Email Address and Associated IP Address

Status
Not open for further replies.
ZeeOSix

ZeeOSix

$100 site donor 2022
Joined
Jul 22, 2010
Messages
40,452
Location
PNW
Got a call from my bank's Visa department today wanting to verify some Visa charges that occurred yesterday and today that looked suspicious. Come to find out that 3 attempts were made to buy stuff on-line with my Visa card info. Don't know exactly where it was hacked from. I think from ordering a pizza on on-line at Papa Murphy's Pizza website since these fraudulent buys occurred a day after the Papa Murphy on-line purchase. But of course, it could have been hacked from any website I use to pay with my credit card.

So I called one place that someone tried to by $565 worth of wine from on-line, and the gal said she did see the order and Visa charge. She had a shipping address and an email address used to create the on-line account in order to make the purchase. She also told me that the order had already been suspended - apparently my Visa card security guys knew they were fishy charges. She did say the order was on the dock ready to be shipped out, so she was going to hold/cancel the shipment. The other two charges were $632 from Safeway (on-line order), and they tried to buy twice from Safeway but both orders were declined by Safeway - they probably knew it was fraud since the address on the card was across the entire USA from the shipping address for the order. Another charge was $378 to a "charitable social service" (WT?) that looks like will go through.

Question is, can my Visa card investigators actually track down this [censored] with an IP address (and house location) associated with the Yahoo email address they used? Or can these crooks completely hide themselves when pulling off on-line orders with someone else's credit card info?
 
Originally Posted By: ZeeOSix
Question is, can my Visa card investigators actually track down this [censored] with an IP address (and house location) associated with the Yahoo email address they used? Or can these crooks completely hide themselves when pulling off on-line orders with someone else's credit card info?


The bank will not go to these lengths. They are likely overseas anyway. You'll just get a new card in the mail and that will be the end of it.
 
The Visa investigators can narrow it down to a large geographic area, but it would probably be necessary for law enforcement to get a warrant to compel the ISP owning the IP address in question to release logs showing which user was associated with that IP at that time. It's still absolutely worth forwarding whatever info you get to Visa though.

Also, while it does sound in your case like the credit card number was compromised online, don't assume that numbers can't be compromised when you use them in person. Remember, anytime you go to a restaurant for example, you give your physical card to the wait staff, and they can copy all the info quite easily, including the CCV number on the back.
 
Originally Posted By: AlaskaMike
The Visa investigators can narrow it down to a large geographic area, but it would probably be necessary for law enforcement to get a warrant to compel the ISP owning the IP address in question to release logs showing which user was associated with that IP at that time. It's still absolutely worth forwarding whatever info you get to Visa though.


The Visa crime department was interested in the info, so I gave them the number and a person to contact at the company the wine was attempted to be ordered from. The shipping address for the wine order was in the Washington DC area, so they might actully be in the country. Or else someone overseas is trying to send $565 worth of wine to someone they know in Washington DC.

Originally Posted By: AlaskaMike
Also, while it does sound in your case like the credit card number was compromised online, don't assume that numbers can't be compromised when you use them in person. Remember, anytime you go to a restaurant for example, you give your physical card to the wait staff, and they can copy all the info quite easily, including the CCV number on the back.


The last time I used my Visa card at a restaurant where I physically handed the card over was on 9/15/16 (I keep super details records of my credit card use). But yeah, they could collect the card info and use it later. Thing is, they would have somehow gotten my real address and phone number that is associated with the Visa card (probably possible though through name searches on the internet).
 
Safeway is shady. I bet they tried to buy $600 worth of gift cards and a few groceries to not look suspicious.

This is probably an organized crime ring that "printed" a clone of your card that can be swiped.

Anyway be glad it was credit and not debit. You've done your part; the bank will eat theirs.

They could have gotten your number from anywhere, but probably someone bigger. I had to change #'s after breaches at Hannaford Supermarkets and Target.
 
