Another CC fraud ..

[Israfil]

So we know for sure that in one case it was 700 dollars worth of play money for online games. The good news is that in cases like that you can dispute the charge and most cases the credit card company will issue what I'm told is called a chargeback. This would force the company who accepted the fraudulent purchase to investigate the account that made it. Sadly, if they have brains enough to swipe credit card info they may be smart enough to have used faked credentials to create their account as well.

There is also the possibility that it was an inside job. Have any younguns? I'd investigate to see whether they access the sites that use that variety of online currency.

 

[Chingas]

Yep, my debit card was compromised last Wednesday. Some company called "Give It Gilmore" ran a $3.37 charge on it but my bank had them redflagged and we had it canceled right away.

 

[Dkrom68]

I use it only at a few local places and know it wasnt from them. I have used it at theses same places for the past couple years. It is either from one of the places online or from off the computer while on those places. I know the people at the places used locally and am not at the least worried about them so I am discounting use locally as there are only 3 places.

You say that as if you're discounting the physical use locally. In general, it's more likely to be stolen from physical use than from online use.

 

[Quick1]

I use it only at a few local places and know it wasnt from them. I have used it at theses same places for the past couple years. It is either from one of the places online or from off the computer while on those places. I know the people at the places used locally and am not at the least worried about them so I am discounting use locally as there are only 3 places.

You're probably right then if you've known the people handling your card for a few years, and they don't use paper copies which could inadvertently end up in the garbage and it's not some employee running the register for them. I think I mentioned earlier where a high volume, self serve gas station in my neighborhood discovered readers in their credit card pay stations at the pumps. Someone had inserted paper thin electronic readers into the slot that would read the information from your card and store it while it was being used to pay for gas. Amazing, just like something out of mission impossible.

 

[Dkrom68]

Yeah its terrible how easy they get it. Im in the middle of going through the process with the credit card company and also filing a police report. The biggest mistake the people made was they made 3 purchaces to microsoft xbox live so the purchases will be able to be traced and charges filed. All transactions through them are ip logged and recorded as well as mac addresses so with some good fortune Ill get this one. They were stupid enough to use my info to create a account so they had full access to all the info of name credit card and all in order to do it so it has to be from one of the online sources.

 

[Israfil]

Well THAT was friggin stupid of them. I hope you get the .......s!

 

[br5495]

Not anymore. Mac and Linux virus's have been on the rise for awhile.

from TechRepublic -

Meanwhile, Mac users shouldn’t get complacent either. Intego has reported two in-the-wild outbreaks of a Trojan horse program found on game sites and a gruesome piece of spyware that tags along with screen savers and other freebie apps. (And Intego says they found copies of the unwanted software even after the original distributor claimed to have removed it.)

Besides, now-a-days a mac is just a refrigerator white pc running BSD with a mac shell.

Apple quietly adds anti-malware in Snow Leopard update | InSecurity Complex - CNET News

 

[Dkrom68]

Yeah it was and I have the police involved with a friend in the detectives as well as spoke to Microsoft. I have to wait for the transaction to be completed on Paypal to go through the dispute process but I had Microsoft shut the account down and had them speak to the police as well. I will have access to the police findings and if IP and Mac addresses are used it will be easy to trace it and find where it came from. I will keep things updated and what the findings are. If they are caught I will be pushing my hardest in this and hope it solves the problem with all the ones Ive seen from the forum.

Well THAT was friggin stupid of them. I hope you get the .......s!

 

[NuGalicia]

I hate to be skeptical, but I've personally experienced similar scams and know the IP address tracing may only lead you to the thiefs internet provider. They'll say they're legally prohibited to divulge user info unless law enforcement requests them to. Often they're in another state, meaning that'd have to be the FBI. They'll say they MAY look into it a year later because the problem is so prevalent they're back logged. Also, a MAC address only leads to a machine, not the person who used it, so it doesn't help much. I actually had evidence of the thiefs identity in one instance, but law enforcement has bigger fish to fry. Sorry, I know how you feel (probably ticked enough to strangle someone), but sometimes you just have to move on and consider it another tough lesson learned.

