| Author | Thread |
|
|
03/26/2006 02:21:29 PM · #1 |
I recently received a Welcome to Netzero packet in the mail, and I dismissed it at first as an advertisement, since I don't belong and I've never joined. Oddly, it really really looked like a welcome packet. So I sent them a note. They take 24 hours to respond, but they do.
While waiting for a response, for another reason, I was looking at my credit card charges online. I noticed to 9.95 charges to Netzero on it! On the same day. So I wrote again with this information.
It turns out that two "premium" memberships to Netzero were purchased on my card, one in my name **and address**, around the 13 of March (forget which day now). As called the credit card company, connected with security, and we reissued the card with a different number.
Netzero made me call and cancel, rather than our email. But they gave me the user ids of the two accounts, one was my name and the other was something completely different. The person who charged it to my card knew my address and card number, but they got the expiration date wrong, and it still went through.
This was not for a lot of money, there were two possibilities why someone registered with my card:
1) They were testing a number they had snarfed to see if it was right, before making a forged card or using it online to buy something big.
2) They were creating an account they could use for illegal purposes or spamming on the internet.
Both of these would have been bad for me in this case of fraud and identity theft. Fortunately, I caught these within 10 days or so of the initial fraud so it didn't get far. So "alert 1" is that, if you use your credit card on the internet, be careful and check your online account activity at least in the middle of your purchase cycle if not more.
While Netzero has been good about responding to emails and providing some information to me, I can't help but think that they are part of the overall internet security problem. While I can get Netzero to close the premium accounts, they won't close the "free" ones that were created. They claim that only the original account creator can do that and they can't give me any information or rights without a court ordered supoena. This bothers me because of "Option 2", this person is up to no good on the internet. I even pointed out that, at least as far as "who paid for the accounts", I was in effect, the "owner".
Back to the cautionary tale: I buy a lot of stuff over the internet--most of what I buy is over the internet in fact. I have a number of different credit cards I use for that: cards I use exclusively for business, and our family purchases cards. This fraud took place on our family card, and a few days before I purchased this I bought some goods from a little store in Vermont I had never ordered from, using their secure form. I presume somehow this is where the security leak was, though I don't now.
This isn't the first time this has happened to me--though it has not happened for a long time now. I was beginning to get complacent about web purchases, but now, I will revert to "careful" mode. I will of course continue to shop on the web, using my credit cards, but I will have to rethink how many of those cards I use online, and I will once again resume "watching" for unauthorized purchases.
I suggest you consider your own personal security practices and exercise caution as well, especially when buying from smaller and new online stores.
|
|
|
|
03/26/2006 03:22:40 PM · #2 |
Even though some sites offer a service of storing your CC number online for future purchases to make transactions faster, just type in the number everytime. Simple price to pay for one less chance at getting the info stolen.
Also, shred anything that has your name and address on it. Don't just throw it in the garbage. |
|
|
|
03/26/2006 03:29:08 PM · #3 |
Originally posted by cpanaioti:
Also, shred anything that has your name and address on it. Don't just throw it in the garbage. |
Including credit card offers that you get in the mail as well as, of course, bank statements and other bills that you're throwing out.
I'm glad you were able to catch this early on, Neil. Someone else I know recently had a similar instance where their card was used by someone else and whoever used it didn't know the 3 digit security code but their purchase was processed anyway. It makes you wonder.
I think it's pure crap that Netzero won't close the accounts that are on your card, though. I'm not sure what I'd recommend doing at this point but that just doesn't seem right. |
|
|
|
03/26/2006 03:56:52 PM · #4 |
| Contact the state attorney general's office in the state where Netzero operates their accounting department. Establishment of a fraudulent internet account in your name may be a prosecuteable offense in that state. Advise Netzero that you are doing this and see if there not a more positive response! |
|
|
|
03/26/2006 04:12:01 PM · #5 |
Originally posted by cpanaioti:
Even though some sites offer a service of storing your CC number online for future purchases to make transactions faster, just type in the number everytime. Simple price to pay for one less chance at getting the info stolen. ... |
If it is someplace you trust, not having to type it in is a security measure. That is one less chance for an unknown key-logger to record the number sequence.
Of course if it is not a place you know and trust, why give them your card number?