It's highly doubtful it was online. Online is much more secure than in person. They are having issues with people putting fake fronts on anything that take cards, atm's, gas stations, etc. Even if you go to a store, it can take one swipe and at most 5 seconds to steal your cc info and you might not realize it. They can even swap a small device in between the store's cc readers and the line out that takes all the cc info, and sometimes even the clerk will not realize. Also note that now everything has a chip in it, anyone can buy a device online for $100 that can read the info your chip puts out. It broadcasts a few feet, so the person walking next to you can steal your cc info without you even having a clue.
 
Originally Posted By: curiouslyserene
It's highly doubtful it was online. Online is much more secure than in person. They are having issues with people putting fake fronts on anything that take cards, atm's, gas stations, etc. Even if you go to a store, it can take one swipe and at most 5 seconds to steal your cc info and you might not realize it. They can even swap a small device in between the store's cc readers and the line out that takes all the cc info, and sometimes even the clerk will not realize. Also note that now everything has a chip in it, anyone can buy a device online for $100 that can read the info your chip puts out. It broadcasts a few feet, so the person walking next to you can steal your cc info without you even having a clue.


The chip information is encrypted and if someone could see the info it would be of no use. The chip info can only be used for the current transaction. It will not work for another transaction.

So I do not believe your post is providing accurate info.

To the OP, doubt they will look into this as there was no loss of money. The email address was probably fake.
 
Originally Posted By: eljefino
Safeway is shady. I bet they tried to buy $600 worth of gift cards and a few groceries to not look suspicious.

This is probably an organized crime ring that "printed" a clone of your card that can be swiped.


Two of the fraud purchases were done on-line I as told. Not sure about the Safeway attempt, they never said specifically - I was told they tried twice and were denied by Safeway. So not sure if it was a cloned card or just info that was stolen on-line that could be used to make credit card purchases on-line. They could have been trying to buy stuff on-line at Safeway.

Originally Posted By: eljefino
Anyway be glad it was credit and not debit. You've done your part; the bank will eat theirs.

They could have gotten your number from anywhere, but probably someone bigger. I had to change #'s after breaches at Hannaford Supermarkets and Target.


Yeah, since this is the first time something like this has happened to me, I did find out that fraud charges on a debit card would have been a lot more hassle on my part. I rarely use by debit card ... mostly for gas purchases at the gas stations.
 
Originally Posted By: Donald
To the OP, doubt they will look into this as there was no loss of money. The email address was probably fake.


Of the 3 attempts, it looks like the one for $378 will probably go through. Could have been worse for Visa. Visa will have to go after that one to recover the money - if it's worth it to them (probably not). Credit card fraud is too easy and the crooks know they probably won't even be perused anyway. Pretty messed up stuff.

The credit card fraud department actually was interested in the information - the shipping address and email address used by the scammer. If it's usable or not is the question, but who knows what kind of info might lead to finding the scammers behind something like this. Can't hurt to try and run it down, but chances are they will move on to bigger things as I was told this [censored] happens hundreds of times a day.
 
VISA could do something more to track down the culprits, but this kind of fraud is so numerous they don't bother. They naturally want to collect the evidence, but they're looking for a big time operation that is responsible for more than just your exploit. If it's small enough to go under the radar, they will just sit on it and do nothing. It's not that they don't care, it's about the cost to pursue it. They have to lose thousands of $$ before they could justify the cost of pursuit.

You shouldn't be on the hook for any fraudulent charges ... there's a legal limit of liability, but I've never heard of a Credit Card issuer (it's up to the bank, etc that issued the card, not VISA) who didn't eat 100% of the charges that did go through.

There are many ways they could have discovered your credentials, but to make a "card not present" purchase they need the CVV number on the back of the card plus the expiry date. So it would have been some transaction where you provided that number.

It's very easy to do a SQL Injection hack on many websites. That is where they mimic pages on the legitimate site, but you are actually talking to the hacker's counterfeit version. It's fairly easy to do ... the hacker just has to look for a site that doesn't update their database software in a timely manner. Always check for the HTTPS (as compared to HTTP) secure connection, some browsers have an icon (a padlock, for example) instead of the full URL for a secure site. But done properly, an SQL Injection is difficult to detect ... one give-away is some of the links on the page you are actually entering your CC data don't work properly, but why would you be clicking on links instead of entering your CC data?

