Jump to content
Member? but forgot everything, can't log in... Frozen out??? ×

THIS IS A POLITICS-FREE ZONE.

How Could This Happen

credit

By credit
in Credit Forum

 Share

The last post in this topic was posted 7421 days ago. 

 

We strongly encourage you to start a new post instead of replying to this one.

Recommended Posts

credit

credit

Posted
Posted

I went on Crown Jewelers website this morning and made a payment like i alway's do my payment was due by tommorrow. My credit card number is stored with them because when I log in it just show the last five digits of my card number and it just ask me to enter in my security code.

 

A few hours later I get a call from my bank because it was a visa debit card some got a hold of my card number and within a few hours they tried to charge a 1.000 worth of different transactions.

 

My question is did someone Hack Crown Jewelers website or did someone hack my computer? So I had to cancel the card what a inconvience.


SCFireFighter

SCFireFighter

Posted
Posted

Has you bank told you what those $1,000 transactions were for? Unless somebody tells you something there is no way for you to figure out what happened, and you have to assume (risk wise) the worst -- a compromised computer at home.

Have you ran a virus and spyware sweep on it? In the IT business a situation like this can only truthfully be resolved by reinstalling the possibly compromised computer(s). However, I think a clean sweep should be sufficient for SOHO purposes :good:

credit

credit

Posted
  • Author
Posted
Has you bank told you what those $1,000 transactions were for? Unless somebody tells you something there is no way for you to figure out what happened, and you have to assume (risk wise) the worst -- a compromised computer at home.

Have you ran a virus and spyware sweep on it? In the IT business a situation like this can only truthfully be resolved by reinstalling the possibly compromised computer(s). However, I think a clean sweep should be sufficient for SOHO purposes :good:

 

 

Yes they did tell me what they was for. They was trying to purchase things online. Like electronics

credit

credit

Posted
  • Author
Posted
Have you typed your debit card # anywhere else lately? Perhaps spyware...

 

 

Thats the thing I haven't typed my credit card number in anywhere and it was stored on Crown Jewelers website and it only show the last five digits of my card so that is why I said do you think Crown Jewelers website was hacked?

ZZAF747

ZZAF747

Posted
Posted

It's not your computer or my computer, It's Crown Jewelers lack of maintaining a secure website.

 

On 12/19/05 I used my Washington Mutual visa check card to pay off my balance, on 12/28/05 I logged on to check my balance and noticed, two item's were posted to my checking account $12.87 from a company in Hong Kong, & $678.08 from Madrid, and 2 additional charges for $12.87 & $678.08 were pending.

 

I called Wamu cust/serv - the rep said that nothing could be done about the 2 charges that were already posted, I have to file a dispute & and it could take up to 90-days, because they have to verify the I did not incur these charges. WTF but she did deny the 2 pending charges.

 

I cancelled my check card, just be glad your bank called you. Heck when this is all taken care of I’m switching banks. Oh and the last time I used my check card on-line was 05/26/05

 

As for Crown Jewelers - this was my first purchase, just needed a TL, I doubt that I will ever use them again.

prathos

prathos

Posted
Posted
It's not your computer or my computer, It's Crown Jewelers lack of maintaining a secure website.

 

On 12/19/05 I used my Washington Mutual visa check card to pay off my balance, on 12/28/05 I logged on to check my balance and noticed, two item's were posted to my checking account $12.87 from a company in Hong Kong, & $678.08 from Madrid, and 2 additional charges for $12.87 & $678.08 were pending.

I'm sorry this has happened to you both but I just had to chime in here because most of the time (and these two cases are perfect examples) people assume the wrong thing when the security of their system has been compromised. First and foremost, it is unlikely if not downright unrealistic to assume that Crown Jewelers is at fault for your check card issues. If you take note of the little padlock at the bottom of your browser you can see that the site is secured as well as having a digital security certificate from Thawte.

 

It is much more likely that your information was obtained through a tracking cookie/browser hijacker/spyware/malware present in your system. Generally this happens because of something YOU yourself did such as clicking a link by mistake (popups can sometimes cause this especially when you don't expect them while you are moving around a site). You can also get this by visiting a site you thought was legitimate but in fact was malicious, or via an email using a less secure, or completely unsecure email client such as Outlook Express.

