Another Card Fraud!!!

[boshans]

So I went to go use my debit card today at the atm, and it wouldn't work...so I called up my bank and apparently this place tried to take out money from my account SIX times. I can't see it in my online banking, but the bank said it was called christianmale or something like that. Ridiculous! They tried for multiple amount of like 60 bucks to 80 bucks, for a total of like 260 all together. Luckily there was not enough money in my account since I just placed a bunch of orders for vaping supplies, so I didn't actually lose money. I don't use my card in stores, and I don't have a keylogger or anything, so my card had to have been gotten from one of these vendors that I ordered from in the past two days:

madvapes
HeathersHeavenlyVapes
RTD Vapor
Kidney Puncher
DV's
Ahlusion
MountainOakVapers
Mom&Pops

I have ordered from DV's, M&P's, and HHV's multiple times, so I doubt it was them...I am 99.99999% sure it wasn't. All the following vendors it is the first time I have ever ordered from, Ahlusion doesn't seem like it would be since I haven't heard of anything like this from them, or RTD and Kidney Puncher since I have never heard of problems with them either. So I am lead to believe that it either came from madvapes or MOV. Didn't the other problems come from MOV? Or was that Mt.Baker? Maybe everyplace with mountain or mt. in their name has hackers trying to get peoples cards lol. I ordered from AliceInVapeland for the first time also, but that didn't go through yet, and I hope to god it does because they closed my card. I will be so ...... off if I can't get my Alice order in this week because of this.

I just think it's pretty ridiculous that some vendors obviously don't have high enough security. It HAD to be from one of those 5 vendors, I DO NOT use my card ANYWHERE except online vapor stuff, everything else I use cash. And this is the first time I have ordered from different places, so it most likely it from the new places.

 

[ScottP]

I have used MtBaker lots of times (my primary juice vendor) and MyVaporStore a few times (my primary hardware vendor) and never had any issues with either.

 

[unloaded]

I don't think it's the vendor's security but rather that of the processing company they use. Most of the processors won't accept ecig vendors so their choices are limited. It seems at least one of the few who do service ecig vendors has been compromised. My debit card got hit last month and I haven't used any of the vendors you listed. If we had a list of the processing service each vendor uses we could probably figure it out pretty quickly where the problem lies. Sadly I doubt that will happen.

 

[skoot]

The processor is one variable.

Also, most of these sites are hosted- meaning the owner is basically renting a storefront on the host's software platform and servers. There are really big, secure, well-run ones like Big Commerce, Volusion, and others. There are of course bargain basement options, as well as do-it-yourself. These are the problem ones. The big companies host tens of thousands of stores, their reputation is everything because it's incredibly cheap to create a new store on a better platform. It's basic evolution- the best platforms are the biggest- they keep security super tight because they control everything except the text, pictures, and product info on all those sites.

I only use a credit card on those running on tight platforms. Most of them say what platform it's on, in tiny type at the bottom of the page. Or ask before you buy. Then Google it, if it's one of the top 10 platforms, it's probably OK. PayPal for all else.

 

[iceman68]

If we had a list of the processing service each vendor uses we could probably figure it out pretty quickly where the problem lies. Sadly I doubt that will happen.

This was discussed in another thread. There's been a lot of posts about CC fraud. Something is definitely wrong somewhere. Getting a list of processors would certainly help but how can that be accomplished? Everyone should consider using alternatives to make their online purchases, such as: gift cards, pre-paid cards, random secure account numbers(offered by some CC issuers), or Paypal(if accepted).

 

[nahoku]

Yup something is amiss in vapeland! This is a BIG problem!


For the record, I too was hacked and I have used two of the listed vendors.

 

[Dave L]

This is why I do my shopping at B&Ms. Plus the personal service, the expertise, and I have to admit, the freebies. I'm sure I'll order online at some point - I do want an eVic one of these days. But I keep a dedicated card with little money in the account for this very reason.

 

[windozehater]

maybe this has been said already but, instead of extra charges from your bank for fraud protection, what i did a long time ago was a prepaid visa only a couple of bucks add what you need to purchase online or from shady people never link it to your bank account if it gets hit it will only be for a dollar or two then cut it up and get another. after a couple of years doing this never had a prob. my banker said that gift cards are coded as such, thats why they wont work for securing a revolving account and are low on the fraud hits compaired to debit cards

 

[Tintreach]

Seriously it's either crap coding in the store fronts or crap administration on the server end.

Doubtfully anyone knows about PCI compliance or even knows what a STIG is.