Nope.
A good site/store keeps all user data like login and password not in one place and all data is salted plus they never keep CVV/CVC and most of the time even credit card info is not keept by store but by company that process payments and when you want to buy something it is loaded from that company servers to site/store with all the salt and security.
If someone would get hacked it would have to be some company that process payments and that would mean most of the world beaing hacked but only for online payments.
What is described in this post is typical physical access to card and creation of a physical copy of that card.
Skimmer installed in ATM is 99% for me as it creates the exact copy of a card plus PIN for card is stored when someone use the fake keypad in ATM.
Comment has been collapsed.
Sounds convincing, one new thing learnded, thanks :)
Comment has been collapsed.
Yeah I am a programmer, and the one thing we always stress to every client is that we do not under any circumstances store payment details for anything ever. Even if you have 'bulletproof' security, if you keep anything other than a hashed reference to your payment processor or something like that, you are an idiot.
I have not been cloned before, but my brother was, and it was a physical skimmer that cloned the mag strip on his credit card used by someone in a store where he bought something . Then someone on the other side of the country was using a fake card loaded with the details doing 'cardholder not present' transactions. The bank reversed the charges, but warned him that if the pin is compromised, it's a lot harder to prove it wasn't you. Luckily in his case it wasn't. So from what I understood, the pin isn't stored in plain text on the strip, which is why the ATM skimmers will have a pin hole camera to record the hand movements. I was always careful, but now I always cover my hand when I type my pin, even if there's no one around. But maybe bank cards work differently in other countries.
Comment has been collapsed.
The only ATMs I've used were in England when I traveled there over the summer and I never got frauded there. I also only shop at Walmart and other local places. >_<
Comment has been collapsed.
Skimmer installed in ATM will store your data for a long time and if it is instaled in ATM it will be there for long time so they can collect a few thousands cards infos to use them later as each will be blocked by real owner with time.
You use a skimmer installed in ATM and later you live for a year from others people creditcards.
Comment has been collapsed.
Walmart, at least the ones around where I live, do not have secure card scanners. No verification whatsoever, no pin, no chip, no nothing. If it's the same near you that may be how it happened.
Many of the "professional" skimmers will sell the stolen card info rather than use it themselves and risk being caught.
Comment has been collapsed.
I hope you have run a full scan on your computer for malware and viruses. If you have ever torrented anything, downloaded "free games or software from a "giveaway" site, clicked a link in an email, ect., you may also have downloaded a keylogger, or similar program.
Comment has been collapsed.
I don't have to worry about that. Because I don't even want to be me.
Comment has been collapsed.
My wife got like 4 new cards in a one year span, due to various large retailers being compromised (think it was Target and others).
Generally I've seen it advised to use a credit card and not a debit card, as you have less risk with a credit card (not going to overdraft your bank account, etc).
I have 3 credit cards and I tend to use certain ones for certain things. For example I pay my online accounts with one card, use another for use in restaurants and retail stores (both a more likely source of card number theft). That way if the "Risky" card is compromised, I don't have to go in and change all of my online accounts.
If you use your phone to pay in stores, it sends a virtual credit card number so your real card number can't be stolen. Likewise online if you use Paypal or Amazon to pay, then the store isn't getting a chance to ever see your actual number.
There are services like privacy.com which can generate virtual card numbers with limits and locked to one retailer only, so even if it's stolen it won't work anywhere but the first place you ever used it. You'll need to trust privacy.com with your bank account info, though, which I don't, so I haven't used it.
Keeping a list of all of your accounts with saved cards/recurring payments is helpful so you can go in and update them all when your card expires or is replaced with a different number.
Comment has been collapsed.
It is definitely less risky to use a credit card than a debit card because the money being fraudulently spent in an unauthorized transaction belongs to the credit card issuing bank, not you, and there are laws to prevent the bank passing on these losses to the cardholder.
Comment has been collapsed.
Got a tax return that I hadn't filed. Cleared up with the IRS, and now get a private code mailed to me every year (why isn't this default?). Only places I used my tax info were on one or two tax return filing sites, and possibly the credit report companies (but this was before they got hacked). Personal identity security in the USA is a joke.
Haven't had credit info stolen (yet), but need to be on the lookout for that right now, since I had a bag of paperwork stolen from out of my car recently, and I'm not 100% certain that info wasn't in that bag.
