be missing. I would hunt all over for the card and the next day there it was in my wallet.
It happen so often that I actually was going to talk to my doctor because I feared there was something wrong with me.
At least three times I had my cards changed, but it kept on happening.
Finally one of the card companies called and asked if I had just had my car serviced at a specific companies. I told them no, and stopped off at the station. They told me that had cameras and would check it out. The police said they would pick up the tape.
The next day when I went over to my next door neighbors house for coffee, and told her about it, she began to cry and admitted that she had been taking my card out of my purse when I would walk my dog in the morning. She would return it the next day.
The total amount she took from me was over $2,000.
I did press charges against her, and really cut her a break, because she would have done jail time. I just requested she reimburse me, and insisted she seek psychological help.
We haven't spoken since last Aug.
That works, but CVV is better, because it catches even embossed counterfeits (although those are more difficult to make than simply recording an intercepted swipe).
As for gas stations, if you show them it is a gift card (hence why they've switched to them), they will waive the zip code requirement, or not require it at all if you pay inside instead of at the pump.
That must be nerve-wracking for the thief, given a minimally well-designed POS would show the clerk what type of charge is being tendered (AX, DS, MC, VI, or gift card).
Have you posted yet, Nully???
I'm just the opposite. I use my ATM cards at ATM machines. Period. At the POS, it's AX or DS always.
Some years ago, when the "check card" was introduced, I called my bank and asked if my new card, which had a VI or MC logo (I don't remember which), could be used without entering a PIN. When they said it could, I complained, and a day later I had a replacement card minus the card company logo.
The trouble with ATM cards is, if there's a problem, the bank has your money, and you have to get it back from them. With credit cards, if there's a problem, the card company has to get it out of you, not the reverse.
Also, the card companies are enmeshed in competition over rewards points and cash-back nonsense. E.g., last February, Discover offered me $150 cash back if I would be so good as to charge $500 in each calendar month through June. $150 is six percent of $2500. Not a sustainable promotion. So, I took them up on it. One or two more shopping trips to go, and I've got my $150.
I tried that after someone charged >$3000.00 on my debit card. Local cops said I couldn't report it, because my back credited the money back to me. I wasn't a 'victim'.
So what good does Life Lock really do then?
OMG what a story!!! With some experience (business situation) of being the victim of a thief, I would probably NOT cut anyone a break for this. Did she not have enough money? Or why would she have been “borrowing” your card like that? Did anything else go missing like jewelry or other valuables?
The CVV is primarily used for online transactions. It’s not required at POS machines. Some card transaction companies have recently started requiring it but not all.
I only have one card and it has a limit of 1500.00 dollars. keeps temptation at bay.....
For card-present transactions, the CVV has previously been optional, but recommended. Apparently, some merchants have started following the recommendation, while others have not.
Unlike the expiration date, the CVV is a piece of information independent of what’s on the mag stripe. As such, it’s like the billing address. Both pieces of information are helpful in ensuring that the person attempting the charge is the card holder and not a fraudster who bought intercepted swipes on the black market.
I remember the days when we had to sit at night and call into the card companies and get authorizations that way.
And we had to bundle the hard copies and mail them in!
Ah, the good old days!
We don’t bother with the CVV at my restaurants or liquor store. Small enough town we pretty much know our customers.
>> “ I’ve contacted LifeLock (where we have an account), and notified them of the breach” <<
So much for “Lifelock.”
I thought they were supposed to be the one notifying you?
What a scam.
I was notified by the Visa bank and had past due charges etc. all of which were waived. The most unusual charges were for tuition of $3500 at Southern Illinois University and a charge at the college bookstore for over $1100 in books and supplies. So apparently the 'student' could claim that I was his father or some other relative who loaned him the card.
What was the one time usage and likely point of access? Would you believe a purchase by phone with Nordstrom's? NSC?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.