Credit Card fraud

[kbsparky]

I was shopping at Lowes last night, when my cell phone rang. On the line was the fraud dept. from Chase bank, asking me if I had made some purchases in California recently, and was I in possession on my Chase Visa card.

At first I was skeptical of the call, thinking it was a scamster attempting to get hold of my CC information to do exactly what they were calling me about. I kept waiting for the other shoe to drop, so to speak. One of the red flags that never materialized on this issue was the caller never asked for my "security code" number (3-digit number only printed on the back of the card, and not embossed) -- an important piece of info needed to process fraudulent transactions.

As the call progressed, it became apparent that this was a legitimate call, as the bank had sufficient information about my account to verify this to me.

Anyways, they began asking about specific recent transactions on my account, and wanting to know whether I had made those purchases or not.

Since I was physically in Delaware at that time, and there had just recently been transaction requests in Southern California -- and I still had actual possession of my card -- they concluded that someone had forged a copy of my card, and was attempting to use it for fraudulent purposes.

I explained I was still shopping at Lowe's and wanted to use that very card for checkout, but I could use another card if I had to. The gal stayed on the line while I checked out, allowed my transaction to go thru, and then canceled the card ... :roll:

(I get a 3% rebate for using the Chase card)

So now the questions come to mind are:

1. Who copied my card?
2. How did they obtain the information needed?
3. When did this occur?

I figure that somehow it was "sold" to scamsters over the internet -- hence the attempted use across the country.

Chase will be sending me some paperwork for me to verify or deny liabililty on recent charges. They are also going to issue me a new card, with a different account number. One note here is that my wife's card is unaffected, since hers has a different number on it than mine, but they are both tied to the same master account.

Anyone here have similar experiences?

 

[peter d]

Anyone here have similar experiences?

Yes, a few years back someone managed to get a hold of my Visa number. (I don't know how.) Apparently the thieves ran a few "tests" of making some $1 purchases with it, which MBNA (now BoA) immediately picked up on they system as fraudulent activity. The called, confirmed that it was bogus, and cancelled the account immediately.

 

[ultramegabob]

I have never had anything like that happen to me, but please keep us posted on what all happens with this...

 

[kbsparky]

Confirm that $1.00 test transaction. The bank told me that a $1.00 transaction was made at a local Exxon/Mobil station here on the 15th.

The problem here is that I did indeed fill up my tank that day, but it was at a Shell station, using my CitiBank Shell MasterCard. At an automated pump no less. (I get a 5% rebate on that one).

I did not use the Chase card that day at all!

FWIW, automated gas pumps sometimes will authorize a dollar when filling up. I suppose that this was done to prevent the fraud dept. from noticing.

Thinking back further, I did some traveling a month ago, and had used that card for some meals at some airport eateries. I wonder if one of those had a bad apple employee that had scammed the information from my card? ...

 

[nakulak]

a few years ago I used a credit card for an online purchase and made the mistake of not closing my browser aftwerwards before I surfed the web.

a few months later the same thing happened. a few one dollar charges, then a few 10 dollar ones on my statement. I was going to call the company the next week, then I get a call from a girl at a jewery store in another state telling me that they couldn't ship my jewelry to Romania. (It might interest you to know that because there is so much hacking going on in certain parts of the world, the post office has rules against shipping certain items to certain countries).

Bottom line was, this jewelry store had begged the credit card company to give me contact info so they could contact me, but the credit card cos won't do that. They had used my name and looked in the phone book to get my phone #. I don't understand why the credit card cos do business the way they do, they protect the card holders (which is nice) but the poor business people get screwed over for the illegal purchases.

 

[TwinCitySparky]

It's not an RFID card is it? There were news reports recently that talked about scammers using homemade devices that, if held close enough to your "contactless" RFID credit card, could scam the information from it. The criminal simply stands next to the victim for a short time and they are done. They suggest wrapping the card in tinfoil or get one of those new tinfoil wallets.

http://www.youtube.com/watch?v=BZ6KnlW5M7s&feature=related

 

[480sparky]

I use my own method of thwarting credit card theives. Guaranteed to work, 100% of the time.




I don't have one.

