all this on your maxed out credit card?...
Maybe Quick1, once you no longer work any more and are on a fixed budget and have to payy all those bills you would understand where flbutterfly1 is coming from!
More CC fraud
- Thread starter optsmk
- Start date
- th_trl_thread_readers 0
-
- Tags
- credit card fraud
- Status
Maybe Quick1, once you no longer work any more and are on a fixed budget and have to payy all those bills you would understand where flbutterfly1 is coming from!
I know it's very taboo, but I would very much like to know which of the places this happened at, PM me if nothing else.
Then you need a separate account where your critical money is not at risk for online purchases. That's not so hard?
Unfortuneately, the more technology runs our life the easier it is for "bad" people to use that technology to rip people off. I live on disability, so the only credit card I have is the one attached to my checking account. I can understand how waiting for a bank to refund your money can cause major problems. I am sorry this happened to you and I hope everything gets straightened out quickly.
Wow this is getting bad , We use Authorize.net for CC processing ( one of the biggest and most secure in online business ) and are fully compliant with the bank etc ( I forgot the name PIC ? ) .
It would be good to find out where these leaks are happening !
It would be good to find out where these leaks are happening !
Seems to me you have this one nailed. Have you contacted your supplier to tell them about this miserable situation?
Is there an update on this? This is the only instance I have ever seen on ECF where there was a reasonable chance of identifying the vendor concerned.
Like said before most small online businesses use billers who never share the CC info with the vendor.
I don't know any biller who would risk their entire business by charging a few 100 dollars for hotel rooms and such. It just makes no sense if you're processing thousands of transactions and making thousands or tens of thousands per day.
I guess there's a few possibilities, rouge employee at the biller maybe the reason, even then I would expect lower level employees would not have access to enough info to make a purchase. It's also odd someone would use this invalid email address during orders since an email address isn't verified in anyway during CC processing and you can use which ever email address you'd like, so why would they use what they suspected as your email address, all it would do is notify you of the fraud.
It's also possible that perhaps you have a trojan/keylogger on your PC.
Also are you certain you haven't made this .com mistake anywhere else? Even if you are certain, if the mistake can be made once it's not unreasonable to think it wasn't made at a different time without you catching it.
Also, how would this guy from the .com address even know to contact someone at .net? A typo could just as easily have been in the actual email alias not the domain.
I don't know any biller who would risk their entire business by charging a few 100 dollars for hotel rooms and such. It just makes no sense if you're processing thousands of transactions and making thousands or tens of thousands per day.
I guess there's a few possibilities, rouge employee at the biller maybe the reason, even then I would expect lower level employees would not have access to enough info to make a purchase. It's also odd someone would use this invalid email address during orders since an email address isn't verified in anyway during CC processing and you can use which ever email address you'd like, so why would they use what they suspected as your email address, all it would do is notify you of the fraud.
It's also possible that perhaps you have a trojan/keylogger on your PC.
Also are you certain you haven't made this .com mistake anywhere else? Even if you are certain, if the mistake can be made once it's not unreasonable to think it wasn't made at a different time without you catching it.
Also, how would this guy from the .com address even know to contact someone at .net? A typo could just as easily have been in the actual email alias not the domain.
Bank of America has "shop Safe" numbers. You can create a seperate number for each transaction and set the $ maximum as well and the expiration date of that number. Interesting enough I had a fraud situation two weeks ago. They tried to use one of my depleted shop safe numbers and the credit card company called me to see if it was me. That transaction was the day after ordering vaping supplies. hmmm
Me three, and very worried now. Even canceled an order today b/c the site went from paypal to vendor still asking for cc info. No way Jose! Paypal already has it.
5vz, report that to PayPal and they'll shut the vendor down.
I'd also like to know who the vendor is. PM me. Info sharing like this is a perfectly valid way for us to protect ourselves before there is a problem. While it would be unfortunate if an innocent vendor suffered, it would be more unfortunate if I did.
I'd also like to know who the vendor is. PM me. Info sharing like this is a perfectly valid way for us to protect ourselves before there is a problem. While it would be unfortunate if an innocent vendor suffered, it would be more unfortunate if I did.
Internet CC fraud is a huge problem that has few very simple solutions. Some have already been mentioned here. Immediate text message alerts is another. You know within minutes when some fishy takes place.
What the registered vendors are saying is 100% true. They do not see the full number when they receive an order notification.
