Finally had my credit card stolen, took long enough.

The BBQ Pit
#1

I get up this morning at 6, and check on the bank account like I always do, and found that I had ordered a subscription to some weight loss MLM for $1,200. While I could stand to lose a few pounds these days, I was pretty sure that that was not me. As I watched, and refreshed the page after checking on other accounts, it then went to refund status. So, both a pending and a refund for this $1200. (It was not exactly $1200, but close enough, and I don’t feel like looking it up to type out dollars and cents, just pointing out that the amount was not that round a number.)

So, obviously, I send an email to my bank manager, and prepare to call her first thing after I get dogs checked in.

She didn’t give me a chance, calling me at 7:45, agreed it looked suspicious, and she would look into it.

Called back an hour later saying that there were other charges that had been attempted on the card, and that there were some that would be moving into pending status, but the card was already canceled.The weight loss company had realized that it was likely a fraudulent charge, and reversed it themselves, but the others pending may not have.

I have no idea how they got my card number, I never give it out to untrusted parties. Possibly part of equifax, maybe they hacked one of the vendors that does have it on file.

Anyway, since I caught it so quickly, I don’t have to deal with the hassle of going through charges and contesting the ones that should not be on my account, and, when I asked it it would aide in law enforcement tracking down the perps, she said “It can’t hurt”, pretty non-committal, but I like to think that maybe my quick response gets these fuckers shut down.

Still have to deal with the hassle of getting a new card, and updating all my vendors, especially the ones on auto-pay, but I consider myself fairly fortunate that it didn’t get very far.

Moral of the story, check your credit card statement every day. If you see anything suspicious, let your bank know ASAP. It’ll save you quite a bit of headache, and possibly money.

#2

This happens to me regularly every couple of years or so, that is, my credit card NUMBER gets stolen. Chase Bank has GREAT support. I’ve never had to pay anything.

Go to your online credit card page and see if there aren’t options to text you alerts in the event of various transactions.

I have alerts set up:

  1. If any charge is made over $50 (even if I make it with my card in person).
  2. If any charge in any amount is made when the card is not present (even if I make it, like ordering something online).
  3. When my credit card balance reaches a certain amount (I have it set to $1,000, but you can set it to any amount).

So I don’t need to check the statement everyday, as I’m instantly aware of virtually every credit card transaction, even automatic ones, like Starbucks card reload.

I also have an alert when my payment posts.

Sadly, this is a fact of credit card life. They send a new card immediately and this means the hassle of changing all the automatic payments I have set up, but that too, is a fact of credit card life.

#3

There are so many breaches these days it could have been from dozens of places. I don’t think you can consider any party trustworthy if you’re counting their ability to securely safeguard your data. I don’t even think you can trust regular retailers, I believe there have been some cases where even though they’re not meant to store your card details so that they can be reverse engineered they still do.

I try to have a card that I use out in the wild and a separate (locked in a drawer) card for vendor payment setup, but I’m not sure anymore if it matters, given how often breaches can come from the vendors themselves.

I’ve had unauthorized charges on credit cards a couple of times. It’s relatively painless. It isn’t quite the same thing, but I’ve also had a blank check stolen, along with $2400 from our checking account. Wells Fargo really dropped the ball on getting us our money back. It took a month of paperwork screwups before we got our money back. On the bright side, Wells Fargo is really good at opening new accounts! :dubious:

The moral of that lesson I think is don’t use a debit card, only a credit card. It’s better when it’s not your money they’re trying to get back.

#4

My most recent debit card problem was the result of a skimmer placed on an ATM card like five or six months before fraudulent charges started appearing. It was quite widespread with a lot of accounts hit at all the area banks.

I was amazed that the crooks waited so long and learned that any transaction going back months could be the one that compromised the card data. I still take what I think are prudent safeguards but learned not to send my head into a tailspin trying to recall every transaction if something happens.

Call the bank and let them sort it out.

#5

How timely this thread turned out to be.

Today I got a text that said $2.14 had been charged to my credit card to a vendor I’d never heard of. The time given was a time when I was doing my mall-walking this morning.

I called Chase Bank and-- damn!-- the only way to properly and safely deal with this was to freeze my account and issue me a new card & number. It will be here tomorrow. This means spending an hour or so online and updating all of my automatic charges. But with all this Equifax stuff… I dunno… this might have been someone putting up a trial balloon to see if this card was alive and functioning. Not worth taking a chance. So now it’s not, and I’ll have a new number by this time tomorrow.

Watch your credit card account like a hawk! Set up the alerts on your credit card site, and you’ll be spared any rude surprises. You will always know what is going on without having to login to the bank’s site.