 

I hope this never happens to you again. Here are some tips you can follow to avoid or prevent identity theft and fraud.

 

1. Never EVER use your debit/check card to make purchases on the web. These cards are tied directly to your bank account and are not an extension of credit. With credit charges can be reversed and/or refused by the card issuer. The merchant takes a hit for this in the end, but better them than you I must say. You may have a great bank where you don't suffer in the event of such an occurence, but you never know and when someone gets your debit/check card information they're stealing cold hard cash from you and that is never pleasant.

 

2. Always keep your PC up to date - meaning, make sure to perform regular updates to apply critical security patches to your system. These patches are the result of reports of security vulnerabilities in a system - and are intended to close the gaps.

 

3. Use something other than Internet Explorer. The Microsoft browser is terribly unsecure, full of holes, whatever so you're almost always at a higher risk just by using it. Try Mozilla's Firefox (this is an AWESOME browser BTW), Opera, Netscape, etc. Also, don't provide ANY personal information to a website unless you yourself typed in the address to navigate there. With links, these can be spoofed to look like a site (Bank of America, Ebay, whatever) but in actuality are sites trying to get your account information.

 

4. Get yourself a spyware program - or two, sometimes three if necessary to clean up a system that is no longer secure. Lavasoft AdAware is one SpyBot - Search & Destroy is another - both of which are free programs. If you want I'm sure there's also some good commercial software you can purchase for this purpose as well.

 

5. Make sure your antivirus program is up to date. If you don't have an antivirus program now might be a great time to get one. Symantec/Norton is ok, AVS (freeware antivirus that you can get from CNET Downloads) is ok, etc. Note: McAfee SUCKS and I would not recommend any of their software to anyone, but that's just my opinion.

 

6. Make sure you have some kind of firewall on your system. For home workstations, you usually have/use software firewalls such as Windows XP integrated firewall, Zone Alarm, BlackIce, etc. Sometimes home users have a router. Generally, most routers provide you with a hardware firewall when connected to your system. These are not to be confused with cable/dsl modems which are only a gatweway to the internet that offers absolutely no protection. If you have a home office network or a small office network then a hardware firewall is a MUST as you have more than one workstation and possibly a server(s) to protect.

 

7. If possible, get yourself a good cleaner to remove temporary files, cookies, activex controls...things you get while surfing the internet but should not keep in your system once you're done surfing. You can do this manually, but for the average user that's a PITA, hence the recommendation for a software cleaner. Webroot Window Washer is a fantastic program for this purpose. I don't know of any others as webroot has always been my hands-down favorite, but I do know that other programs for this purpose do exist.

 

8. Lastly, NOTHING is secure on the internet. So if you have an "always on" internet connection (DSL/Cable/Satellite/WiFi) and you leave your computer running, you have to know that you leave yourself open to risk and so, should take extra measures to secure your system. The only REAL way to keep your system secure is to turn it off. Just keep that in mind.

 

Sorry for such a long post but I really I hope this helps you guys. That kind of thing is usually considered a "CRACK" rather than a "HACK" and I personally detest crackers - to put it mildly.

 

peace and vigilance :good:

TX2MOMMY

TX2MOMMY

Posted
Posted

Add me to the list. I had an unauthorized charge on my debit card 4 days after making my CJ payment online with the same card. The charge showed up as a website for some company in Seoul, Korea. I, too, had no idea that this had anything to do with CJ. In fact, I chewed DH out assuming he had been careless with his card # online. Now I know what really happened.

The last post in this topic was posted 7421 days ago. 

 

We strongly encourage you to start a new post instead of replying to this one.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing



  • Member Statistics

    • Total Members
      190435
    • Most Online
      9039
    mhudson323
    Newest Member
    mhudson323
    Joined

About Us

Since 2003, creditboards.com has helped thousands of people repair their credit, force abusive collection agents to follow the law, ensure proper reporting by credit reporting agencies, and provided financial education to help avoid the pitfalls that can lead to negative tradelines.

Pages

×
×
  • Create New...

Important Information

Guidelines

  I accept