Also, +1 to people suggesting a card skimmer is likely how your info was stolen. Gas stations are a prime target for that. I try to remember to check visually whenever I pump gas, but usually forget.
Comment has been collapsed.
Never stole any ID/Debit Card, I'm usually only going for cash :)
Pls no blacklist, I'm just joking :d, never had something like that happen to me
Comment has been collapsed.
With the regular security breaches happening it's just a matter of time and on how many websites you have signed up. Personal examples: Adobe, Dungeons & Dragons Online, Dropbox, gamigo, gPotato ... the list goes on. Since it's still common to use weak passwords (some services force you to that) or even reuse them I am not surprised attackers get access to affected PayPal accounts.
Comment has been collapsed.
I know someone who's credit card info was stolen, probably due to using it at a gas station (it was an older gas station where they manually run your card, rather than just put it into the pump).
I used the same password at Newegg as I did at another merchant, the other merchant was compromised, and someone used that login info to go into Newegg and order $300 in gift cards. Newegg flagged it, halted the purchase, and called me to confirm, so I was able to avoid the charge. Unfortunately, that also resulted in my Newegg account being permanently disabled which means I can no longer sign into it, and can't shop at Newegg anymore or access my $40 in credit.
I now use a password manager and a unique password at every site - and with every security breach, I'm glad I do.
Comment has been collapsed.
That sucks dude, but at least you didn't lose out on that $300 (O_O)
Comment has been collapsed.
Yeah, but it's pretty stupid that Newegg has permanently locked my account. Sony had a breach, Adobe had a breach, Equifax had a massive breach - these things happen. Just let me change my password to a new unique one and let me move on. It makes no sense to permanently lock my account.
But it does serve to illustrate the importance of using a password manager and a unique password for every site. I only wish I had started doing that earlier.
Comment has been collapsed.
Yeah it's a hard lesson to learn. Before password managers were a thing, I came up with a system that worked pretty well as well, which meant I could remember my password for each site but make it still unique. And that was to take the same basic password, but then add in unique letters from the specific URL to that password at points. And then if I need to login on a new computer, I still know the password, but if a site is compromised that email and password combination is unique to that site and the breach stops there.
Comment has been collapsed.
Yeah, I started doing something like that, but a password manager makes each password much more secure and makes for dozens of things less to remember.
Prior to that hack, I had used a few different passwords, one for insecure sites, one for possibly secure sites, and one for secure sites. I had just assumed that something like a bank would have sufficient security to prevent them being hacked and having the passwords exposed. I was obviously very wrong. :)
Comment has been collapsed.
Ever heard of RFID and smart paiement ? You know, those devices which allow you to pay with your card without contact. Well, shady people have access to those devices too, that's why there are wallets with RFID blocking cards nowadays, because they don't even need to have access to the card physically, they can access to your card informations with that specific device. Buy a RFID blocking card, that may have been the problem.
Comment has been collapsed.
The other day in Japan they've arrested a cashier who stole credit card info of 1300 customers by memorizing all the data (cc's number, holder's name, expiration date, ccv2)
Comment has been collapsed.
Opened a new business a while back. Within two weeks someone had used my newly-issued business card for a shopping spree at a luxury store in New York.
I'd only used the card 8 times, so the number of suspects is pretty small. Needless to say, nobody bothered investigating
Comment has been collapsed.
Just yesterday we found out that my husband's paypal account had been stolen and someone bought 350 euros worth of games and game time. It probably happened when he went to this site to buy a windows 10 licence. He had checked ratings for this site and it seemed good, but I guess it was not. So far we have managed to get 80 euros back. We'll see if we ever see the rest since they were used to buy game keys.
Moral of the story: Don't try to be smart and save money or you might lose more.
Comment has been collapsed.
Share your ID theft story
"Sharing" is what gets people in this mess in the first place.
Comment has been collapsed.
All on-the-earth data is “impossible to escape from human eyes”┐(´Θ`)┌
At least for all digitized data.
Electronic payment?
Human alchemy to amplify virtual money and deceive and exploit people.
The card company operates the exchange market by adjusting the timing of settlement.
Big money manages small money.(exploitation)
Aside from bad jokes.
The workarounds are "Contact immediately when no card is at hand", "Check the card usage history, and contact immediately when something is wrong".
It is the duty of humankind who has signed a contract with the card company (devil).
An acquaintance who had accidentally stolen a wallet left the card company's phone number only on the back of the card, forgetting contact.
Please take a look after that.
