Windows 7 Someone has ripped me off!

[catilley1092]

Today, prior to making a purchase, I checked my balance on my government issued debit card. While doing so, I noticed an error on my statement of charges.

A charge to Everingame.com, Omaha, NE for $10.96. I checked out the site & it was a gaming accessory site. Never seen it before in my life. I called the debit card company, reported the transaction, my card was terminated right then. I'll get a replacement within 7 business days.

But for the life of me, I can't figure out how this happened. I don't care for gaming, period. I had to agree to assist with any prosecution efforts made should whoever did this got caught. In return, they'll reimburse my money, provided there was no proof that I had indeed made the purchase. Hopefully, when these transactions are made, the retailers keep up with the IP address that's associated with the purchase.

Fortunately, I caught this, because my payday is after the 1st of the month, and a lot more could have been stolen. The rep who assisted me drilled me with questions, mainly as to how I physically secure my card, who could get access (no one, as I keep my wallet under lock & key), and if anyone had called, wanting me to reveal personal info, which didn't happen.

I don't like this kind of crap, I'm already disabled, it shook me up quite a bit. 2 10mg Valiums later, I became calm enough to assess the situation. I find out who done this, there is going to be hell to pay.

Cat

 

[Mike]

Some people find ways to bypass the security protocols on bank accounts, credit cards, and all sorts of financial devices. Because of this, it can happen to the best of us. Your best bet would be to follow the advice of your bank in resolving the situation. It has happened to me, as one morning I woke up on a Saturday, and was asked if I had purchased $500 worth of groceries on my credit card in the Republic of Colombia. It was later found that they had found a way to clone the cards and used an entire block of credit card numbers. The banks are reimbursed for fraud and so are you when this happens. Demand your money from the financial institution and resolve the issue prudently. Do not think you have been targeting specifically without further evidence. More than likely, it was just a drive-by attack on bank security. From what I was told during my incident, it happens all the time. I gather it may happen all day around the world. People are struggling for resources. Like most criminals, they don't care about you, your life, what you do, or how much you have. They are just after the money. It could even be a fake company with that name. Just use best practices when banking online and using cards online. I recommend following up with your financial institution and making sure that you assert your rights. You trusted your bank to protect your money. Often times they forget that this is their number one obligation when you make that deposit.

 

[catilley1092]

The bank worked with me professionally, after transferring me to the fraud department, they did drill me with some tough questions, I answered truthfully. Fortunately, it wasn't a huge loss ($10.96 isn't going to break me), but it's what could have happened that shook me up.

I read about these type of things all of the time (the drive-by attacks), but felt that my security stance, as well as the bank's security, should have been adequate. After all, this bank was chosen by the US Department of Treasury to provide debit cards for Social Security beneficiaries for the entire country. But fraud can happen anywhere. Fortunately, this card (Direct Express) offers a lot more protection than most debit cards does, for free. A charge can be contested, as long as 2 statement cycles hasn't passed.

The incident did cause me to make one change, that was to change my password on my wireless router. It has WPA2-PSK protection, but I felt that a more complex password would improve security on my end. There are at least 20 connections within sight of my notebook's wireless card, although most of the names are generic, like mine is TRENDnet652, the brand & model of my router. I did change the default "admin" password when setting it up, otherwise, anyone could take over the router's settings, with a little skills that's freely learned on the net.

That's what concerned me, because with many Linux OS's, there's freely available password crackers, provided by the "distro", that can randomly guess most passwords with minutes. There's even a "brute force" option. Now, they advertise this for if the user gets locked out of their router, but anyone with any common sense at all can read through that. Check this out:

Aircrack-ng

This is a optional software option (that's highly ranked) with Ubuntu & Linux Mint users. Didn't realize that it was a Windows option until I checked the site out. The trends of crimes has changed. Violent crime is down (on a nationwide basis), but cybercrime is skyrocketing.

However, I don't use wireless to make transactions, or check emails either. Hopefully, the one who done this will be caught, as I was told that if the one(s) responsible were caught, there would be multiple charges filed. Stealing a Federal benefit is a crime of it's own, not counting any other charges. I was told that the number of charges would depend upon how the fraud was committed.

The best thing about it all, was that I caught it. I don't get paper statements (they charge for that), but I do check my account every month. Had I not caught it, that $10.96 might have been $1,096.00 the next month.

Cat

 

[Joe S]

Many times they try small purchases before making a big hit. It's sometimes hard figuring out your credit card bill the way companies bill. You buy at company A online but it's billed to a parent company B and it's not always shown clearly on your bill when you order online.
Joe

 

[catilley1092]

Yes, that's what they do. A small purchase, first to see if the account is legit. Then, go for the kill (my paycheck). Another thing that was a giveaway that something was wrong, always, I mean always, I get promo emails from any company that I do business with online. After carefully sorting through my 7 email accounts (even the spam folders), there was not a single email to me, either thanking me for my business, or offering their latest deals. Most companies requires a contact email, phone number & address. Many even requires that 3 or 4 digit code on the back of the card also. Hopefully in the coming days, it'll be found out what happened, and by whom. Many companies also keeps up with IP addresses of customers who purchases online, it can make a big difference, at least to prove that I didn't make the transaction. It may not prove who done it, especially if it was done using a public wi-fi IP address. Many cybercrime thieves may not be very bright in their choosing of making a living, but most don't do it on their home computers. That would be the equivalent of leaving fingerprints or DNA evidence at a crime scene. Unfortunately, this type of thing happens probably thousands of times per day. The most that the victim can hope for, in reality, is to get their money back. And hope that no further damage was done. Fortunately for me, it's the only card that I have. The other thing that concerned me, was that the lady who worked in the department that handles these kind of things, told me that there was a 80+% chance that the offender is either a relative or acquaintance. I know that my wife wouldn't do anything of that nature, but there's another family member, it wouldn't surprise me a bit. But in all honesty, I hope that is not the case, because if it were to be, it would have the potential to destroy my family, as in my marriage, if any prosecution attempt was taken towards this person. I already have verbally consented to cooperate with any such proceedings, and will receive in the mail an affidavit to sign, to confirm the theft, and to do what I just stated in the first part of this sentence. I really hope that it's not anyone who knows me.

Cat