The other possibility is you were the victim of a hacked terminal when you actually did have the card present, at a store or buying gas, etc. That is where they switch the store's terminal with their own that looks identical, leave it there for a week or so to collect CC data, then switch them back, and download the purloined numbers. Since you have weak security in the US with terminals (chip but no PIN) it's trivial ... you can buy the terminals at bankruptcy auctions or on eBay. Then all you need is two people ... one to distract the clerk for 30 seconds and another to do the actual switching of the terminals. Easy peasy.

In any case, it's not the end of the world. You will lose the use of your CC number for a few weeks, at the worst, while they send you a new card in the mail.

If this kind of thing bothers you, sign up for "Verified by VISA" (the other cards have similar programs) that pretty much eliminate the chance of fraud with an online transaction.
 
Happened to me last week too. Just no phone call, a denied pos purchase insufficient funds. Still worked to
get cash at banks atm.
 
Originally Posted By: Johnny2Bad
There are many ways they could have discovered your credentials, but to make a "card not present" purchase they need the CVV number on the back of the card plus the expiry date. So it would have been some transaction where you provided that number.

It's very easy to do a SQL Injection hack on many websites. That is where they mimic pages on the legitimate site, but you are actually talking to the hacker's counterfeit version. It's fairly easy to do ... the hacker just has to look for a site that doesn't update their database software in a timely manner. Always check for the HTTPS (as compared to HTTP) secure connection, some browsers have an icon (a padlock, for example) instead of the full URL for a secure site. But done properly, an SQL Injection is difficult to detect ... one give-away is some of the links on the page you are actually entering your CC data don't work properly, but why would you be clicking on links instead of entering your CC data?


Many on-line purchases these days ask for all of that information. That's why I think the info was scammed off of a website I purchased on, not a skimmer on the card, or by someone walking near me with an RF reader unless all of that information is also on the magnetic strip or on the RF chip.

Is all of that same information on the card itself - magnetic strip and/or RF chip?

Originally Posted By: Johnny2Bad
The other possibility is you were the victim of a hacked terminal when you actually did have the card present, at a store or buying gas, etc. That is where they switch the store's terminal with their own that looks identical, leave it there for a week or so to collect CC data, then switch them back, and download the purloined numbers. Since you have weak security in the US with terminals (chip but no PIN) it's trivial ... you can buy the terminals at bankruptcy auctions or on eBay. Then all you need is two people ... one to distract the clerk for 30 seconds and another to do the actual switching of the terminals. Easy peasy.


Only places I physically used the card in the last month was at Walmart and the local large chain grocery store. I think it would be pretty hard for a couple of guys to pull off installing skimmers in those places. Most of my card use is on-line to pay bills and buy from Amazon and a few other on-line sellers. Of course, the info could have been obtained months and months ago somehow, and just used now.

I'll never know how my card information was obtained by the ahole, but I find it suspicious this all happened a day after ordering a pizza on-line at Papa Murphy's website. One thing I thought was strange while making the order is that after I filled out all the credit card info and pressed continue, a message came up that said the store couldn't be reached with the order, so I had to re-enter all the information again and the order went through the 2nd time - all seems suspicious now.

Originally Posted By: Johnny2Bad
In any case, it's not the end of the world. You will lose the use of your CC number for a few weeks, at the worst, while they send you a new card in the mail.

If this kind of thing bothers you, sign up for "Verified by VISA" (the other cards have similar programs) that pretty much eliminate the chance of fraud with an online transaction.


It should bother everybody, because everyone is susceptible to this kind of non-sense. I just don't understand why all these credit card companies don't make using the card more secure. I think making it mandatory that a PIN be used on every transaction (in person or on-line) would probably cut most of it out. Websites would have to strongly encrypt the PIN so it couldn't be gleaned by website hackers.
 
Don't feel bad....someone in Eastern Europe stole my 1040 2 years ago and has filed 2 phony tax returns.....
 
Originally Posted By: Doog
Don't feel bad....someone in Eastern Europe stole my 1040 2 years ago and has filed 2 phony tax returns.....


