Search similar:
|
|
uniqs 12571 |
|
|
|
Khaos-K-OS- Premium Member join:2007-03-12 West Palm Beach, FL 1 edit
1 recommendation |
Khaos
Premium Member
2010-Nov-15 5:15 pm
mnicreditreportcom emusiccom and other credit chargesSaturday before I head out the door I decide to do one of my weekly online bank register checks to find a misc. charge for a credit report @ $14.95. So I google the company to find that this happens to alot of folks. I call the bank and they tell me to dispute the charge come monday because it has yet to post. Fine. I come back home after a few hours of shopping to find another charge to another credit report firm for $1.00, music charges for $6.99, $1.00 and $16.99. I call the bank to cancel the card and make sure if these charges were from the card or where they route number/account number charged. She assured me they were from using the Visa card. So she canceled the card and all is clear so far. I try to think very hard how all this happened and I can only think of it being a combination of 3 things.
I have started to receive alot of spam lately to my gmail account so I changed the password and looked at the details of logins tab but no other attempts accept from my own IP. I have an Itouch that I use to login to gmail. It is loaded with lots of apps. So I said screw it and do a reset all on the device. I use Ubuntu 10.10 on my desktop so I believe it to be safe but do another reformat and re-installation. I erase all of my bookmarks and get the latest addresses for them just incase one was cracked. I dual boot Win7 and run every scan I have but all remain clean. I never use Win7 but I have in the past. I can only think of 2 ways these crooks got my Visa.
My Visa has the RF chip in it. It was might have been scanned while it was in my back pocket.
or
Papa Johns Pizza is the only freaking place that asks you for the 3 digit CVC on the back of the card and zip code and some punk grabbed it from the garbage or from the manager down to low level employees. But if the papa john theory was true why get petty credit reports and music.
I did get a free copy of all 3 credit reports from all respected agencies and found nothing malicious. Here is something else weird. Today I receive a Gerber Life Insurance policy in the mail with my name on the policy but for a child I do not have. It has my address, my gmail address BUT it does not have my proper date of birth and my phone number is not correct. I call them and the woman states that the application was filled out online. I told her that it states automatic payments start on the 20th of Nov. She asks me to confirm the last 4 digits of my bank accounts routing number I said I don't feel comfortable giving 4 but I will give you 2 and the numbers do not match anywhere. She states my bank is not the bank listed either. She closes the policy and she does. I try to log into their website and it says policy not found.
What the hell is going on. As soon as I get the new card i'm breaking the RF chip and fuck PJP!! I also removed the DNSSEC addresses I was using from my router until this blows over. I checked the router logs and attached devices only to find my own computers. I use WPA2 with a 20 alpha numeric password.
What gives people?? | | | SnowyLock him up!!! Premium Member join:2003-04-05 Kailua, HI 1 edit |
Snowy
Premium Member
2010-Nov-15 5:38 pm
Re: So I check my online statement!You should put a fraud alert in place. » www.ftc.gov/bcp/edu/micr ··· end.htmlNo to overly alarm you but there's a good chance that the $14.95 credit report was on you which means the bad guy has a lot more info on you than maybe even you do. | | GuruGuy Premium Member join:2002-12-16 Atlanta, GA |
to Khaos
said by Khaos:Saturday before I head out the door I decide to do one of my weekly online bank register checks to find a misc. charge for a credit report @ $14.95. So I google the company to find that this happens to alot of folks. I call the bank and they tell me to dispute the charge come monday because it has yet to post. Fine. I come back home after a few hours of shopping to find another charge to another credit report firm for $1.00, music charges for $6.99, $1.00 and $16.99. I call the bank to cancel the card and make sure if these charges were from the card or where they route number/account number charged. She assured me they were from using the Visa card. So she canceled the card and all is clear so far. I try to think very hard how all this happened and I can only think of it being a combination of 3 things. I have started to receive alot of spam lately to my gmail account so I changed the password and looked at the details of logins tab but no other attempts accept from my own IP. I have an Itouch that I use to login to gmail. It is loaded with lots of apps. So I said screw it and do a reset all on the device. I use Ubuntu 10.10 on my desktop so I believe it to be safe but do another reformat and re-installation. I erase all of my bookmarks and get the latest addresses for them just incase one was cracked. I dual boot Win7 and run every scan I have but all remain clean. I never use Win7 but I have in the past. I can only think of 2 ways these crooks got my Visa. My Visa has the RF chip in it. It was might have been scanned while it was in my back pocket. or Papa Johns Pizza is the only freaking place that asks you for the 3 digit CVC on the back of the card and zip code and some punk grabbed it from the garbage or from the manager down to low level employees. But if the papa john theory was true why get petty credit reports and music. I did get a free copy of all 3 credit reports from all respected agencies and found nothing malicious. Here is something else weird. Today I receive a