#6

I’ve used this approach for years. So far my vendor card has stayed safe.

Note that I use the vendor-only card for specific regular charges, like paying my cable bill. Not for random online purchases from Amazon or MyCoolToysDuJour.com.

My point is to segregate the routine utility / insurance / mortgage / etc. payments from the stuff that’s ordinary retail spontaneous purchases.

Yeah, if somebody hacks the cable company they’ll get my CC. But there’s just one cable co. My ordinary retail card gets plugged into a few dozen companies every month and many, many different individual terminals.

How many condoms you need depends (mostly) on how many unclean places you stick that rascal.
The good news is that means the compromise of my retail card, for whatever reason, has zero opportunity to hit my credit rating by cascading overdue bills after the CC company freezes the card before I know about it. I don’t need to be in any kind of a rush to re-configure all those vendors.

#7

Emphasis added.

All good advice, and in addition, if you set up alerts, NOTHING will happen WRT your credit card “before you know about it.” When I sit at my computer and charge something online, I instantly hear the tone on my cell phone signaling that a charge was made without the card being physically present. With a variety of alerts set up, you will never get a surprise.

BTW, Chase sent me a new card the next day (yesterday) and it took me an hour to update my automatic payments with the new number. I’m back in businiess.

#8

I’ve had my primary retail card compromised around a dozen times in 20 years. Never due to anything I specifically individually did other than use it. Or be a Target customer. Or be a Home Depot customer. Or … . And so far all this has been at exactly $0 cost to me. And because of my card isolation policy, nil inconvenience as well.

Different strokes for different folks, but I have no desire to subscribe to yet another annoying beep telling me I’m doing something. My card vendor has very proactive security and I’m happy to make them keep watch over me. That puts the effort where the liability is. If they want to pay me to take over their job I’d consider it. But my hourly rate is non-trivial.

YMMV of course.

#9

Yeah, I don’t know that notifications would have actually helped. It just would have woken me up in the middle of the night when the fraud went through. I have quite a number of transactions that go through on the business card, many of them overnight.

I try to protect the card a bit, but I do use it for pretty much all my business purchases, in person or online.

I have a personal card with a tiny limit that I use for somewhat more insecure stuff, like when I have to hand it to the guy in the Mcdonald’s window (I don’t think that he’s stealing my card, but it is out of my sight, and I have heard stories of how that is how many cards are stolen). It hasn’t been stolen yet, but it’s not like they’d be able to charge much on it anyway.

It is more than just checking against fraud that I check my bank account every morning. Sometimes, credit card transactions didn’t go through correctly (usually my fault for getting to settle the previous night, but sometimes it’s the CC processor being slow or losing transactions), I move money around between checking accounts and the cash flow manager. So, checking one more thing to make sure that there are no charges I do not recognize does not take much of my time.

#10

I understand why people are trying to segregate their cards between “out in the wild” and “trusted vendors only”, but not all card theft is due to sketchy vendors. When Citibank was rolling out its new chipped cards, my card was fraudulently charged the day I received it. It had never once been used.

#11

If it reduces the chances by x%, it reduces the chances by x%. The only way to completely eliminate fraud would be to not have a card, or any credit at all.

There are steps in between that can be used to mitigate the risk.

#12

'Zactly. To me it’s just separate water-tight compartments so the area to be pumped out is smaller once it eventually springs a leak. Consider it the CC equivalent of not using one password for all your online accounts.

It’s damage scope limitation, not damage prevention.

#13

I’ve had 2 credit cards compromised (although come to think of it, it was likely one card compromised twice). In each case, the credit card company contacted me with questionable charges.

I had a card canceled once by Discover. It had not been fraudulently used, but police had found a list of numbers in the possession of an arrested. Discover (quite sensibly IMO) immediately canceled the cards and issued new ones.

Twice I’ve had legitimate charges questioned/nullified by the CC company. The first time they just questioned – Mr. Middon was in California and charged something at just about the same time as I charged something in Illinois. The second time I had ordered several books from abebooks.com. Each purchase was submitted by the individual book store, and the stores were scattered all over the US. I called Chase Visa, explained the situation, and then contacted the individual stores and instructed them to resubmit the charge. It was a minor inconvenience to me, and the couple of times since that I’ve ordered several books through abebooks, I’ve contacted Chase first so they knew to let the charges go through.

Probably I’ve ben lulled into a false sense of security, but I don’t check my credit card statement o line during the month. We do scrutinize each bill and call for more info on anything we don’t recognize.