 

[sgunsel]

It is pretty easy for an employee to make a copy of your card or it's number. The numbers can be sold quite easily. That's why many stores now have you swipe the card. Much less opportunity for problems. I think on-line use is MUCH more secure than handing your card to anyone.

 

[satcom]

I use my own method of thwarting credit card theives. Guaranteed to work, 100% of the time.




I don't have one.

Not having them works best, and it keep the crooked banks from raping the comsumers, if you need money, your likely better off going to the mob.

 

[gardiner]

About a year ago I was called by the bank checking on purchases they said were being done in Montreal on my card. When I went to the bank to see about this there were others there for the same reason. Turns out we all used the same gas stations and would use the pay and go feature at the pump.
They caught the ring doing it (at least most of them) Employee at the station had a device in the pump that not only read the card number but also and pin numbers used. This then was sent to others in Montreal that would run up purchases selling the item bought for 25 cents on the dollar. I have never used this feature at a gas station since.

 

[drbond24]

About a year ago I was called by the bank checking on purchases they said were being done in Montreal on my card. When I went to the bank to see about this there were others there for the same reason. Turns out we all used the same gas stations and would use the pay and go feature at the pump.
They caught the ring doing it (at least most of them) Employee at the station had a device in the pump that not only read the card number but also and pin numbers used. This then was sent to others in Montreal that would run up purchases selling the item bought for 25 cents on the dollar. I have never used this feature at a gas station since.

Man, where do you live that gas station attendants are that smart? Around here, you're lucky if they can give you the correct change even with the help of the cash register!

 

[480sparky]

Man, where do you live that gas station attendants are that smart? Around here, you're lucky if they can give you the correct change even with the help of the cash register!

Maybe they just acted dumb.

Same trick is being used in ATMs.

 

[Fulthrotl]

So now the questions come to mind are:

1. Who copied my card?
2. How did they obtain the information needed?
3. When did this occur?

I figure that somehow it was "sold" to scamsters over the internet -- hence the attempted use across the country.

Anyone here have similar experiences?

i posted something here a couple days ago, about this...... the thread
was closed, 'cause it really isn't electrically related, but here is the gist of it.

the hole works for collecting passwords, and also works for CC info,
in some situations.

> The major press outlets are abuzz this morning with news of a major new
> security flaw that affects all versions of Internet Explorer from IE5
> to the latest beta of IE8. The attack has serious and far-reaching
> ramifications -- and they're not just theoretical attacks. In fact, the
> flaw is already in wide use as a tool to steal online game passwords,
> with some 10,000 websites infected with the code needed to take
> advantage of the hole in IE.
>
> Virtually all security experts (as well as myself) are counseling users
> to switch to any other web browser -- none of the others are affected,
> including Firefox, Chrome, and Opera -- at least for the time being,
> though Microsoft has stubbornly said it "cannot recommend people switch
> due to this one flaw." Microsoft adds that it is working on a fix but
> has offered no ETA on when that might happen.

 

[drbond24]

Maybe they just acted dumb.

................no.

I'm a fairly educated hillbilly, which is unusual in and of itself. Usually, hillbillies are doing good to go to vocational technical school and learn to work on cars and/or weld. The smartest of the ones that couldn't make it through vo-tech become police officers, and the dumber ones are left choosing between gas station attendant and stay-at-home-drunk-wife-beater. The latter is a quite popular vocation in this state, but some of the more ambitious ones opt for the gas station. Either way, I'm pretty sure that the guy that hands me the receipt for my gas is NOT a criminal mastermind. :roll:

 

[nakulak]

Not having them works best, and it keep the crooked banks from raping the comsumers, if you need money, your likely better off going to the mob.

credit card companies do rape with ridiculous rates, but unlike the mob they do not smash your car up, break your bones, rape your wife, or decide once you do pony up that there will be additional fees, or even once the debt is paid forget that you have made half the payments, or any of the other known methods for inspiring you to pay up on a debt that you might never get out of. Do Not confuse the credit card companies with mobsters. You may, however, be inclined to compare the IRS with mobsters, and in that case you would have more of a comparison.

 

[480sparky]

................no.

