Credit Card hacked again

Ally Dick

I'm getting sick of this. I have had three credit cards in a row, over the last short while, which have been compromised on me. I'm getting tired of the process of replacing the card every time, and notifying all of the websites that I use, that there will be a new number which will be different. I will ring Credit Card services in the morning to do the needful. This time it was Uber taxi transactions, which are appearing on my statement. I've never used Uber in my life. I googled it and it's a very common scam. 
Websites or apps which allow payments should be OBLIGED by law to carry the credit card number, the expiry date AND the three digit verification code on all of their payments. I believe the reason credit cards are getting compromised so frequently is because some sites such as Uber only look for the credit card and the expiry date, and certain devious sorts are guessing them correctly, and if you're caught out, it's just your bad luck. This is more of a rant than a question, but I'd welcome any opinions on this.
I'd nearly forget about the credit card and go visa debit for everything, if it happens again....

sf80

you might want to have your computer checked out and be very careful where you use the card

Ally Dick

Thanks. I have McAfee software on the computer and I try and be careful. I only use reputable sites. However I hear what you're saying.
Do you think though that a lot of this stuff is opportunism where there are sites which don't require the 3 digit verification step ? Is Uber like that I wonder ?

p.s. I checked out Uber. It does ask for the 3 digit code. Gulp....

RossieMan

McAfee is absolutely useless. Run malware bytes and see does anything show up. It's too coincidental that's it's happened you more than once. It's got to be carelessness on your part somewhere.

FortySeven

RossieMan wrote: »

McAfee is absolutely useless. Run malware bytes and see does anything show up. It's too coincidental that's it's happened you more than once. It's got to be carelessness on your part somewhere.

Yep. No coincidence.

percy212

I wouldn't say carelessness. Its more like an absolute pain in the hole. Or you know, bad luck...

Is there somewhere you regularly use cards, where they might be cloned? The bank can look for patterns anyway...

Do you have a partner that likes Uber

Ally Dick

RossieMan wrote: »

McAfee is absolutely useless. Run malware bytes and see does anything show up. It's too coincidental that's it's happened you more than once. It's got to be carelessness on your part somewhere.

Malware bytes found nothing

RossieMan

A site you use regularly? It's something you're doing. They aren't just guessing the card number. I'd be much more careful, it's actually much better to happen on a credit card rather than a debit card. At least you still have funds to spend.

J. Mourinho

Sorry but 3 times in a row has to be something from your end.

Is malware bytes up to date? Might be a newer program and it's isn't looking for it.

Could simply be a dodgy site too is there many you've used all 3 cards on may help reduce the number of culprits?

Then there's the tough question, could it be a friend or family member screwing you over?

Rackstar

I'd say ramming the credit card number into every site going is half of your problem. Use something like PayPal or the equivalent and limit where you are using your credit card number. I'd say the bank will get fed up of this and withdraw the service from you.

Ally Dick

Would file hosting sites be dodgy? There are two I have premium subscriptions with....maybe I should just stick with Netflix....

Tow

Ally Dick wrote: »

Would file hosting sites be dodgy? 

Do you need to ask that question!

Ally Dick

Tow wrote: »

Do you need to ask that question!

I've been using them a long time with no hassle. Only started running into trouble quite recently

Mycroft H

Can you not pay for a lot of these services using PayPal?

Ally Dick

Mycroft H wrote: »

Can you not pay for a lot of these services using PayPal?

The two I use don't take Paypal. Once I get the new card, I shan't be using them again

RossieMan

Are the hosting sites well known?

sf80

The credit card industry is a bit weird; they have no interest in tracing crime across the world. They put the responsibility on insurance payouts and trying to make sure the credit card processors are not the source of the breaches.

Anyone processing credit cards is monitored for security compliance, and usually the credit card user is the weak link in the chain.

Besides your computer, also consider any time you have used the card on your phone, any businesses you use in person and any bank machines you might regularly use with it.

You should consider a professional check of your devices, although I don't know how much that would cost.

I would reinstall my systems and stop using the card for anything except essentials

munchkin_utd

Ally Dick wrote: »

Would file hosting sites be dodgy? There are two I have premium subscriptions with....maybe I should just stick with Netflix....

so, would a website which gladly hosts illegal material causing 100s of millions if not billions of losses to the music and film industry (incurring the wrath of the FBI and refused services by Paypal due to their illegal activities) be dodgy ? 

No, of course not. 

mickoneill31

I haven't had the issues you've had but I have a method that might help you.

