Credit card fraud - how to proceed?

pgargan

Hi,

My credit card was recently used to make two fraudulent purchases. The credit card company flagged this, contacted me, verified the purchases weren't authorised, and then cancelled the card.

So I've the slight inconvenience of being without a credit card until my new one arrives, but I'm not out of pocket. However ...

The purchases were made from an Irish building hardware store and an overseas online store. I'm still waiting to hear back from the online crowd, but I spoke to the hardware store by phone and they were quite helpful. They gave me the delivery address on the docket, name, and mobile number. They said the goods were delivered by their van driver.

So, what's next? I'm not about to turn up on yer man's doorstep and get all Batman on his assets. I'm not out of pocket, and for all I know it was a derelict house and the scammer just met the delivery guys outside.

Google Street View didn't pass the address in question, and of course their pictures are over a year old, but from a bit away it looks like it's in a cross between a housing estate and an industrial park.

But I do want to know how he got my credit card details. If it was skimmed in a restaurant that's one thing, but if it was sniffed online it potentially means at least one of my computers is rooted and I'm looking at spending ages reinstalling operating systems :eek:

Will the credit card company bother to notify the Gardai? Or will that be up to the hardware store when the payment is rejected by the credit card company? Or will everyone just write off the loss as too much effort to chase up? The idea that the scammer can do this, get goods delivered to an Irish address, and then get off scot free, annoys me! :mad:

Sponge Bob

Report to the guards immediately, this is simple thievery. The CC company will back you fully.

GerardKeating

Sponge Bob wrote: »

Report to the guards immediately, this is simple thievery. The CC company will back you fully.

Would/should the CC company not be reporting this to the Gardaí ?

AlwaysAmber

Sponge Bob wrote: »

The CC company will back you fully.

Like hell they will. They'll do a chargeback on the merchant and not give it another thought.

Sponge Bob

The CC company will back you fully with a statement to the guards I meant.

In law you ( the cc holder) were victim to a deception ( this is an offence).

The Merchant, once the cc company charges them back like Amber says, will be a victim of theft ( this is another offence) coz they no longer have the money and have delivered the goods.

You also have no idea when this c**t is going to use your credit card again and create more hassle for you.

If You and the Merchant go to the cops they have 2 complaints, 2 charges and one villain. They will generally act under those circumstances.

The CC company is an indirect victim and not a victim at all once the chargeback is done. Furthermore the merchant may have to pay penalties if their chargeback rate as a % of turnover is excessive.

pgargan

Hopefully I won't be hit again, as the card has been cancelled. But as noted, if one of my computers is compromised, there's nothing to stop my new card being hit in a similar fashion.

What's the reaction from the Gardaí likely to be? "Thanks son, we'll take it from here!" followed by deafening silence? Or am I likely to be kept informed of whatever they find?

cc-offe

happened to someone in my family last year, the credit card company told her to report it, one of the purchases had been made over the phone and delivered to some warehouse or something, to be honest the garda didn't really tell her anything but she got her money back from credit card company no problem.

dudara

Moved to Banking & Insurance & Pensions

dudara

pgargan

cc-offe wrote: »

happened to someone in my family last year, the credit card company told her to report it, one of the purchases had been made over the phone and delivered to some warehouse or something, to be honest the garda didn't really tell her anything but she got her money back from credit card company no problem.

Did she ever find out how they got her credit card number?

Or if anyone was prosecuted?

cc-offe

pgargan wrote: »

Did she ever find out how they got her credit card number?

Or if anyone was prosecuted?

No she never found out, I thought it was strange because I would have thought if they found out who it was that did it then I thought they'd ask did you recognise the name...in case it was someone you knew.

There was a few things bought on it, A €600 purchase in s***hs toyshop which had been ordered over the phone and delivered to some warehouse, there was a aer arann flight booked for a couple of months later (now I found that very odd because 2 months is giving people time to see their credit card statement etc) but that's the way it was, I presume the garda would have got a name from Aer arann at least but they never got back in contact.
There was some other transactions aswell but I can't remember them, she had no idea how they got her card number because she was always so careful...

pgargan

Hey,

Just an update on this. The building hardware store gave me a delivery name, address, mobile number. The order had been placed over the phone.

The online retailer gave me a delivery name (my own!), address (same estate as 1st order, different house number), mobile number (different again). They also had the IP address the order originated from (3G fob) and an email address (at a freebie webmail provider).

Most worryingly, the online crowd said their checkout uses the "3D Secure (Verified by Visa)" program. So the fraudster had my password for that. All of which suggests my card wasn't skimmed, but instead a computer I've used is compromised.

Mind you, the 3D Secure stuff uses a browser redirect in a subframe. So when it appears on screen, you've no easy way of telling if it's coming from Visa, or if it's been spoofed by the retailer in question. You could start to view source code, but who does that for every online transaction?

I reported all this to the Gardai, who said they'll pop round and have a chat with whoever lives at the addresses I gave them. They said if the ordered goods are found at the property, great. If not, there's little they can do.

I contacted my credit card company, asking if they had an IP address for the 3D Secure transaction. They wouldn't disclose it, purportedly to avoid prejudicing any legal proceedings they might take. For all I know, they didn't have it / didn't know how to get it / didn't know what an IP address is. They said if their investigation revealed my details were sniffed from my PC, they'd tell me. If not, I'll hear nothing.

So when I get my new card, I can't use it online, because for all I know, one or more of my machines is trojaned and the credit card crowd haven't gotten round to telling me yet

old_aussie

get a good antivirus program and it will find the trojan

pgargan

old_aussie wrote: »

get a good antivirus program and it will find the trojan

On my home PC? I've Win XP SP3 fully patched, AVG subscription with up to date defs.

I've nothing on my Macbook. It's still on OSX 10.4 and Apple silently stopped issuing security fixes for Tiger a while ago.

Work machine is Ubuntu 9.04 sitting behind a fairly strict web proxy & filter.

Those are just the 3 most common machines I use. Credit card had been in use for 2 years or so, so for all I know, a family/friend's machine I used once, 12 months ago, could be the culprit.

Bikerbhoy

Sponge Bob wrote: »

The Merchant, once the cc company charges them back like Amber says, will be a victim of theft ( this is another offence) coz they no longer have the money and have delivered the goods.
.

Has the merchant got any come back regarding getting the money back which has been taken from their account to be refunded to the CC holder..??

BuffyBot

Please see the charter, specifically the part about digging up old threads.