Yeah, that's not good - I'd be livid. Hope you get it worked out soon. Guess it's somewhat beneficial to still do taxes on paper and mail them in. My case is nothing as it was stopped quickly by the Visa fraud people any only impact to me is having to wait for a new card.

But if my info was gleaned off of one of the websites I frequently use (ie, Amazon, utility, phone, cable bill, etc I pay with Visa), then it could all happen again.
 
Here's the security info given by Firefox about Papa Murphy's website. It looks secure, but supposedly so is every other website I use my credit card on.

 
They absolutely can unless they were decent hackers although the address that things are being shipped to is pretty easily investigated.. Now the question.. Will they investigate this? Probably not there is not enough man power to investigate all the fraud.. You however are not responsible for anything except $50.00 which they will probably waive..

You can investigate it if you want.
 
You're spending way too much time worrying about the perps. Your new card will arrive in the mail in a few days. Use it and try to keep this as just a memory. My credit card numbers were stolen and used to purchase Apple computers, airline tickets, take-out food in the Netherlands, and I forget whatever else. It's just part of life today. Don't take it personally.

The $50 liability is only if your physical card was used fraudulently.
 
Originally Posted By: crazyoildude
They absolutely can unless they were decent hackers although the address that things are being shipped to is pretty easily investigated.


Fraud investigators said that these guys usually stake out a house in their area that they know people won't be at home during the day and use that address. Then just watch the tracking number and wait around the place on the day it's supposed to be delivered and swipe it off the porch after the UPS or FedEx truck leaves.
 
Originally Posted By: Leo99
You're spending way too much time worrying about the perps. Your new card will arrive in the mail in a few days. Use it and try to keep this as just a memory. My credit card numbers were stolen and used to purchase Apple computers, airline tickets, take-out food in the Netherlands, and I forget whatever else. It's just part of life today. Don't take it personally.


I'm not taking it personally, and I'm not worrying about the perps ... but I would like it if information given to the fraud investigator could be helpful to possibly track the perps down. I did my part, so yes ... now I wait for my new Visa card, use it like I have in the past, and wait until the next time the card info is stolen and repeat the situation all over again.

Problem is, people are so numb about [censored] like this that they think it's now an acceptable part of every day life. IMO, there has to be a better way to ensure credit card security ... it really can't be rocket science.
 
Originally Posted By: ZeeOSix
Originally Posted By: Leo99
You're spending way too much time worrying about the perps. Your new card will arrive in the mail in a few days. Use it and try to keep this as just a memory. My credit card numbers were stolen and used to purchase Apple computers, airline tickets, take-out food in the Netherlands, and I forget whatever else. It's just part of life today. Don't take it personally.


I'm not taking it personally, and I'm not worrying about the perps ... but I would like it if information given to the fraud investigator could be helpful to possibly track the perps down. I did my part, so yes ... now I wait for my new Visa card, use it like I have in the past, and wait until the next time the card info is stolen and repeat the situation all over again.

Problem is, people are so numb about [censored] like this that they think it's now an acceptable part of every day life. IMO, there has to be a better way to ensure credit card security ... it really can't be rocket science.


There is a better way. It's called chip and pin. They do it in Europe. We don't do it here in the USA.

Yes, I'm numb to this and it's an acceptable part of every day life. The banks are the ones dealing with it and suffering the loss. Let the banks worry about it.
 
Status
Not open for further replies.

Similar threads

OVERKILL
Chinese hacking group APT31 uses mesh of home routers to disguise attacks
Replies
5
Views
404
OVERKILL
S
Get up to a $40 Digital Gift Card When You Buy Shell Rotella
Replies
8
Views
913
cptbarkey
Jackson_Slugger
“The mother of all breaches”-Malwarebytes Offering Free Identity Scan
2
Replies
34
Views
2K
ka9mnx
Boomer
Credit Card Issue
2
Replies
25
Views
1K
Carmudgeon
N
30% off Valvoline Advanced/High Mileage 12 quart box 5W30/0W20 $17.70 for 5 quarts
Replies
8
Views
2K
cedarpangolin
Back
Top