Despite this particular case having the e-mail component, which really narrows it down, it would not be wise or proper to start posting accusations on message boards. I am certain you can see the possibility of abuse there.
What the registered vendors are saying is 100% true. They do not see the full number when they receive an order notification.
Despite this particular case having the e-mail component, which really narrows it down, it would not be wise or proper to start posting accusations on message boards. I am certain you can see the possibility of abuse there.
This incident was 5 months ago... I think it's stale news now.
I'll repeat what I use for online or phone purchases.
Citibank virtual card numbers.
I have a Citibank Mastercard (Platinum Select but I don't think that matters).
You can either go to their website and login or, for your personal computer you can download an app that give you that interface.
You can generate a "virtual" card number. You login to your account and it will generate a credit card number.
CC number, CVC, and expiration date at the end of next month.
I can look at a history of my virtual card numbers.
Just before generating a virtual card number I can click on advanced options and there I can put a dollar limit on the card and I can extend the expiration date from 2 - 12 months.
So let's say I make an online purchase for $35. I will generate a virtual card and limit it to $35 (I would generally do $40 just in case there is tax or something a tiny bit more so it doesn't get declined if I don't know the exact amount ahead of time). So that "virtual" credit card number is to a card that has a $35 limit and will expire at the end of next month.
I have my netflix subscription paid monthly with my citibank card. Netflix automatically charges the card each month (it's like $18.67 or something). For that I generated a virtual card with a limit of $240 with an expiration date of 12 months from now. So I'm good for a year.
I can close any open/valid virtual number at any time. I can increase the dollar limit of any open/valid virtual number at any time. If I had wanted I could have put a dollar limit of $20 on the card I use for netflix and just increase the limit by $20 each month just before netflix charges it. Of course I could just use a new virtual number each month but this way I don't have to keep changing my billing information on netflix's site.
Another major attribute of Citibank's virtual cards: They can only be charged by one merchant.
Apparently every merchant has a "terminal" or merchant number. They use this number to charge your card. In the above example, once Netflix makes the first charge against that virtual card number, ONLY Netflix can make subsequent charges against that virtual card number. This feature can have a small downside or inconvenience. Amazon for example. I'll put a number of items in my shopping cart. Some items will be directly from Amazon and other items will be from Amazon's vendors. The shopping cart will only show a total and you enter billing information for that total. What happens is that someone charges the card first and when the other vendors (or amazon) charges the card for the remainder of the order it gets declined. With Amazon you can go back later and change the billing information for each item but it's sort of a gotcha the first time it happens and rather confusing until you understand how it works. It's a great feature though. If vendor X charges your card and there is more money associated with that card someone else won't be able to purchase from anywhere else.
You can generate an infinite number of virtual card numbers. I generate a different card number for each and every online purchase I make. Even when I make a subsequent purchase from the same merchant. Your exposure is really minimal and only to the extent of the limit you put on that card (of course the regular cc fraud reimbursement protections apply just like with a physical card).
The PC app will autofill browser forms for you if you let it and is very convenient to use. Generating from their website can be done from any browser if you're not on your PC (it won't auto-fill and there are a number of clicks you have to go through to get to it).
When I get my monthly statement ALL of my purchases are listed like normal. The ones made with a virtual card have a second line listing the (last 4 digits) of the card used. The online history shows only the virtual numbers (in their entirety), the date, and the merchant name (and I think maybe balance remaining if the expiration date hasn't passed?).
A number of banks have this or a similar service for online or phone purchases.
I'll repeat what I use for online or phone purchases.
Citibank virtual card numbers.
I have a Citibank Mastercard (Platinum Select but I don't think that matters).
You can either go to their website and login or, for your personal computer you can download an app that give you that interface.
You can generate a "virtual" card number. You login to your account and it will generate a credit card number.
CC number, CVC, and expiration date at the end of next month.
I can look at a history of my virtual card numbers.
Just before generating a virtual card number I can click on advanced options and there I can put a dollar limit on the card and I can extend the expiration date from 2 - 12 months.
So let's say I make an online purchase for $35. I will generate a virtual card and limit it to $35 (I would generally do $40 just in case there is tax or something a tiny bit more so it doesn't get declined if I don't know the exact amount ahead of time). So that "virtual" credit card number is to a card that has a $35 limit and will expire at the end of next month.