Gerber Life Insurance policy in the mail with my name on the policy but for a child I do not have. It has my address, my gmail address BUT it does not have my proper date of birth and my phone number is not correct. I call them and the woman states that the application was filled out online. I told her that it states automatic payments start on the 20th of Nov. She asks me to confirm the last 4 digits of my bank accounts routing number I said I don't feel comfortable giving 4 but I will give you 2 and the numbers do not match anywhere. She states my bank is not the bank listed either. She closes the policy and she does. I try to log into their website and it says policy not found. What the hell is going on. As soon as I get the new card i'm breaking the RF chip and fuck PJP!! I also removed the DNSSEC addresses I was using from my router until this blows over. I checked the router logs and attached devices only to find my own computers. I use WPA2 with a 20 alpha numeric password. What gives people?? What bank was this with? | | |
JLevinworth to Khaos
Anon
2010-Nov-15 7:36 pm
to Khaos
Sorry to hear that, Khaos. That sucks. I know, I went through this a couple of years ago. From what I have learned from that and help from MGD , besides years of reading the Scam Busters forum, is that the pattern of charges you have described have the hallmarks of a professional job, as opposed to some yokel at the Pizza place or your other travels as such. Those type charges are mostly testers to validate the card. (I also got those, multiple pings ($1.00), and strange home deliveries). Unfortunately, you're not going to get relief figuring out how it happened by tracing your recent steps. Besides the fact that your card info could have been laying in wait before it was compromised for a while, even brand new cards never used get hacked. I do suggest posting this on the Scam Busters Forum, under credit card fraud. Those guys are a wealth of info, and might be able to link your fraud with others ongoing, besides giving you proper advice on your next steps. The actual line items of the fraud charges (ex: "MANLEY SRVC 9703002547 CO $3.49") would be useful to them. About your bank, DO NOT let them dispute those charges but insist that it is filed as a fraud. Dispute is for legitimate mistake transactions, this is not that. Dispute is also preferred by the banks so they can attempt to more cheaply resolve the issue, as well as hide the problem. It is also preferred by the criminals as it helps their enterprise to continue. This advice still hold true even though your account has been closed. Those charges will still exist as a dispute if not tagged fraud, same as the reason for closing your account. Get a fraud number from them. Verify it's actually a fraud number by calling yourself to the fraud department and asking for the status of your claim based on that number. My bank (a huge, national one with all the commercials touting their customer fraud help), attempted to file mine as dispute even though I insisted they were fraud and to be filed as such. They even went so far as to falsely claim it was filed fraud after I insisted, only to find there was no fraud status number when I later contacted that department individually, and it was *still* tagged under dispute. Once that was redone, I found later it was actually under 2 fraud case numbers to make the overall total amount appear to be under the federal reporting threshold. This is not to say may experience will happen to you, but the banks are motivated to keep these details quiet, and resolved cheaply, besides fraud revenue is revenue, I am sorry to say. That part routinely is how it goes down at many institutions. Note how your bank wanted to file a dispute, even though you told them you did not make even the first charge? That is clearly not a dispute situation, as you were not now nor ever was a customer with that credit agency company, and the charge was in honest error due to known dealings with them. Your bank is also full of bs with, if I understand your story correctly, claiming they are certain the card was actually used because of the CVV2 was present, which is not by itself a certainty of the card being "present". I hope they weren't pushing the "I am certain (based on CVV2 used alone) that the card was present, therefore used by you or someone with access to your physical card.. " stuff... putting it on you. Just saying, and not holding onto bitterness, just passing what I unfortunately learned the hard way about how it really is. Hold onto any deliveries for now, and note them in your federal complaint. Once mailed through the USPS, it's a federal case (mail fraud). There's more for you to know/learn, but there's some up front stuff you'll cull from the Scam Busters forum. Suddenly gotta run now before proofing, pls excuse typos, rambling, etc... BBL. -Jim 2010-11-165 17:23:33 | | Nimbus Premium Member join:2008-11-27 Moreno Valley, CA |
to Khaos
If you use the card at ATMs or gas pumps it could have been skimmed. It is actually a pretty common way to have your card compromised (twice for me at gas pumps) and probably more likely than an online breach, unless you were successfully phished. If you use the card online you might want to check if your card issuer or bank offers one-time-use or temporary card numbers for online purchases through a service such as ShopSafe. | | Khaos-K-OS- Premium Member join:2007-03-12 West Palm Beach, FL 1 edit |
Khaos
Premium Member
2010-Nov-16 4:17 am
@ SnowyOne Thank you for the site, I placed a fraud alert @ Transunion which is supposed to notify the other 2. I tried to place another @ Experian but it failed, maybe the first one already contacted the others.