I've a Revolut card that I can top up in seconds from my debit card. When I want to make a transaction on a site I don't trust too much I top up the card with the amount I want to spend and then use the Revolut card on the site.
Then Revolut also has an app where you log in, press a button and lock the card. Every credit card provider should have this facility these days. Revolut is free and they have this. We pay our banks fees and they can't manage it. Here are a couple of screenshots of how hard it is to enable the security
http://67.media.tumblr.com/79fc16015b01dddd1b2e482161c8804e/tumblr_inline_o5xhk7rZxy1ty3m0w_1280.png

Once the card is locked the vendor can try to use the card but it'll be declined and you'll be notified. A legitimate use I use this for is parkingtag.ie
When your balance on parkingtag goes down below €10 they'll automatically try and take €20 off your credit card to top themselves up. I don't use their service enough so a tenner might do me 3 months the amount I use them. So I've entered my Revolut card and it's always in blocked mode unless I want to unblock it for a transaction. When I park my car and pay using parking tag, about 30 seconds later I get a message on Revolut saying €20 transaction declined from Parkingtag (or a message similar to that).

I doubt that your card is being guessed. I've a couple of cards and I've had the same numbers for years and so far there has been no issue. Some site / service you're using or your computer is compromised.

Bank of Ireland: Nicola

Ally Dick wrote: »

I'm getting sick of this. I have had three credit cards in a row, over the last short while, which have been compromised on me. I'm getting tired of the process of replacing the card every time, and notifying all of the websites that I use, that there will be a new number which will be different. I will ring Credit Card services in the morning to do the needful. This time it was Uber taxi transactions, which are appearing on my statement. I've never used Uber in my life. I googled it and it's a very common scam. 
Websites or apps which allow payments should be OBLIGED by law to carry the credit card number, the expiry date AND the three digit verification code on all of their payments. I believe the reason credit cards are getting compromised so frequently is because some sites such as Uber only look for the credit card and the expiry date, and certain devious sorts are guessing them correctly, and if you're caught out, it's just your bad luck. This is more of a rant than a question, but I'd welcome any opinions on this.
I'd nearly forget about the credit card and go visa debit for everything, if it happens again....

Hi Ally Dick, 

I'm very sorry to hear about this, please let me assure you that we're committed to protecting you from fraud and as part of our fraud monitoring we regularly carry out security checks.

Firstly, if you haven't done so already please get in touch with our 24 hour helpline to cancel your card ph. 1890 706 706 (or from abroad ph.+353 56775 7007). Or if you would like to PM your name and phone number I'll arrange a call to you so that the card can be cancelled.

There are some measures that you can take to help prevent fraud and there's more information that you might find useful on our website here.

As other posters have mentioned, you can use a reputable third-party payment service when paying for things online and you can take preventative steps to make sure your PC isn't at risk by:

• Ensuring you've up to date, anti-malware and anti-virus software in place. Keep it updated and use it to perform regular checks.
• Ensuring that your operating system and all other software is up to date with security patches/fixes.
• Using reputable browser security add-ons such as anti-phishing, pop-up blocking, and script blocking software.
• Enabling your PC's firewall or install a reputable one if you don't have one at the moment.
• Only download or shop from recognised trustworthy website sites that use a secure connection.

Check if the web page offers encryption of your data - look for a lock symbol on your browser window or check that the web address of the page you are viewing begins with https:// (page properties will usually tell you what level of encryption is being used).

• Online retailers that use verified by visa or 3D secure as part of their payment process offer additional security for online purchases.
• If you're paying with your card in person don't let the card out of your sight, insist on being present when your transaction is processed.
• When using an ATM make sure to pay close attention for any differences or unusual characteristics. If you do notice anything don't use the ATM - walk away and immediately notify local Gardaí

I hope this helps, please let me know if you need anything else.

Thanks
Nicola

beauf

I wonder does someone have your details on a site, so everytime you change the card, they can just get the details of the card. Or enough details to get access to it. 

I would make sure you are using 2 factor authentication for all sites that have it. Change all your passwords to be different on every site, and use something like LassPass if you can't remember them. 

If it were me I'd wipe my computers and set them for scratch, installing a proper AV like Avast or Kaspersky. 

You have a breech somewhere. 

aphex™

Do you run any apps on a smartphone or tablet from unofficial/jailbreaked sources?

Ally Dick

aphex™ wrote: »

Do you run any apps on a smartphone or tablet from unofficial/jailbreaked sources?