David
|
|
|
|
03/26/2006 04:55:47 PM · #6 |
Originally posted by David.C:
Originally posted by cpanaioti:
Even though some sites offer a service of storing your CC number online for future purchases to make transactions faster, just type in the number everytime. Simple price to pay for one less chance at getting the info stolen. ... |
If it is someplace you trust, not having to type it in is a security measure. That is one less chance for an unknown key-logger to record the number sequence.
Of course if it is not a place you know and trust, why give them your card number?
David |
The security measures of the web page is one thing. The security of the computer where the info is stored is another. Why have it stored anywhere?
|
|
|
|
03/26/2006 05:18:14 PM · #7 |
Originally posted by cpanaioti:
Originally posted by David.C:
Originally posted by cpanaioti:
Even though some sites offer a service of storing your CC number online for future purchases to make transactions faster, just type in the number everytime. Simple price to pay for one less chance at getting the info stolen. ... |
If it is someplace you trust, not having to type it in is a security measure. That is one less chance for an unknown key-logger to record the number sequence.
Of course if it is not a place you know and trust, why give them your card number?
David |
The security measures of the web page is one thing. The security of the computer where the info is stored is another. Why have it stored anywhere? |
I wasn't referring to the security of the website, but of my own system. Virus scan running, firewall and all updated regularly -- but there is always the chance a key-logger got installed that hasn't been identified yet. It hasn't happened yet to me, but it could. :D I pay for a lot of my bills online, there is no reason to type it in every time I have to pay it and risk that small chance of it being logged. The fewer times I have to type it in the better.
Places that have my card number stored include my automatic billing at my ISP, news service provider, NetFlix, local gas company, bank that holds my car loan, insurance company and so on.
In order to use the card number a person has to get hold of it -- it is far safer being stored and handled by an automated billing system than it is giving it to an attendant at a gas station or a waiter in a restraunt. The security of the numbers stored on a server somewhere managed by IT professionals are orders of magnitude greater than the numbers on the card placed in someone elses hand. The numbers have to be seen by a real live person before they can be stolen. And even then, it has to be one of the very few people that are low enough in ethics to steal them.
/edit: I should also note the card is actively used and monitored. I check the transactions online on a very regular basis -- at least once every couple of days, but often once a day. It doesn't take but a couple of minutes to make sure I know every transaction that is on there. With my wife and I both having cards on that account, knowing what we have both spent money on is vital.
David
Message edited by author 2006-03-26 17:22:38.
|
|
|
|
03/26/2006 06:06:26 PM · #8 |
Regarding keyloggers, some of our banks in Australia now make you use on screen keyboards to log in to your banking sites so you don't use your own keyboards. That could be a good way of entering numbers of credit cards as well...
I cut and paste my numbers from a word document, I am not sure it that is open to those scum that look for my info or not, but it could be...
|
|
|
|
03/26/2006 07:07:05 PM · #9 |
One thing I do to help combat credit card fraud is to use Citibanks virtual credit card system.
Basically, at the time of purchase, I get online with Citibank and I generate a *new* credit card number. This is a one-time-use number. And I can even designate a dollar limit for this number (anything up to my current credit limit).
The advantage is that even if the database gets hacked into and my credit card number gets stolen, it can't be used again. And even if the place I am purchasing from is dishonest and tries to overcharge me, the charge won't go through for anything higher than what I set.
American Express used to do the same thing, but has since canceled the service. I'm not sure if anyone else does it, but if you're interested, check out Citibank's MasterCard.
|
|
|
|
03/27/2006 08:24:10 AM · #10 |
Thanks everyone for adding additional advice.
David--that's a good point about the virtual numbers. Those would be perfect especially for the one-off style orders I sometimes place with an unknown vendor. I think Discover offers that as well, or at least used to.
|
|
Home -
Challenges -
Community -
League -
Photos -
Cameras -
Lenses -
Learn -
Help -
Terms of Use -
Privacy -
Top ^
DPChallenge, and website content and design, Copyright © 2001-2025 Challenging Technologies, LLC.
All digital photo copyrights belong to the photographers and may not be used without permission.
Current Server Time: 11/26/2025 12:20:57 PM EST.