@ GuruGuy PNC Bank
@ JLevinworth Thank you for the info. Didn't know I would have made the "dispute" mistake, I will say fraud.
@ Nimbus Yes, I use the gas pumps all the time, I rarely carry cash but will start from now on. I don't believe I was phished but the spam mail started after I filled out 2 online surveys from two different retail stores I had shopped at. I believe the spam mail might just be a coincidence compared to the Visa charges. | | Khaos |
Khaos
Premium Member
2010-Nov-16 4:20 am
Can a MOD please move this to the proper Scam and Phishbusters forum or should I re-post over there? | | |
to Khaos
I don't think the spam was a coincidence. A lot of those surveys have a line in the privacy statement about sharing info with a partner. Not sure about the credit card, but there have been questions about unwanted charges on a phone bill, but that's usually a recurring charge. I don't know what my boss did years ago, but we got every damn catalog available and special offers in the mail for "Sir Winston Churchill" Winnie was a DOG!!! CS | | Doctor OldsI Need A Remedy For What's Ailing Me. Premium Member join:2001-04-19 1970 442 W30 |
to Khaos
said by Khaos:Saturday before I head out the door I decide to do one of my weekly online bank register checks to find a misc. charge for a credit report @ $14.95. So I google the company to find that this happens to alot of folks. I call the bank and they tell me to dispute the charge come monday because it has yet to post. Fine. Disputes are used for when you actually make a transaction and then have a problem with it later like non-delivery, or item not as described or item/service has defects. When you have fraudulent charges you request a charge back and then file a fraud affidavit. You do not contact the company that made the fraudulent charge ever and instead you call the number on the back of your Credit Card for reaching customer service. You use a fraud report to initiate an investigation with charge backs of any fraudulent charges and you only file disputes when there is a problem with a product or service that you actually purchased. It is very likely your account was compromised in one of the multiple database breaches at a data processor and it likely had nothing to do with any service or product that you purchased local or online. | | Khaos-K-OS- Premium Member join:2007-03-12 West Palm Beach, FL |
Khaos
Premium Member
2010-Nov-16 11:13 am
@ Doctor Olds I wish I read your post sooner, I do have some good news out of this mess. I contacted the places that the card was charged, sorry. I had to do it. They were:
MNICREDITREPORTCOM: $14.95 Fraud department states account was in my name but for a credit report for a different person. They asked for my card number which I gave since the card is dead and last 4 of my SS#, I demanded I only give them last 2 but she got louder and I caved. The report was not mine thank god. Refund to be issued. Card removed from billing system.
EMUSICCOM: $16.13 Fraud department closed account that was in my name but different email, I asked if I can at least get the music I did not purchase but was denied. There are awaiting my bank to notify them? ok. Card removed from billing system.
GameHouse.com: $6.99 Fraud department closed account, removed card from system and put card on deny list, don't know why, it's no good anymore. Game purchased was "FORGOTTEN PLACES: Lost circus"? Shitty ass adventure game. These hacks have no taste, I would at least got COD Black Ops!!
INTERNATIONAL POS FEE VIS 1113 GB $0.40 Don't know what was purchased but there was a international fee, don't know who to contact.
