This may end up in IMHO, but I’m confused about what happened. Maybe whoever attempted to use our credit card is an idiot, or I’m just not understanding the situation.
We got an email yesterday from an e-business that sells women’s makeup and accessories, thanking us for our $300 order and telling us that it will be shipped soon. The email contained our street and billing address and the last four of the credit card number. I immediately sent a reply email telling them that we didn’t order it and that I would be contacting our CC company, which I did. Surprisingly, I got an email from them saying that they were cancelling the order, and I replied again, asking where they got our information from (no answer as yet).
So here’s the confusion: if somebody skimmed our card somewhere in our recent travels and used the info to order $300 worth of makeup, why didn’t they change the shipping address? What sort of thief spends your money and then sends the merchandise to you? What are they gaining? And how did the thief get our email address? And why would they use that address when placing the order, knowing that the order confirmation would alert us to the theft?
It does, of course, wreak some havoc with our auto-pay accounts to cancel the card, but it’s a minor inconvenience. It all just seems weird.
The simplest explanation is that somebody in your family bought something from this vendor with this card, and has forgotten. The vendor kept your details, and just made a mistake with a new order that belongs to a different account. Otherwise, it’s hard to imagine why a fraudster who had obtained your details would place an order using your real email address, because CC companies don’t cross-check against email address to verify & authorize payment, and obviously you will get an immediate confirmation email that will raise a red flag.
The only people who have access to this card are my wife and me. Nobody else lives with us or has ever had access to the card other than in a commercial setting. My wife uses no makeup other than a tube of lipstick every couple of months, so it’s not an order she would have placed. This is not a vendor that either of us is familiar with, nor have ever used. The rest of your response basically restates my confusion in the matter.
RedSwinglineOne I suppose that’s a possibility, but seems risky for the fraudster. The person who owns the e-business has been prompt about answering emails, and has even included her name. We just got another response from her saying that since they are an online business, they get orders from all over and could not identify whoever used the card. It would seem that there would be some way to trace the ISP of whomever placed the order, but I’ll leave that to the CC bank fraud investigators.
Ah, but did she order a free sample of a beauty product?
A Web or e-mail ad will offer a FREE sample of a desirable beauty product (say, “BB Cream”), you fill in your info on their Web site (credit card required for shipping & handling) and they ship it to you. But then you get a box of other stuff a month later (and they charge your credit card), and again a month after that, etc. The monthly bills are in the hundreds. It’s difficult to track down these companies, and when you finally do they say that there was some fine print (when you clicked to order the free sample) whereby you allowed them to do that.
Two ladies I know have been had with this, this past year. But in both of those cases, the company didn’t send an e-mail invoice. So I’m not sure if this could be the same scam.
Well, my point was that the use of your real physical address doesn’t rule out a a fraudster, because they might have been messing around to try to figure out what the CC company would approve - sometimes they will approve a delivery address different from your billing address, sometimes not.
But it seems to me that the use of your genuine email address suggests that this is unlikely to be a fraudster, because it’s so easy to set up a temporary fake email to receive fraudulent order confirmations, and a fake email has no implications for the CC payment approval.
If you’re sure that you haven’t used this vendor before, I wonder if they have absorbed some other vendor that you have used, then been naughty about keeping your account details, then just made a mistake.
Is it an Avon style MLM company, where a rep gets compensated for sales? Maybe the person who placed the order was aiming for the commission or hitting some quota. Still doesn’t make a hell of a lot of sense, but at least the scanner would get something out of it if you didn’t report it.
I had this happen a few years back. A number of items bought using my CC, shipped to me. Kids Movies, facial cleanser, GI detox pills, seems like something else. My CC company contacted me and canceled the charges, but the companies still shipped the stuff, wanted it shipped back at my expense…sorry guys, I never ordered it.
There was one thing the CC company missed, and it took some back and forth, because they ended up charging late fees on top of that, but eventually all the charges were declined.