Not that I know of

RossieMan

You're not full of information. Very hard to help you out with were the info is being stolen from.
It's almost definitely a key grabber on either your phone, laptop, tablet.

Ally Dick

RossieMan wrote: »

You're not full of information. Very hard to help you out with were the info is being stolen from.
It's almost definitely a key grabber on either your phone, laptop, tablet.

Sorry. Not trying to be candid or cagey. The filehosts I use are Rapidgator, Uploaded and Keep2Share. I've used Rapidgator for ages, Uploaded a few months and Keep2Share fairly recently. My Google account was hacked recently. I am a bit embarrassed about that. Got an email from a "friend" with an attachment. Asked me for my Google Docs user and password to open it, which I did. Next day I was asked if I was accessing Google from Lagos. I changed my gmail password and added 2 step verification to all my email accounts. I keep getting phishing attempts emailed to me containing false Itunes purchase invoices. I ignore them, and they mostly go to Spam filter anyway.
Other sites that have my credit card details are - Easytrip, Netflix, Bet365, Paypal, Parcel Motel, Spotify, National Lottery, AON insurance, McAfee, ITunes

p.s. I haven't responded to spam attempts to get my details by email. I am at least savvy not to do that

Ally Dick

aphex™ wrote: »

Do you run any apps on a smartphone or tablet from unofficial/jailbreaked sources?

XBMC/TVMC and Mobdro are the two that I can think of

mansize

I don't like 3rd party sites storing my credit card details. Always say no, and put in CC details or use PayPal each time.

MackMack

Ally Dick wrote: »

My Google account was hacked recently.

Log into your gmail, scroll all the way down to the bottom. On the bottom right there's a line "Last Account Activity - xx hours ago" Underneath that there's a link for "Details". Go into this and it'll tell you if there's anyone else still logged into your gmail. There's a button for signing out every device that's logged in. Changing password and enabling 2 factor auth won't sign out the people that hacked you as far as I know.
Mine was hacked before and even after changing the password etc the hacker was still logged in until I forcibly kicked him out

FizzleSticks

This post has been deleted.

Ally Dick

FizzleSticks wrote: »

This post has been deleted.

That's a horrific thought. What do I do about that ? Factory restores? System reinstalls ?

Jodotman

Ally Dick wrote: »

FizzleSticks wrote: »

This post has been deleted.

That's a horrific thought. What do I do about that ? Factory restores? System reinstalls ?

Op you mentioned that you use Rapidgator and other dodgy file sharing sites.
My account was hacked twice from using Rapidgator and had to get replacement cards. 

They are notoriously dodgy and should only be using a prepay card to register to these sites. They are not brand name sites.

RossieMan

There is so much ways they could hack you with all the stuff you mentioned. Why do you do so much online when you aren't fully sure of the consequences. You'll be very lucky if Boi refund the charges, they are pretty much your own fault from what I can see.

Ally Dick

RossieMan wrote: »

There is so much ways they could hack you with all the stuff you mentioned. Why do you do so much online when you aren't fully sure of the consequences. You'll be very lucky if Boi refund the charges, they are pretty much your own fault from what I can see.

Wow very hard line from you. If only we were all so perfect. There are millions like me who do stuff online. The only thing I will hold me hand up and say I made a mistake with was getting involved with file hosters. BOI are refunding me, they say. It will be a fresh start from here on in.

beauf

Ally Dick wrote: »

That's a horrific thought. What do I do about that ? Factory restores? System reinstalls ?

I would go further. I'd do a secure erase. Which would erase your factory recovery partition. I'd get recovery media from the manufacturer, or secure source.

beauf

I think you should consider completely changing your online habits and especially how you buy stuff on the web. Switch to more secure method of payments. Stop clicking on any links and attachments. Things like that.

Alien Haze

Ally Dick wrote: »

Mycroft H wrote: »

Can you not pay for a lot of these services using PayPal?

The two I use don't take Paypal. Once I get the new card, I shan't be using them again

Do they accept Bitcoin as a payment option.
I have paid with Bitcoin for various file hosting sites over the years.
And a few that did not have a Bitcoin payment option i just emailed them and asked
and they agreed and sent me instructions.

Canis Lupus

I work in the detection industry.

3 times in a row most likely means something on your PC.

You need perhaps to review the websites you frequent.  Buy from reputable sites. Try and stay away from ads in Facebook and similar sites for things like "cheap raybans 70% off!!!"and that kind of crap (they are usually knockoff Chinese crap)

You could open another account and use the card attached to that, only transferring in the amount required when making a purchase. It doesn't stop fraud happening but prevents financial inconvenience whilst you wait for your bank to refund you.