My bank issued me a fraud case and immediately credited my account the missing funds. Like I mentioned earlier I put a fraud alert on all 3 credit unions and got my confirmation numbers. I guess I will sit and wait to see what else happens. Worried about that International fee!!! | | |
JLevinworth
Anon
2010-Nov-17 12:14 pm
Khaos , since you have not received any new replies here yet, and time is always the essence, here is more info for you before further errors can be made (not your fault, because you were mis-advised by your bank, but you need to know): Contacting the individual companies is the process the bank requests as part of a dispute. As you know now, your case should not in any way be handled as a "dispute" but a fraud case.Your bank knows the difference and should have never advised you to. The bank is responsible for handling the contact with the issuer(s) of fraud charges, and one else should be in contact with the issuers but the bank in a fraud case.~~~~~~~~ Here's what happens in fraud case: When you open a fraud case, the bank issues you an immediate (temporary) credit on each of the fraudulent charge(s). You will receive in the mail (or fax) from your bank, a fraud affidavit listing the fraud charges. After confirming all data is correct and complete, you must sign and return that per the date stated (30? days). Not doing so, will reverse your temporary credits, and your case is denied and closed. Also at the time when your fraud case has been initiated, your bank will charge the fraudulent charge(s) back to the issuer(s). In addition to having the fraud charge reversed back to the issuer(s), the issuer is also charged a fee for processing a fraud in the first place. These charge back fees flags the issuer's account with the processor, and with enough fraud charges, their privileges to charge will be revoked. ~~~~~~~~ When your case is a fraud, and you contact the companies to dispute the charges yourself (as you have, unfortunately), this is a "get out of jail free card" for the fraudsters. Now they have the opportunity to credit the fraud charges (rather than the bank reversing the charges back to them), which in doing so, the fraudsters get out of paying the charge back fee, as well as having ducked the flag, which helps them continue. The fraud chargers also have a chance to cull additional info from their victims when the victims contact issuer (this may or may not have happened in your case). In addition, some places even have tricky refund agreements in fine print which by accepting the credit, you've agreed to accept the original charge was in fact your doing. Also, additional word of advice: If you are tempted to think getting credit back via a dispute is all the same to you (money wise) as getting a proper fraud reversed - don't. Besides needing these tagged as fraud for any possible future issues with your credit rating, etc; you cannot rely on the companies that claimed to issue you credit that they have done all of what they verbally told you they did.Even if you get the credit now via dispute, you may find the account with them was not actually closed, or you could be on the hook for some re-occurring charges that now will be put on your new card (as the bank will forward those onto your new account number). ~~~~~~~~ Since you've stated you now have it classified as fraud, I am hoping that took place prior to you contacting the issuers about a credit. If so, hopefully the bank will refuse the credits based on having a fraud charge back pending. Otherwise, you may have, unfortunately, blown your fraud case per the bank and be denied. Notifying them up front now will help you if this does ultimately become an issue. Here's just one problem that may arise from that (besides more knots to untie with your bank now): The bank may now say you attempted to get "double credit" not owed (mine tried to claim I did, although it was caused by their own mishandling of the case of putting it under dispute then fraud without closing the dispute, and proceeded to reverse the credits to me 2 fold, and over drafting me by hundreds which took months to win back from them in addition). I would call your fraud department at the bank and explain to them your actions attempting to get a dispute credit unknowingly to the proper process, and hopefully they will straighten that out in regards to your case before it gets too bungled with so many things to unwind now, and also possibly get some or all denied. I encourage you still to put the entire line items of all your charges in your reply post (not just name and amount in your previous post). Including the $1.00 charges you referred to in your OP if you want to get more out of this, or at least get some google love for others in similar situations to benefit too. Good luck with all this. -Jim 2010-11-17 12:11:21 | | 4 edits
4 recommendations |
to Khaos
said by Khaos:@ Doctor Olds I wish I read your post sooner, I do have some good news out of this mess. I contacted the places that the card was charged, sorry. I had to do it. It is not an issue to have contacted them and queried the charge details. The primary issue, as others have stated, is that all the charges are properly reported as FRAUDULENT to your bank. Sometimes, and depending on the amounts, the bank may try and push them as disputes, less reporting procedures and paperwork. However, a consumer must always insist that fraudulent charges, which all of those were, are processed as such. It does appear that your bank has handled them correclty as fraud. said by Khaos:... .... What the hell is going on. As soon as I get the new card i'm breaking the RF chip and fuck PJP!! I also removed the DNSSEC addresses I was using from my router until this blows over. I checked the router logs and attached devices only to find my own computers. I use WPA2 with a 20 alpha numeric password.