 

[Dkrom68]

Well it helps to have friends in law enforcment and since its microsoft on one instance with gaming from the persons home and they are the ones losing the money not me they are cooperating with the locals here in giving the info as they want it resovled as well. It may be skeptical but if its an ongoing problem within a company they wont allow it to keep going on. Microsoft themselves told the police it isnt a single event it has become a large problem.

 

[NuGalicia]

Good luck! I hope they get 'em...for once!

 

[Dkrom68]

Me too it would be nice

 

[Quick1]

I don't want to sound pessimistic either... but, X-box live credits? I'm guessing t's either some kid clerk who stole the card number himself or their friend who did it or it's some kid that bought or got the card number on some internet site or through pms on facebook, etc.

Hopefully the IP address is within your state. Then the ISP can pinpoint a modem/router. The Mac address could be useful on the other side of that if it's something like an appartment building with shared access or a college dorm or the likes.

Can't wait for the update. Here's hoping.

 

[Ragamuffin]

This is why I only shop on online using prepaid CC.

Yeah, I thought about that too. But I bought a Visa Gift Card a few weeks ago, for a few hundred dollars, to use for several purchases online, and most of them worked, but a few did not. And of course I checked the balance, so do some businesses or their processors automatically reject gift cards? Maybe I should have purchased and loaded a refillable Visa card instead. I registered it and everything, but it was really annoying when trying to make a purchase and it kept saying declined though I knew there was money on it. And the website where I registered it had the wrong expiration date on my balance page.

I am going to keep a better eye on my bank account. This is the second thread I've read about this happening lately. I don't always go over it that closely. But I will now.

 

[thelook]

The re-loadable Visa is what I have, and I have never had a problem using it anywhere online or in person

 

[gb_ibmguy]

Just to add fuel to the fire, my CC was compromised on the the 18th. 2 quick small purchases and a 1.00 charge from Freecreditreport (oh great!). Charges denied from my CC, but it appears they did get my credit report. I did use the card that same day to order juice from one of our suppliers and hardware from another. Just placed a fraud alert on my credit report and alerted all my CC companies. What a PITA!.

I never store info on my computer or on line. I'm behind a router and an IPCop hardware firewall, CC only used on line. Nightly scans of my network for virus's and malware along with active protection. At this point, I have to figure one of the vendors sites was compromised/hacked.

GB

 

[Quick1]

Freecreditreport is a $1 charge? That sounds odd. Also, if they got a credit report they must also have your social security number. I know it sounds bad but with a credit report they would have your current and previous addresses, employment history, social security, ALL your account numbers... I'd see if you can find out from freecreditreport if someone actually pulled a report and if they did I'd start locking down for a full identity theft.

 

[NuGalicia]

Since the "M.O." of this scam is happening to more than 1 person, have you PM'd a moderator to discuss which vendor you suspect?

While it may not be the vendor's fault if their site was hacked, if ECF has several members reporting the same problem (with a $1 credit report charge, etc), a moderator could ask the vendor to remedy.

If it continued ECF could report to members that a certain site may not be secure so 'Users Beware'.

Just a thought.

 

[Caddyman]

fwiw, here is something i do to protect myself....this is only effective in limiting the damages a hacker can do if he gets your info.

being a webmaster i know full well that anything and anyone can be compromised....

so what i do is, at my regular (real world) bank i started a "buffer" checking account. it is a regular old checking account, i call it my buffer though.

i have a paypal account like most people, i also have a paypal debit card (it is free, no fees, etc)

my paypal account is "backed" by my "buffer" checking account.

on the regular, i only keep a few bucks in my buffer acct. when i want to make a purchase online i transfer money from my real checking acct to my buffer then use my paypal debit for the online purchase.

when i do that, paypal pulls the money from my buffer acct, completes the transaction, and then my buffer acct is back down around 5 bucks.

might seem complicated but it is really easy once you do it...and good for peace of mind too.


also, not foolproof but a tool you can use is a online website scanner. you give it a URL and it will scan the site for viruses....it is not foolproof, may not be up to date, you may scan one url but another is infected, etc....just something i use sometimes to check my own websites periodically.

http://www.avg.com.au/resources/web-page-scanner/

 

[Instigator]

I concur with Caddyman...