Use PayPal when possible. If PayPal isn't an option and the website isn't well known I usually walk away from the purchase.

As for your PC... I'd probably go to the hassle of reinstalling the OS if I'd 3 cards compromised in a short period of time.  Otherwise try the above and see if things improve.

beauf

I wouldn't be a fan of PayPal myself. I only use it for small amounts that I won't miss if I get scammed.

Ally Dick

beauf wrote: »

I think you should consider completely changing your online habits and especially how you buy stuff on the web. Switch to more secure method of payments. Stop clicking on any links and attachments. Things like that.

I only purchase from Amazon and Ebay online. File hosting is the only other thing I buy, and I now know that's a big no no, so will steer clear in future.

FizzleSticks

This post has been deleted.

jimmycrackcorm

Ally Dick wrote:

I'm getting sick of this. I have had three credit cards in a row, over the last short while, which have been compromised on me. I'm getting tired of the process of replacing the card every time, and notifying all of the websites that I use, that there will be a new number which will be different. I will ring Credit Card services in the morning to do the needful. This time it was Uber taxi transactions, which are appearing on my statement. I've never used Uber in my life. I googled it and it's a very common scam. Websites or apps which allow payments should be OBLIGED by law to carry the credit card number, the expiry date AND the three digit verification code on all of their payments. I believe the reason credit cards are getting compromised so frequently is because some sites such as Uber only look for the credit card and the expiry date, and certain devious sorts are guessing them correctly, and if you're caught out, it's just your bad luck. This is more of a rant than a question, but I'd welcome any opinions on this. I'd nearly forget about the credit card and go visa debit for everything, if it happens again....

I dont have a BOI card but my bank will always text a verification code to my phone for any online purchase No code, no purchase authorization.

But I think it should go further. After all, if you can so easily get a Facebook notification about being tagged in a photo, why cant your mobile banking app show you notifications for your transactions as they happen?

Miaireland

Jimmy , what Bank do you bank with? I would be very interested in that service.

Ally Dick

One final question - are self service filling stations safe ? I use one all the time, and always pay by credit card. It's a Great Gas in Ashbourne.
I have been using it for the past year.....and that's when my troubles started. Mind you, purchases were being made in the UK on the card the first time.
The second time wasn't clear. The most recent time was Uber transactions I never made

RossieMan

It's not uber, that's to get by fraud departments security.

When you ring the fraud department they should be able to let you know if it was uber or not.

Ally Dick

I reinstalled Windows 10 on my laptop, and I'm changing all my online payment options to Visa Debit from Mastercard....and no more file hosting or messing

ct5amr2ig1nfhp

Ally Dick wrote: »

I reinstalled Windows 10 on my laptop, and I'm changing all my online payment options to Visa Debit from Mastercard....and no more file hosting or messing

Not sure that's a good idea.  If your debit card is compromised,you won't be able to get your money back. At least with the Credit Card you will get it back.

mickoneill31

Ronnie Proud Manufacturer wrote: »

Ally Dick wrote: »

I reinstalled Windows 10 on my laptop, and I'm changing all my online payment options to Visa Debit from Mastercard....and no more file hosting or messing

Not sure that's a good idea. If your debit card is compromised,you won't be able to get your money back. At least with the Credit Card you will get it back.

Was just having a conversation about this about a guy who bought his holidays on lowcostholidays with a debit card. Apparently debit cards have been included in chargebacks now.

I googled and got this
http://www.consumerhelp.ie/chargeback

Even found this link which is relevant to BOI
http://www.boards.ie/ttfthread/2056717961

They usen't to be included alright. Probably better to ask your bank anyway in case you've any doubt.

beauf

With the op history I wouldn't rely on that.

mickoneill31

beauf wrote: »

With the op history I wouldn't rely on that.

Fair enough but it'll be the same result with a credit or debit card. Rather than the old result of debit cards not having chargeback at all.

RossieMan

With the OPs history any bank would lose patience. It's too coincidentally to not be his own fault.

The OP has hopefully sorted his issue now anyway.

sf80

RossieMan wrote: »

With the OPs history any bank would lose patience. It's too coincidentally to not be his own fault.

The OP has hopefully sorted his issue now anyway.

Hopefully it's a bank with professional staff who will communicate properly and not make judgments against a customer based on coincidence and snap decisions