What gives people?? Before you go ripping your RF chip out of your replacement card, or wondering about the people behind the counter at PJP, I concur with Doctor Olds in that this event has the typical patterns of a remote card database compromise. A physical compromise locally by an individual who also got your CVV code, would not generally lead to those relatively low level CNP online transactions. Also it is unlikely to have any relationship to the spam, nor that your data came from your own system being compromised. said by Khaos:INTERNATIONAL POS FEE VIS 1113 GB $0.40 Don't know what was purchased but there was a international fee, don't know who to contact. ..........Worried about that International fee!!! That 11/13/2010 charge is likely related to one of the above charges where the merchant account was actually based in the UK. High risk accounts such as gaming and online music are likely candidates. Even if they bill in US dollars there will be a foreign processing and conversion fee if the merchant acquirer bank is in the UK. The conversion charge will show up as a separate line item entry some time after the original associated charge. Now that your card is cancelled and is being replaced, that should end it. I doubt that you will have any further issues. Based on that pattern of fraud activity the data compromise occurred outside of your direct control. It is highly unlikely that you contributed in any way to the loss. It is also unlikely that the compromise came from a card swipe (POS) transaction. Data acquired from POS transactions doe not have the account holder's address or their CVV2 number. POS compromises generally lead to card cloning and fraud from POS transactions. Online CNP compromises can yield both forms of fraud activity, since that data will have the full address and zip code of the card account, and can then be used for both POS and CNP fraud. Now lets take a look back at the first fraud entry that you reported: said by Khaos:...... MNICREDITREPORTCOM: $14.95 Fraud department states account was in my name but for a credit report for a different person. They asked for my card number which I gave since the card is dead and last 4 of my SS#, I demanded I only give them last 2 but she got louder and I caved. The report was not mine thank god. Refund to be issued. Card removed from billing system. There are thousands of complaints from consumers about the practices of MNICREDITREPORTCOM, and mixed in there are many like you who never ordered anything (card fraud). Though not readily recognized, or widely known, MNICREDITREPORTCOM is AKA Mighty Net, Inc. and AKA creditreport.com. » www.google.com/search?hl ··· PORT+COM They are one of several divisions of Experian Inc., focused primarily on tricking and scamming consumers, at least according to several prior FTC actions, and a pending suit by the state of NJ. The more famous Experian scamming sibling is freecreditreport.com. There are some reasonable conclusions we can make from the CSR at Mighty Net, Inc. telling you "The report was not mine thank god".. That was good, but it is also bad in a way. You see the credit report scamming divisions of Experian pay a high bounty to affiliates to drive consumer purchasing of their "services". A referral fee of $50 or more per head paid to affiliates is not unusual. These high referral rates tend to attract the scum and criminal affiliate element, especially since how they get them there is not well controlled. It can be a "cash in" vector for rogues who want to turn, for example, a recent file of 1,000 hacked consumer card accounts into a quick $50,000. Black hat affiliate forums routinely broker and push credit report scam enrollments. The problem with the MNICREDITREPORTCOM CSR saying the report was not for you "Fraud department states account was in my name but for a credit report for a different person." almost guarantees that this was a rogue affiliate generating cash from processing compromised card data. Even worse is the fact that by law you can only purchase your own credit report at creditreport.com aka MNICREDITREPORTCOM. There is no method at creditreport.com to obtain a third party credit report. The process is exclusive to obtaining only your own credit report. The "account holder" and report name need to be one and the same in order to stay compliant with both federal and state laws. So how did MNI aka Experian allow a credit report on Jane Doe to be bought with John Khaos's card data. By their own rules what they admit happened should never have. In fact a percentage of the consumer fraud complaints are specifically in regards to consumers who did make a purchase, and whose credit report was not made available immediately online due to MNI not being satisfied that the individual applying was the actual card holder. » www.la.bbb.org/Business- ··· 13095351 A major problem is that Experian knows from where and how some of the affiliate traffic comes in. I recall reading in one black hat forum how they had suspended an "affiliate campaign" for several days due to the high amount of fraudulent cards submitted by affiliates. The fake job adds on Craigslist, fake cheap apartments, and fake homes for rent, fake dating babes, all which require a simple free and up front "credit check" are operated by affiliate scammers feeding various credit report scams including the no name Experian consumer divisions. The question for MNICREDITREPORTCOM AKA Mighty Net, Inc. and AKA creditreport.com is how they allowed a charge to your card for a report in some one else's name. That is prohibited by them, and there is no option on their website to do so. If they processed and cleared a charge to an account set up with a card in the name of "Khaos" for a report then ran in the name of "Doe", they violated their own rules, and government regs. The high referral payout fees are because that $14.95 is then a recurring monthly charge, is very difficult to remove or stop, and in over 25% of complaint cases is never refunded. To me it is clear that the fraudster used your card data at MNICREDITREPORTCOM to obtain the 50 to 60 referral payout bounty. The online games and music could have been for either for self use or resale. The Gerber Life Ins was likely another attempt at bogus enrollment to gain referral payouts. Edit = Add: said by BBBla.org :Mighty Net, Inc.