I have my netflix subscription paid monthly with my citibank card. Netflix automatically charges the card each month (it's like $18.67 or something). For that I generated a virtual card with a limit of $240 with an expiration date of 12 months from now. So I'm good for a year.
I can close any open/valid virtual number at any time. I can increase the dollar limit of any open/valid virtual number at any time. If I had wanted I could have put a dollar limit of $20 on the card I use for netflix and just increase the limit by $20 each month just before netflix charges it. Of course I could just use a new virtual number each month but this way I don't have to keep changing my billing information on netflix's site.
Another major attribute of Citibank's virtual cards: They can only be charged by one merchant.
Apparently every merchant has a "terminal" or merchant number. They use this number to charge your card. In the above example, once Netflix makes the first charge against that virtual card number, ONLY Netflix can make subsequent charges against that virtual card number. This feature can have a small downside or inconvenience. Amazon for example. I'll put a number of items in my shopping cart. Some items will be directly from Amazon and other items will be from Amazon's vendors. The shopping cart will only show a total and you enter billing information for that total. What happens is that someone charges the card first and when the other vendors (or amazon) charges the card for the remainder of the order it gets declined. With Amazon you can go back later and change the billing information for each item but it's sort of a gotcha the first time it happens and rather confusing until you understand how it works. It's a great feature though. If vendor X charges your card and there is more money associated with that card someone else won't be able to purchase from anywhere else.
You can generate an infinite number of virtual card numbers. I generate a different card number for each and every online purchase I make. Even when I make a subsequent purchase from the same merchant. Your exposure is really minimal and only to the extent of the limit you put on that card (of course the regular cc fraud reimbursement protections apply just like with a physical card).
The PC app will autofill browser forms for you if you let it and is very convenient to use. Generating from their website can be done from any browser if you're not on your PC (it won't auto-fill and there are a number of clicks you have to go through to get to it).
When I get my monthly statement ALL of my purchases are listed like normal. The ones made with a virtual card have a second line listing the (last 4 digits) of the card used. The online history shows only the virtual numbers (in their entirety), the date, and the merchant name (and I think maybe balance remaining if the expiration date hasn't passed?).
A number of banks have this or a similar service for online or phone purchases.
Last edited:
Quick1;
Thank you for the information. I think there should be a stick somewhere on this along with any other disposable cc info anyone has, don't you?
Thank you for the information. I think there should be a stick somewhere on this along with any other disposable cc info anyone has, don't you?
Thank you to all the people who contributed info about setting up and using Virtual CC's - extremely useful stuff. Especially Quick1.
Roboform is a fantastically useful PC app for password and form filling. There is a free version but it's limited to 10 sets of info, although that might be enough for many people. Also note there is a portable version, so you can put it on a USB stick for use outside your home. All data is kept in an encrypted form.
[B]www.roboform.com[/B]
It comes in most IT pros' top 10 can't-live-without lists, and for good reason.
Keepass is a very good free alternative, but it lacks Roboform's form-filling feature, it's just for passwords.
Roboform is a fantastically useful PC app for password and form filling. There is a free version but it's limited to 10 sets of info, although that might be enough for many people. Also note there is a portable version, so you can put it on a USB stick for use outside your home. All data is kept in an encrypted form.
[B]www.roboform.com[/B]
It comes in most IT pros' top 10 can't-live-without lists, and for good reason.
Keepass is a very good free alternative, but it lacks Roboform's form-filling feature, it's just for passwords.
Last edited:
That sounds like a huge PITA
Why waste time making all those cards.
I've never had a fraudulent transaction that was not reversed, get a new card in a couple of days.
The gas station clerk, waiter or hackers could still get your real CC number.
Why waste time making all those cards.
I've never had a fraudulent transaction that was not reversed, get a new card in a couple of days.
The gas station clerk, waiter or hackers could still get your real CC number.
It's actually easier than getting a physical card out of your wallet and typing in the information.
get to the payment page that has a CC form on it and the virtual cc app pops up automatically
fill in userid and password
click generate card #
and all the CC information is filled in on the webpage form. And it never has typos
You want to change the options and it's only a couple more clicks.
And if there is a problem you know exactly where it happened.
If used correctly there will never be a problem and no need to spend the time calling to report fraudulent charges or filling out any forms. If all you use is virtual numbers you don't even need to check the charges on your statement.
Using your physical card at B&M stores is the same and is what it is.
- Status
Similar threads