At least all users with a “card number” can be victims.
The real thing to worry about is "contact credit card company immediately" when you lose your card.
If you are neglected to contact your credit card company, a huge amount of misfortune will attack you.
There are many "unfair justice" and "lazy police" in the world.
You will be taken to a police station detention center as part of your fake card.
Perhaps you will go to jail for atonement.
His lesson was "Leave card company contact in car, home, company and wallet."
Comment has been collapsed.
Not my story but one of my friends dad.
Not thoroughly checking his PayPay / bank only realized that from time to time different values charged for postal services and complaining from time to time to his wife she shouldn't shop that much online. Truthfully she stated shes not shopping that much. In the end no deeper look was done and the story repeated once or twice if I recall correctly.
But then he finally took a closer look.
On a daily basis, even multiple times a day. The PayPal account was charged with E-Stamps for package delivery. So someone was shipping or selling these E-Tickets massively via this PayPal account for months.
After counting everything together they were quite shocked as these small amounts accumulated to over 5000€ stolen.
When I heared the story I thought: Ohh that might not be so easy to get it back. But a week later it was already nearly done. Without any problems PayPal payed everything back.
I would guess these companies and banks have insurances for these kind of cases so it's not their loss either in the end.
Comment has been collapsed.
Now that I think about it, actually yes. When I hit 18 (that's when you are legally considered adult in my country) I got stopped on the street by promoters for one of our cell providers offering a 'free' SIM card. There was some special offer included and according to them it was up to me whether I activate it or not, no strings attached. Turned out it was activated automatically which I found out month later when I got a bill.
So far it would have been all my fault for signing the deal without reading it properly, funnily enough though, apparently I loved the new service so much that I went out of my way to find those guys in another city (50 miles away) the day after the first signing and signed another 3 deals with them.
One call with the company's headquarters later I was free from all 4 contracts and the fee was pardoned. I did not even get an apology though and thinking back, I should have probably sued them since faking my signature, coming from a nation-wide provider seems like a pretty big deal (even though the issue originated from some part-timers who probably do not even work directly for the provider but rather some agency).
Comment has been collapsed.
So far nothing to report, and hope it stays like that.
Comment has been collapsed.
Some years back, someone managed to get hold of my debit card number. (I still don't know who or how, but it happened right after I used the shady gas station. They may have written down the number while I was filling up.) It didn't take long to notice as I have very little money and the bank contacted me for the overdraft as soon as the person tried to go shopping.
Not long after, I signed up with LifeLock and haven't had any problems since, thank God. Mostly, it's been my (old) passwords and personal information that have been floating around the Dark Web, and LifeLock helps me with that. What is more insidious is when you receive phishing attempts from people impersonating a family member.
Thus far, I have not had anyone attempt to buy a house in my name and/or steal the lease to a property I already own. This is partly due to the fact that I own no property, but you still want to watch out for it. You also want to keep an eye on your social security in case someone else is using your number.
Comment has been collapsed.
52 Comments - Last post 45 minutes ago by Sibereren
326 Comments - Last post 1 hour ago by SirChrisSwan
36 Comments - Last post 1 hour ago by ctype
24 Comments - Last post 4 hours ago by OneManArmyStar
165 Comments - Last post 4 hours ago by ngrazer
40 Comments - Last post 10 hours ago by xMisiu
812 Comments - Last post 12 hours ago by PicoMan
3,468 Comments - Last post 20 seconds ago by Chris76de
75 Comments - Last post 1 minute ago by Fluffster
234 Comments - Last post 2 minutes ago by galiane
728 Comments - Last post 8 minutes ago by TheLuckyShamrock
2,484 Comments - Last post 16 minutes ago by RVK250
203 Comments - Last post 17 minutes ago by CheMan39
8 Comments - Last post 21 minutes ago by Kappaking
So last night I became a fully, fully-fledged adult because it turns out someone used my Debit card number and started swiping $30, $50, $130 at a Pizza Hut in Texas. I live in Wisconsin. I also have the card next to me on my sidetable, so it was most obviously a breach in security.
Needless to say, I called the bank and they marked it down as fraud and closed the number.
I've never given my number out to anyone but Amazon, Steam, and other "trusted" game retail sites. Consider me shook.
So have any of y'all gotten money or your identity stolen? How did they use it? What did they buy? How much did you lose? Did you get it sorted out? Please tell me I'm not the only one.
Comment has been collapsed.