Address: P.O. Box 1829 Agoura Hills, CA 91376 Tel: (800) 720-4420 Fax: (818) 407-4630 Web Site: »www.creditreport.com
Complaint Experience
Complaints allege billing disputes, failure to issue reports as advertised, and difficulty contacting the company. Customers allege after signing up for immediate access to view credit reports online and providing credit card information, reports are not available and customers receive notification that their reports will have to be mailed to them, because they they did not meet security requirements. Some customers allege they never receive the report but are still charged for the service. Other complaints allege customers are charged additional fees for monitoring services without their authorization, or dissatisfaction with not being able to access reports online instantly as advertised. The company responds to complaints by issuing refunds, canceling services, apologizing for errors and providing reports. In some cases the company explained that they are required by law to confirm a customer's identity before showing credit information on line and they are prevented from delivering a report online if identity verification cannot be made. The company also indicated that they went through a major system change, which caused an overwhelming number of technical issues and affected their service to customers. As a result, for a period of time, they relaxed their "no refund" policy. In other cases the company denied refunds stating the client was provided the report they requested. » www.la.bbb.org/Business- ··· 13095351/END EDIT MGD | | |
JLevinworth
Anon
2010-Nov-19 12:38 pm
Just here to add a public thumbs up. As always, you are the man, MGD . Thanks for everything you do. -Jim 2010-11-19 12:14:22 | | Khaos-K-OS- Premium Member join:2007-03-12 West Palm Beach, FL 1 edit |
Khaos
Premium Member
2010-Nov-19 9:23 pm
@ JLevinworth Here are the exact lines charged: Check card purchase xxxxxxx7190 emusiccom music xxxxxx1041 GB
recurring check card xxxxxxxxx0318 mnicreditreportcom xxxxxxxxx3309
check card purchase xxxxxxxxx7190 RN*Gamehouse.com support@GAM WA
International POS fee VIS 1113 GB
I figured out that the internaltional processing fee was from emusic.com @ MGD You are a wealth of information sir. Is it possible that the credit report pulled from mnicreditreport.com was for a person with my same name but different SS#? That would work on their site correct? If they allowed a different name transaction to go thru that's fucked up. | | Khaos |
Khaos
Premium Member
2010-Nov-19 9:37 pm
If indeed these were data center compromises then I'm worried because there are a few bills I pay online that have my VISA stored. It can happen again if one of these are hacked.
