I think impostor intercepted my Pizza then pretended to be the delivery guy and stole my card

This weekend I became a victim of bank fraud and I’m pretty darn sure PizzaPizza.com is responsible.

Friday night I placed a delivery order on PizzaPizza.com and chose ‘ pay in person - bank card’ as method of payment.

A couple minutes later I get a call from the cellphone of someone I presumed to be the delivery guy asking me to confirm how I plan to pay (this is quite unusual because they should already have had this info)…the good thing is that I HAVE HIS NUMBER.

A man shows up and gives me a wireless payment machine…I remember noticing the machine interface was unusual because it didn’t ask me if I wanted to tip via dollar amount or percentage amount (normally the authentic machines ask this), Machine indicates that transaction is approved.
Sunday I get a call from the bank saying someone attempted to withdraw money from an ATM in a nearby town. They also tell me that there is NO RECORD OF ANY PIZZA charge!!

I called PizzaPizza.com and tell them about this, they told me that apparently someone (DEFINITELY NOT ME) called them to change the order from delivery to pickup. They have record of the time of the call and a recording of the conversation. Other than that they couldn’t tell me anything useful and they seemed pretty disinterested in what happened, they also didn’t offer an apology or any advice.

With the evidence I have so far the cops didn’t seem too interested.

Should I call the cellphone of the delivery guy? If so, what could I say? I find it extremely unnerving to think that a criminal could intercept my food and bring it to my house to steal my bank card and I’d like to put a stop to this asap. PizzaPizza.com is very popular and I would imagine that there could quite possibly be an organized gang of people defrauding the system in this way, I’d really like to prove it and shut them down.

You got a free pizza. You should call him up and thank him.

Did you pass out in your room?
Do you remember EVERYTHING that happened? Do you?!
Are you sure they didn’t pipe some invisible gas into your room to make you pass out?
That’s how they do it you know.

File a police report? :confused:

Never having heard of PizzaPizza, I just looked at their facebook page. Man, people have absolutely trashed that company. Quite a few stories of people being charged twice, not being able to get the food they paid for, having to wait weeks for refunds etc.

I’m assuming an employee with a skimmer grabbed your credit card info and created his own credit card with your number. I’m not sure what calling him back is going to do other then piss him off. You can try calling the police again and see if they’ll do anything about it, but beyond that, I think think your best bet is to just let it go. Even the credit card company isn’t going to work with you on something this small.

You could write about it on their FB page.

How did the person know you’d ordered?

Did they go in to the pizza place claiming to be “andrea_green”?

How did they know where you lived to deliver the pizza to you and skim your card?

These are some full-service criminals. Not only do they buy you a pizza with their own money, they also deliver and don’t take tips or charge for delivery.

Do you live in the same town as Diamonds02?

I’m thinking she ordered online, the order gets transferred to a local store and an employee (with a skimmer) brought it to her house. The employee, at some point, changed it to a pick up and paid for the pizza out of their own pocket.

Took me a minute to figure that out.

In order for this scam to work the gang would need to have either 1) hacked the pizza company’s website (unlikely but quite conceivable) 2) Have one or more people who work in the central customer service office leaking info 3) have someone in the local pizza shop leaking the info

Alternatively it could have been a real pizza delivery guy who came to my door with a fake machine, but if they’re that stupid they are going to get caught quite quickly because he will need to explain why the system shows the order as a pickup and there is no receipt.

I live in Toronto and PizzaPizza is the largest pizza company in Canada.

Ah, that explains it. Even your criminals are nice. I may turn in my visa application on Tuesday night or Wednesday morning.

Nah, you’re over thinking it. Let’s say I’m the bad guy.

A pizza comes down the pipes to my local store. I call corporate and say “Hi, this is Andrea Green, I decided I’m just going to pick this up instead of paying for delivery…kthxbai”. Then I buy the pizza, bring it to your house, swipe your credit card with my skimmer and go back to work. Alternatively, instead of buying the pizza with my own money (now that I think about it), I could use the CC info I stole from you to buy the pizza so it shows up on your statement and I’m not paying for it out of my pocket.

I’m not quite sure why it has to be changed to a pickup though. Either it has something to do with shuffling it around in the system or the person doing the skimming hasn’t worked out all the kinks yet.

If you’re right and the person who skimmed the card (must necessarily be the person who came to my house) is a legit delivery guy then he is going to have a very tough time explaining

  • why is there no record of the transaction?
  • why is there no receipt?
  • why did the order say pickup but he came to my house?

The impostor theory is a little far-fetched though.

Or 4) hack your computer or network connection and intercept the order as you place it. Then call the pizza place and change the order to pick up, pick it up, and knock on your door with the pizza and a card reader.

If someone had hacked her computer, they would just wait until she bought something online, instead of buying her a pizza and driving to her house.

agreed, this theory does not seem highly probable.

Maybe, or maybe they would go for the first chance they had to grab the CC number rather than waiting for a future hypothetical chance. Also, if they were hacking into a wireless network, for example, as opposed to running malware directly on her computer, any real cc transactions would almost always be encrypted - but a pizza order with no payment info may be sent in plain text.

Just out of curiosity do you use a wireless network with no encryption? It isn’t as improbable as you might think.

Well, I feel like I don’t have all of the information, but the way it was described it had to have been someone at the local branch of PizzaPizza. Who else could have changed the order? Who else could have delivered the pizza? I’m not sure exactly how the thief’s plan was supposed to work, but clearly the thief works for the local branch of PizzaPizza.

Even if she did what website isn’t using SSL for credit card orders, unless she is doing something silly like emailing her CC info.