Beware!!!!!!

[jimmyh]

I hate to blame anyone but I have only dealt with a few vendors. I have recently have gotten several fraudulent charges on my debit card. Since my card has different numbers than my wife and I only have used my card to purchase vape supplies, I believe that some one has stolen my info. Now I had to cancel my cards and get new ones. I will not be ordering on line again due to this. I would sugest you make a habit of checking your accounts.

 

[tA71ana]

There have been a few threads about this lately, but they have fallen off the main page:
http://www.e-cigarette-forum.com/forum/new-members-forum/394629-credit-card-fraud-after-ordering-juice-heads-up-folks.html
http://www.e-cigarette-forum.com/forum/general-e-smoking-discussion/393939-recent-credit-card-fraud-weekend-first-time-since-i-started.html
http://www.e-cigarette-forum.com/forum/general-e-smoking-discussion/393912-keep-close-eye-your-credit-card-statements.html

It had definitely been a problem...who have you ordered from?
There had been a vendor that had detected a vulnerability, but they have apparently fixed it

 

[cherrycakes]

have you purchased from AVE recently?

 

[jimmyh]

I don't know yet what area these charges are coming from. I am trying to get the bank to give me an area and then I have no problem saying who I ordered from in that area. For now I rather not say.

 

[eratikmind]

Well, it's time to check my checking account. Thanks for the heads up.

 

[OptimoMuffin]

Best of luck. I would suggest getting a prepaid debit, only putting enough money on to get what you want to order. Thats what I do, I have a Green Dot card. I just load it at CVS or 711.

 

[2nd chance]

Yup, prepaid is the way to go now that this has been happening a lot.

 

[tA71ana]

I don't know yet what area these charges are coming from. I am trying to get the bank to give me an area and then I have no problem saying who I ordered from in that area. For now I rather not say.

Unfortunately the general gist is that these charges that people's accounts are getting hit with are coming in from worldwide, not just the US

 

[Johnnie Price]

It happens when ordering online unfortunately.

I haven't had it happen yet with vaping, but it's happened to me several times over the years when ordering from eBay or Amazon. Since I use my debit card, each time I've just called the bank to dispute the charges and they've fixed it with no hassles and sent me a new card.

 

[Bookworm]

I don't know yet what area these charges are coming from. I am trying to get the bank to give me an area and then I have no problem saying who I ordered from in that area. For now I rather not say.

Where the charges come from have nothing to do with where your information was stolen. Most of these fraudulent charges in the last couple of weeks seem to be coming from one vendor, from what I can tell. There are three different threads that have popped up with more info.

 

[Joe944]

The issue is not with the vendors stealing your info, it's with all these mom and pop vendors with improperly secured databases and likely unsanitized data being transmitted, making them easy targets to be hacked.

 

[jimmyh]

The issue is not with the vendors stealing your info, it's with all these mom and pop vendors with improperly secured databases and likely unsanitized data being transmitted, making them easy targets to be hacked.

I beg to differ. If these vendors want my money they need to protect me, other wise I will not buy from them. It just really ticks me off. By the way it was not any of those places from the other links.

 

[2nd chance]

The issue is not with the vendors stealing your info, it's with all these mom and pop vendors with improperly secured databases and likely unsanitized data being transmitted, making them easy targets to be hacked.

Correct, the security some of the venders use, are not all that secure.
"you get what you PAY for"

 

[Johnnie Price]

Dude, your CC info can get stolen pumping gas. Hell, Social Security was hacked recently. You think an online vendor could put in stricter controls on their websites than what the Federal Government does?

Seriously, it's not the vendors' fault.

 

[skoot]

Correct, the security some of the venders use, are not all that secure.
"you get what you PAY for"

Very true. I run an e-commerce site (not in this industry). Most are built on existing platforms, like Big Commerce, Magento, Volusion, etc. If the site you're on is using one of the bigger e-commerce platforms you are probably in good shape. They have tens of thousands of sites serving millions of customers and rely on reputation- so their security is very good. However, you can also put together an e-commerce site using open source code, for free. (These big platforms only charge $25-50/month, I guess some people figure they can do better than the security experts at these places). Now sure, some people CAN build a very secure site using open source code. Most can't.

Personally I only shop at places using reputable platforms. Most sites have something at the bottom that says "Powered by Volusion" or whatever.