Stored: AT&T Gamefly Netflix
Not stored but pay by CC. Geico Boost Mobile Comcast water bill | |
1 recommendation |
to Khaos
said by Khaos:@ JLevinworth Here are the exact lines charged: ... .. I figured out that the internaltional processing fee was from emusic.com Yes, as I suspected, these two go together: Check card purchase xxxxxxx7190 emusiccom music xxxxxx1041 GB International POS fee VIS 1113 GB said by Khaos:@ @ MGD You are a wealth of information sir. Is it possible that the credit report pulled from mnicreditreport.com was for a person with my same name but different SS#? That would work on their site correct? If they allowed a different name transaction to go thru that's fucked up. You give Experian's back door basement division way too much benefit of the doubt. That was going to be a never ending monthly recurring charge: recurring check card xxxxxxxxx0318 mnicreditreportcom xxxxxxxxx3309 A "Free" credit report was going to cost ~ $180 a year for the rest of your card's natural life. Trying to stop it would subject you to deliberate long hold times on the phone and multiple redirects. Plus they never credit more than the current months charges at the time one catches it. Regardless if a report was ever issued. In fact I would wager that a report in whatever that individuals name was was never actually produced and delivered. The long term MO appears to be to hit whatever card is submitted up front with the charge, and continue to do so monthly, regardless if the submitted biographic data ever passes the "security test" and generates a report. A sort of throw charges at the wall as long as the card data is valid, then see what sticks later. I consider Experian's back door "consumer" operations which operate like a self contained division out of the corporate basement facing the back alley, to be seriously ethically challenged. Furthermore, I have serious reservations and great concern that such an ethically challenged operation is ran by a corporate entity that is also the keeper and minder of millions of consumer identity and financial transaction data, i.e. Experian's front door above ground operations. I am of the opinion that corporate ethics, regardless of their "front page" stated manifesto, can be no better overall than the worst ethics practiced by any of the individual divisions. I do not believe that an entity is capable on the one hand of misleading and essential scamming consumers, while on the other hand claiming to guard the identity, financial and credit reports of millions of consumers with the up-most integrity, security, and trustworthiness. » www.privacyrights.org/ar ··· edit.htmThey are also well aware that their high paying affiliate programs attract all kinds of blackhats and scammer referrals to the table: » /r0/do ··· port.jpg Salting compromised card data into these high paying credit affiliate referral programs is a common occurrence. The account set up and transaction attributed to your card at mnicreditreportcom should never have resulted in a processed charge to the card, much less an eternal recurring one. I suspect that even if garbage data is entered for a credit report along with any valid card data that generates an authorization, then the charge will fly. I would not be too concerned about the other existing accounts just because of this event. You may never find out how, where, or why, this account came to be compromised. Based on the current rate of exposed data, odds are most people will experience an event like this at least once a decade. That is the new "norm". Being vigilant, catching and addressing fraud promptly, especially with debit / ach cards is the best practice, and you certainly did that. MGD | | Doctor OldsI Need A Remedy For What's Ailing Me. Premium Member join:2001-04-19 1970 442 W30 1 edit
1 recommendation |
to Khaos
said by Khaos:If indeed these were data center compromises then I'm worried because there are a few bills I pay online that have my VISA stored. It can happen again if one of these are hacked. Think much, much bigger and one or more steps away from actual merchants. It is the processors that are the targets, not the merchants normally. The processors are the clearinghouses for thousands of merchants. Companies like Heartland Payment Services and CardSystems Solutions Inc. that have been infiltrated and ended up losing huge amounts of data to criminal enterprises. Credit card database hacked A computer hacker has gained access to more than 5 million Visa and Mastercard credit card accounts in the US. Tuesday, 18 February, 2003 » news.bbc.co.uk/2/hi/busi ··· 4477.stmquote: Visa and Mastercard said the hacker breached the security system of a company that processes credit card transactions on behalf of merchants.
Card Processor Admits to Large Data Breach January 20, 2009 » www.wired.com/threatleve ··· ocessor/quote: A large credit card processing company was breached in an attack late last year that may have compromised more than 100 million accounts.
Heartland Payment Services, which processes debit and credit card transactions for 250,000 businesses, said it first learned around late October that it might have been hacked, but wasnt able to determine that its system had indeed been breached until last week. The company said it notified the public Tuesday as soon as it confirmed it was the victim of a "highly sophisticated" attack.
Payment Processor Breach May Be Largest Ever » voices.washingtonpost.co ··· y_b.htmlquote: Heartland called U.S. Secret Service and hired two breach forensics teams to investigate. But Baldwin said it wasn't until last week that investigators uncovered the source of the breach: A piece of malicious software planted on the company's payment processing network that recorded payment card data as it was being sent for processing to Heartland by thousands of the company's retail clients.
Baldwin said Heartland does not know how long the malicious software was in place, how it got there or how many accounts may have been compromised. The stolen data includes names, credit and debit card numbers and expiration dates.
"The transactional data crossing our platform, in terms of magnitude... is about 100 million transactions a month," Baldwin said. "At this point, though, we don't know the magnitude of what was grabbed."
Latest Security Breach Exposes 40 Million Credit Card Accounts to Potential Fraud June 18, 2005 » www.consumeraffairs.com/ ··· ems.htmlquote: More than 40 million credit cards are potentially at risk in the largest security breach to come to light so far. MasterCard International Inc. has started notifying member banks of about 13.9 million accounts involved in the latest incident, which involved a card-processing operation in Tucson, Arizona.