I'm a fairly educated hillbilly, which is unusual in and of itself. Usually, hillbillies are doing good to go to vocational technical school and learn to work on cars and/or weld. The smartest of the ones that couldn't make it through vo-tech become police officers, and the dumber ones are left choosing between gas station attendant and stay-at-home-drunk-wife-beater. The latter is a quite popular vocation in this state, but some of the more ambitious ones opt for the gas station. Either way, I'm pretty sure that the guy that hands me the receipt for my gas is NOT a criminal mastermind. :roll:

So, maybe the hick at the station is just a key-man..... one who has the keys so the ringleader could install the device.

 

[drbond24]

So, maybe the hick at the station is just a key-man..... one who has the keys so the ringleader could install the device.

This is more of a realistic possibility, especially if the key-man was bribed with beer money.

This is even more off topic, but this thread isn't electrical related anyway so I doubt it'll last a whole lot longer. I stopped at a gas station a few weeks ago very late at night (about 2 am). All of the lights were on, and all of the pumps were on. This happens to be a gas station where you can't pay at the pump. I looked inside and didn't see anyone at the counter, but I figured they were in the bathroom or something, so I proceed to fill my truck up. I drive a large truck and it was mostly empty, so I ended up getting like 22 gallons of gas. When I go up to the building to pay, the door is locked and I now see that the sign says they close at midnight. They've been closed for two hours and no one is there, but everything is still on. I go back the next day to pay and tell them about it, and the girl at the counter says that it isn't possible. I tell her I'm pretty sure that it is since it happened. She says that the pumps have to be enabled from inside the building, so for what I said to be true someone would have to physcially (and intentionally) enable them all, and then lock up and leave. I think someone was planning on showing up and getting themselves a crapload of free gas that night, and probably bringing their friends along as well. Perhaps, even my being there when I was foiled there plan, I don't know. It was unusual, that's for sure.

 

[gardiner]

There was a group working out of Toronto about 15 years ago that paid employees of certain restuarants to give them number and names of patrons. They then manufactured a fake card and then sold them to others for $250 each, telling the buyer they would be good to two days only, then they should scrap the card. Visa and AM estimated over $5 million loss during this scam.
The ringleader was caught ( 22 year old kid) and a deal was worked out. He spent less then a week in jail and was released to work with Visa for minimum of one year showing them ways to prevent the type of fraud from happening again for which they paid him.

 

[480sparky]

Years ago, there was a ring of crooks working at a fancy-schmancy restaurant adjecent to a shopping mall. Patrons would give the waiter their credit card at their table, and the waiter would not only run it through, but then give it to one of his cohorts. His buddy would then dash over to the mall, buy a preselected item high-$, use the card, and return to the eatery.

The waiter would simply apologize about the delay, citing 'The system was down for a moment, but you're taken care of now."

 

[Fulthrotl]

I was shopping at Lowes last night, when my cell phone rang. On the line was the fraud dept. from Chase bank, asking me if I had made some purchases in California recently, and was I in possession on my Chase Visa card.

Anyone here have similar experiences?

banks have learned to run faster to keep up with hacquers.

i used my atm for cash at a bank, and the machine hiccuped
and spit my card out... machine malfunction.

i went to the machine next to it, and completed the transaction.
i made it halfway back to my car, maybe 150', when my cellphone
rang. it was bank security, asking about the transactions.

i waved my secret magic decoder ring, and they said ok, we were
just checking..... it was about 90 seconds elapsed time from when
the machine spit out the money, to when i got the call.

it's been 20 years ago, but i had acquaintance with some characters
who would most charitably be called "network security analysts", at
a convention called defcon 1.

that was 20 years ago, and the experience still remains vivid.
watching a 17 year old pop a ceiling tile, enter the hotel's systems
thru the courtesy phone line, and reprogram both the hotel's PBX
and cable tv system, so that channel 69 on the cable showed a screen
saying "hackers rule", and phone calls between guest rooms, and phones in
russia were conveniently not billed to the calling party.

it took him about 5 minutes to accomplish this....

he was working on the billing computer, seeing if he could comp everyone's
room in the hotel, when hotel security showed up. they were not amused.

the room was full of geeks with lumpy knapsacks with little antennas
poking out of them. nothing was safe.

nothing much has changed. there are still geeks with knapsacks.

i log on every day, and check balance and activity on all of my financial
accounts.

every day.

there's a reason for that, and it's a good one.