Posted on 02/05/2013 12:13:46 PM PST by Revolting cat!
Oh my, it happened again. Last time, it must have been almost 10 years ago, I had a keystroke capturing malware on the 'puter and some bastard from L.A. ordered a couple of hundred dollars of computer memory from a computer company, which then put me on its mailing list where I remain to this day receiving daily spam while never having bought anything from them. But that was all. The bank replaced the credit card, it didn't cost me a cent, and the culprit probably got away with it. The cops told me they get a couple of hundred calls a month in this town, issue report numbers that the banks require, and investigate none of them.
This time I'm clean, or at least that's what I and my anti this and anti that programs believe (but just in case I'm running full scans now), and I don't remember when was the last time I entered this credit card number online, maybe a couple of weeks ago buying from a large reputable company.
Yesterday, I got an urgent phone and e-mail message from the credit card company informing me of suspicious activity on my account and asking that I call their 800 number. I did this morning. There were three charges which I didn't make. One for $200 in the UK for "tickets" (no more detail), another $100 in a store I think is local called Restoration Hardware, and the third $1 for 'AOL FS CARD VERIFY' made today. All three made within the recent couple of days.
I bought a couple of books in the past two, three days, one from Amazon, the other from Half.com, without entering the credit card number which the companies already had on file. What happened then? What could have happened? One of the merchants/stores where I buy groceries has an insecure system? Was my Last Pass password saving program compromised? It had trouble logging in automatically today. I'm waiting for the results of the scans. In the meantime, beware.
The card stays in my wallet, by the way, on which my ass rests at all times!
It doesn’t sound like identity theft, it sounds like your card was captured. The most common place to steal credit card information is at a gas station. People push cards into pumps without even looking or thinking, and thieves know this, placing card readers OVER the existing card readers.
IMHO...
I presume you’re using windows.
Never ever choose the option to save a password and log in automatically.
You’ve got to tighten up how you use your browser (don’t use IE) and email.
Windows provides many ways for your PC to be hacked.
Other than anti-virus, there are all those setup and configuration options in Windows and in your browser.
A lot of doors can be closed through proper selection of options.
I’ve long since abandoned Windows in favor of CentOS Linux (which is just the free version of Red Hat), so I’m not up on the details of trying to make Windows secure in even a minimal way.
I used my credit card at a Shell station- the only time it was used in three weeks. Within 24 hours, $500 was charged to I-tunes. When they tried to make a second purchase of $1500 the next night, I got a call from the cc company. Grrr....
May whoever stole my card number spontaneously combust while enjoying stolen music.
I only use a debit card that’s not tied to a bank account and is good only for the amount currently stored on the card. Most times the balance is zero unless I’m going to buy something, Otherwise it’s cash only.
A few common vectors for this type of thing:
1. Waitstaff at a restaurant copied down your card info
2. A gas pump or cash machine had a skimmer installed (a hidden device which reads the card’s info)
3. A company which you’ve purchased something from in the past exposed your card info by being hacked or having a malicious employee.
After using my bank debit card at a local gas station chain store, my checking/savings accts were hacked but security questions foiled any withdrawls, 2x last year. Received 4+ emails from bank notifying me of repeated breaching attempts, and they quickly froze accts. No cc/debit purchases. I changed username/passwords/security questions next day. Never went back to that station chain, but alerted them of the problem.
I had the “Tickets” charge on mine show up once, from Africa. CC co said they had seen a lot from that particular web site recently, sounded as if the site did not require security ID or address verification so bad guys just pumped a bunch of numbers through it and got lucky... several times. So, we didn’t do anything wrong or exposed ourselves in any way, they just worked hard and got lucky. We had the card killed off and reissued new ones.
I’ve got two candidates: a smog check auto repair shop and a small deli in the neighbourhood. I haven’t gassed the car in over a week, and the charges are from recent days.
Sounds like what happened to me. my very aware credit card company caught it before any real damage was done.
The $1.00 may have been to make sure their “copy” of your card worked.
I also had a $1.00 charge on mine for a NYC parking permit, then a charge to a lumber company and a golf company in NYC. That is when the card company flagged these as “not normal” and contacted me.
I was on Jury Duty here at the time these were done and was NOT in NYC.
I was in NYC about eight months ago but I NEVER used that particular card there.
Is there a way that I can cancel that option? I clicked it accidentally one bleary eyed morning.
I avoid that by always paying cash at gas stations, restaurants and stores. Basically, I only spend cash if I’m not online.
Online, simply use a debit card linked to an account that only has how much you are willing to lose in it.
Credit cards don’t have to leave your wallet to be compromised. There are times where thousands or millions of numbers are stolen from credit card companies directly (sometimes by internal criminals).
i like that idea. thank you.
Also had a couple random charges after a gas station visit several years ago. Bastards!
Your card info could have been stolen months ago. There are literally millions of card numbers (a sizable minority with additional info) on the web for sale for a few dollars to maybe $20 each. There are so many that thieves probably will not ever get around to abusing one of yours.
If I didn’t have these stinking morals, I could be rich...
In Firefox,
Edit > Preferences > Security > Passwords
Remember passwords for sites (NO)
Use a master password (NO)
Just a thought...you said there was a message from the credit card company and an email. You returned their call. Did you use an 800 number they left on your message or email, or did you go look up the credit card’s 800 number online, or on the back of your card, and call that number.
Reason, there might not have been any fraud, but fraudsters alert you to “false” credit card usage, and then get pertinent info from you when you return a call or take the call for that matter, or respond to the email. Credit card phishing is rampant via email, and these types of calls.
Make sure you actually called the credit card company back, and it was the credit card company you were speaking too. Best way to do that is to look online for their credit card phone line, or on the back of your card, and give them a call to make sure there was suspicious activity, or were scammers trying to get info from you.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.