In a statement, MasterCard said the breach was traced to CardSystems Solutions Inc., a third-party processor of payment card data. It said the compromised data included names, banks and account numbers -- not addresses or Social Security numbers -- and said such data could be used to steal funds but not identities.
Chronology of Data Breaches | Privacy Rights Clearinghouse » www.privacyrights.org/da ··· a-breach | | NOCManMadMacHatter Premium Member join:2004-09-30 Colorado Springs, CO |
to Khaos
This happened to me once, and it was because I used tigerdirect.com to buy some pc gear. Someone called from there to validate my info I was 20 and stupid and about a few days later I started getting all kinds of random crap shipped to my house and shipping companies calling me asking if I had ordered 100 cdrom drives from china etc.
I've not had an issue since and only use more respected sites.
However last week I get an email from blizzard saying they can not reset my authenticator and low and behold it was, reset the account and nothing had been done to it yet, but I looked at my gmail and checked the last logins and sure enough one was from china.. reset my email, checked my rules for anything forwarding email and started changing my passwords everywhere.
The only two possibilities are, I had a broken ipad and you could not navigate so I could not wipe it, but it had access to my gmail. I had logged into my gmail from a windows XP machine that my mother in law rarely uses. The latter is getting formatted, but the former considering the ip came from china, I bet apple's refurb guys are stealing info. It was imap access according to gmail, so it sure as hell was not from my mother in law's computer. | | lordpufferLegalize It Joe! Premium Member join:2004-09-19 Old Town, ME Nokia XS-110G-A Linksys Velop MX5300
|
I'm not trying to hijack the thread, however, are you sure that it was tigerdirect that compromised you? They have a very strict security policy when accepting credit cards, and I have ordered from them many times, and at times they have called to validate my info. I've never been compromised. I'm just curious, for I thought they were a respected site. | | DrModemTrust Your Doctor Premium Member join:2006-10-19 USA |
DrModem
Premium Member
2010-Nov-20 11:17 pm
Hm... I think this is what happened to me a bit ago with my card. I've been wracking my brain ever since trying to figure out how it happened, and it seems a processor breach is what it was. The behavior fits what MGD described. | | lordpufferLegalize It Joe! Premium Member join:2004-09-19 Old Town, ME |
I agree.....A processor breach is the most likely thing. | | cork1958Cork Premium Member join:2000-02-26 |
to Khaos
said by Khaos:@ SnowyOne Thank you for the site, I placed a fraud alert @ Transunion which is supposed to notify the other 2. I tried to place another @ Experian but it failed, maybe the first one already contacted the others.
@ GuruGuy PNC Bank
@ JLevinworth Thank you for the info. Didn't know I would have made the "dispute" mistake, I will say fraud.
@ Nimbus Yes, I use the gas pumps all the time, I rarely carry cash but will start from now on. I don't believe I was phished but the spam mail started after I filled out 2 online surveys from two different retail stores I had shopped at. I believe the spam mail might just be a coincidence compared to the Visa charges. Those online surveys are a total rip off and if you were using a good host file, you probably would never have been able to access them. I use the host file from here, » www.mvps.org/winhelp2002 ··· osts.htm, along with some of my own edits, and have NEVER been able to access one of the retailers survey sites. I've tried several times to do the ones from Best Buy and Radio Shack, but didn't want to go so far as to edit the host file just to fill one of those crap things out. Hope you get your stuff straightened out. | | Noah VailOh God please no. Premium Member join:2004-12-10 SouthAmerica |
to Khaos
Re: mnicreditreportcom emusiccom and other credit chargesOne more validation that Dr.Olds and MGD are right on target.
I'll add that I recently ran across one of those credit report affiliates in the Craigslist housing rental section. I must have seen 6-12 auto-generated bogus house listings each day.
If someone responds to the ad, they get an email w/ a link to check their credit report as part of the approval process. You already know which credit reporting company would be at the other end of the link.
NV | | Khaos-K-OS- Premium Member join:2007-03-12 West Palm Beach, FL |
Khaos
Premium Member
2010-Nov-23 6:56 am
Received a letter from my bank telling me that the fraud paperwork is on it's way. My online register looks ok so far.
I recieved a $14.95 credit from mnicreditreportcom to my bank account as they said they would.
Will keep this post updated. | |
your moderator at work
hidden :
|
|