A beauty product would be the last thing she would ever ask for a sample of. She’s just not (and never has been) interested in that stuff. Think ‘lifelong hippie’. Had it been something in a food product or a book, then I would say ‘yeah, maybe’.
Riemann Yeah, sorry if I sounded critical; it wasn’t my intention. And yes, we’re absolutely positive we’ve never used this vendor before (see comment above). I’m really leaning toward ‘stupid criminal’ on this, for the reason you mentioned re the email. It was a red flag that nobody with a modicum of common sense would ignore. What’s bizarre is that any e-commerce site that I’ve ever bought from has an online form to fill out that includes the shipping address, etc. How could anyone be dumb enough to enter MY address? I just looked at their order page and see that it doesn’t require a phone number. Too bad, as perhaps I could have tracked the asshole down.
DrDeth: Could be, but they were responsive to my emails and followed through on the cancellation.
Bayard: I don’t know. The name of the business is Beauty Loves the Beast, and a search online doesn’t bring up any national headquarters. It actually took a bit of searching to find their website, so I’m thinking that it’s an independent owner.
This happened to my wife. The people who stole her number bought some stuff online and had it shipped to an address in Chicago. They also ordered stuff and had it sent to us, including some kind of monthly tie club. They actually let us keep the ties, but they were butt ugly.
Scam store wants to distinguish between easy marks and awake customers. Because a couple of awake customers can have their cc access cancelled. Scammers don’t like that.
So they send you an email. If you reply, they correct their “Mistake”. If you don’t, they figure they can bill you $5.67 per month without your notice. Plus the $300 for their $50 gift box. Then move on from there. They lifted your credit card and stats from some darkweb forum.
“Beauty Loves The Beast”. Their entire “catalog” seems to consist of seven cheap items, so I don’t what a supposed “gift box” could possibly contain…especially when you consider the seven items: a $15 nail kit, a $2.50 eyelash curler, four different types of human hair eyelashes at $2.50 each, and something called a “pink beauty blender” at $5.50. It looks like someone took a $20 down to the local drugstore and grabbed 7 random items off a rack.
Now, if that doesn’t seem scammy enough for you, wait till you hear what comes in your $150 “Beauty Package”(discounted from $185!):
5 Eyelash Curlers (normally $2.50)
10 Gelish Gel Nail Polish (normally $9.00)
15 Beauty Blender Sponges (normally $5.50)
Now if you are the type of [del]rube[/del]customer that thinks that this is just the bee’s knees, you would definitely be interested in their bigger $300 “Beauty Package”(discounted from $412.50!), which includes:
10 Nail Kits (normally $15.00 each)
15 Beauty Blender Sponges (normally $5.50 each)
20 Gelish Nail Polishes (normally $9.00 each)
Oh, that was done immediately; we’ve had our info stolen twice before on a different card, the second time before the replacement card was even used. The three posts prior to yours seem to be nailing (ha!) it down. It really is a ridiculous website.
The common thing in the industry is to pay commissions for “SEO” “syndicated advertising result management”
SO I do the advertising and SEO.
How to get my commission ? Force them to pay cash for results in a short time… before the credit card company gets back to them…
Then I load in valid credit card details, names, addresses into the orders web page, VPN, untraceable… and hey look pay me $15,000 commission ,your business is going to go big ! yep, the business will have a big costs bill next week when its got to repay all the credit card payments and there’s 15000 orders drop shipped…
Or its even possible that a grey hat type , someone a bit mean but thinking he is doing the world a favour, did it to annoy the company which sends out spam email. and by the way, your website really should prevent bulk loads of orders from the same address, and VPN…
hey there’s an idea… the main stream media, want to shut down online streaming by disabling VPN’s , and this credit card order loading is a way to get the VPN shut down.
Or one VPN does it to another.
Or its even possible that an anarchist/luddite/alternative type believes he is attacking the credit card companies…
You know the credit card companies solution could be to offer one off credit card numbers…