 

[monacelli]

Very true. I run an e-commerce site (not in this industry). Most are built on existing platforms, like Big Commerce, Magento, Volusion, etc. If the site you're on is using one of the bigger e-commerce platforms you are probably in good shape. They have tens of thousands of sites serving millions of customers and rely on reputation- so their security is very good. However, you can also put together an e-commerce site using open source code, for free. (These big platforms only charge $25-50/month, I guess some people figure they can do better than the security experts at these places). Now sure, some people CAN build a very secure site using open source code. Most can't.

Personally I only shop at places using reputable platforms. Most sites have something at the bottom that says "Powered by Volusion" or whatever.

It's also up to the vendors to keep their eCommerce software up to date if they're not using a hosted solution. Not being a technical person isn't an excuse when you're running an online store with people's personal information at stake.

 

[JMarca]

Correct, the security some of the venders use, are not all that secure.
"you get what you PAY for"

Very NOT true!

You couldn't completely secure a website if you spent your entire business budget on security. Recent sucessful hacks include Michelle/Barrack Obama's Social Security numbers, George Bush's daughter got her numbers hacked and the list goes on and on.

You could get hacked simply buying from a local "trusted" vape store the same way you can get hacked buying from an online retailer. Hackers are not TARGETING THE VENDORS, THEY'RE TARGETING THE MULTI-MILLION DOLLAR CORPORATIONS THAT HOST THEIR PAYMENT GATEWAYS. They go after companies like Autorize.net, Visa, Mastercard, Paypal - all of these MAJOR corporations have been hacked at least 10 times this year alone.

Sure they update and try to up secure and reform so they can't get back in the way they got in the first time but hackers just look for other holes in security. There is NO 100% secure website or local vendor, it doesn't exist! You want 100% secure? Pay cash, otherwise there will always be a small risk.

Should you as the consumer be worried? Yes and No - Yes of course you should keep an eye on your money and account at all times. And no all your money is insured I've yet to hear of someone who didn't get all their money back, that's why we use FDA insured institutions.

 

[2nd chance]

Very NOT true!

You couldn't completely secure a website if you spent your entire business budget on security. Recent sucessful hacks include Michelle/Barrack Obama's Social Security numbers, George Bush's daughter got her numbers hacked and the list goes on and on.

You could get hacked simply buying from a local "trusted" vape store the same way you can get hacked buying from an online retailer. Hackers are not TARGETING THE VENDORS, THEY'RE TARGETING THE MULTI-MILLION DOLLAR CORPORATIONS THAT HOST THEIR PAYMENT GATEWAYS. They go after companies like Autorize.net, Visa, Mastercard, Paypal - all of these MAJOR corporations have been hacked at least 10 times this year alone.

Sure they update and try to up secure and reform so they can't get back in the way they got in the first time but hackers just look for other holes in security. There is NO 100% secure website or local vendor, it doesn't exist! You want 100% secure? Pay cash, otherwise there will always be a small risk.

Should you as the consumer be worried? Yes and No - Yes of course you should keep an eye on your money and account at all times. And no all your money is insured I've yet to hear of someone who didn't get all their money back, that's why we use FDA insured institutions.

Hogwash, refer to skoots post & thanks odds are better the better security company you go with, I am not saying hackers can't get in but not so easily with a good security company, your bringing politics into this thread??? Really??? LMAO

 

[cherrycakes]

well to be fair, they said both bush and obama. so that's not really political.

 

[JMarca]

Hogwash, refer to skoots post & thanks odds are better the better security company you go with, I am not saying hackers can't get in but not so easily with a good security company, your bringing politics into this thread??? Really??? LMAO

Again I completely disagree, the standard for most e-commerce use is for the most part the same - only transmits a series of encrypted packets which are completely useless to hackers because it cannot be decrypted until it reaches the gateway on the other end (the cc processor) who has another encrypted code on their site with a vendor ID, it's only then when you put two and two together that you can even make use of anything that was sent.

I mean you could be a complete ..... and send un-encrypted packets across the internet or store CC information on the local server in plain text or a low grade encryption but no reputable company I've come across has done that. Either way hackers and trust me I see alot of them at work don't go after small vendors because it's not worth their time, organized hackers go after major CC processors where they can steal tens of thousands of CCs at a time.

This wasn't political learn to read a little better, this is just a list of high value targets that have gone above and beyond to secure their intellectual property, have above average security standards, yet still have been hacked.