|
BEWARE: My credit card was copied after I used it tosecure hotels in italy and pay for my SCAVI Tour....
Hi All
Just a word of warning I just discovered my credit card was ' duplicated/ skimmed' and over €6,000 euros went on my credit card last weekend. I rarely rarely use it . I recently used it to secure my hotel reservations for my upcoming holiday in Italy and to pay for my SCAVI tour. So just a word of warning to be very very careful. I never thought it would happen to me. Should I contact the hotels I booked? Thanks D |
D, what process did you use to secure the reservations in which your card was duplicated, was it over the internet, by phone or fax? At least you will not be responsible for the stolen amount.
A reason you should contact the hotels is because I am guessing that card is no longer valid and could that impact any of your reservations? Hope you come out of this without any financial obligations for the stolen cc number. Deborah |
I guess now looking back I have been very foolish
I fowarded my credit card details via e mail directly to the hotels I emailed my details for the SCAVI tour. I didn't actually submit them via the internet at any stage as far as I can remember. I am waiting for the credit card co to resolve it - they do an investigation etc. I am assuming I am not liabile but its a heck of an inconvienence. Just beware! |
Indecisive, I am very sorry to hear about your being scammed.
My son, who is much more savvy about the internet/email than I am, has always told me that I should only use secure sites on the internet and that I should NEVER put my credit card number in an email. If a hotel or B&B doesn't have a secure email site, which is not that unusual, I always get a fax number and fax the credit card number to them. For the once or twice that the place didn't even have a fax number I have sent the number by email, but I do it as two separate emails. Half the number in one email and the second half in email number two. Apparently the chances of both emails being intercepted are miniscule. I hope this helps when making future bookings. |
indecisive, if you sent it by email then you sent it over the internet. I also use my credit card online for payment and just expect it to be a secure line.
I am sure someone else on Fodor's has experienced online cc fraud and can give you some peace of mind regarding your financial responsibility. Good luck, Deborah |
LOTS of people send ytheir CC information in e-mails, over the internet, etc.
Who knows exactly how your information got into someone else's hands; it could easily have been on the other end of your transmissions. You need to check with your CC issure as to your liabilities but I suspect that may be limited to $50. |
Hi I,
>I guess now looking back I have been very foolish I fowarded my credit card details via e mail directly to the hotels I emailed my details for the SCAVI tour.< Not foolish at all. If the theft was from the hotel or the Scavi office, it doesn't matter how they got the info - phone, fax, eml, letter or in person. It's highly unlikely that someone intercepted your emls. You can check that by buying something with another CC and sending the details via eml. If that card is compromised, you have a very bad spyware program on your computer. Definitely notify the hotel and the Scavi tour people. You are limited to no more than $50 liability per transaction, ONLY IF IT WAS YOUR FAULT. Assuming that you notified the CC issuer as soon as you learned of the fraud, you have no liability. ((I)) |
I also send hotels my cc info over mail sometimes. If it was someone at the hotel or at the tour company who copied your cc information, then I suppose it would have happened even if you had send it by regular mail. I would definitely contact the hotels and Scavi about this.
|
Thank you all so much for you replies
The card was actually physically used in Australia . So I guess its easy to prove I wasn't there..... I guess I have been unlucky and will be more careful in future |
So sorry to hear about the CC problem.
Regarding the Scavi tour...everything I've read says you would be sending your CC info via email to their office once they confirmed a time. I emailed them on March 25th asking for a reservation in late May/early June. I got their auto-reply but nothing more. So I have no idea what sort of email to expect from them (if I ever actually hear from them again). I was assuming I would be sending the CC info via email...although the idea of doing that bothered me somewhat. I do business on-line (booked my Rome trip that way) but usually via web sites and, hopefully, secure lines. Hope things work out for you, D. LeeParis |
Indecisive, that's the whole point: I'm not sure how much "more careful" you really need to be.
You don't know for certain how your card number was compromised, much less how it actually happened. The one thing you <b>might consider</b> doing in the future is divinding your credit card number between two different e-mails. <b>But</b> that's no guarantee of safety, especially if the compromise happened in the recipient's office, etc. |
Have you checked the PC you used to send the emails?
|
Don't ever e-mail CC details. Your e-mail can be very easily intercepted. The thiefs have special software to intercept any e-mails that could possibly have CC#s. The software looks for certain details, such as 16 digit numbers, expiration date (i.e. 3/08) name, address, etc. Your e-mail is totally unsecure, unless you have software to encrypt it, but then the other side will need software to read your mail, so it's not very practical unless both parties use the same software.
I agree with some here. If you have no other choice, although calling would be my choice, then split the number into 2 or even 3 e-mails. It doesn't guarantee total security but it will greatly diminish the chances of the info being intercepted. If the hotel has a secure page to make a booking then use that as your first option. I too was a victim of CC fraud about 2 years ago. In my case it was either an employee at a restaurant or a hotel in LA. I only used the card there. Few days before a month long trip, I went on line to check all the balances on my CCs and to my surprise there were 3 charges made in Houston (I have never been there) the evening before at Dillards, Home Depot and Wal-Mart. All 3 were for ~$500 each. I called the security hotline and as I was speaking with the agent the thief was trying another charge at the exact same time. She blocked it, but to my surprise, she was not in any hurry to call the store to get info about the thief. At the end I didn't pay a penny for the charges so I really didn't care but it surprised me to see how the bank fraud agent didn't seem to care. I just had to sign an affidavit few weeks later that neither I nor anybody that I may have authorized to use the card made the charges. btw, I did receive a new card in couple of days. Good luck! |
If your card was physicially used in Australia that means it was a ring of scammers - not just an employee who used the number to get things for themselves.
I would definitely contact the hotel and let them know about the problem - since someone there may be employed by the ring. (One of the restaurants we order from no longer takes CC info for phone orders - only cash - since someone there - they never found who - was stealing the info. With phone orders you get the card # AND address - which apparently allows them to get fake cards. We found out by talking to friends - and figuring out we all had bogus CC charges after ordering delivery from this restaurant - and complaining to them. But - you should NOT give your cc number on the internet except for a site that you know is legitimate and with a clearly visible security lock. Never email the info all together. |
I agree with the others, although there are things you can do to limit your exposure, since there isn't any way of knowing how the information was intercepted, it is hard to know how to be more careful.
Not to worry though. My card number has been stolen 3 times - different cards, one I have never used online or ever sent the card number in an email. It is a slight hassle when the card number is intercepted and used, but not a huge deal. You wont be liable for any charges. The bank will issue you a new card with a new number - everything except the fraudulent charges will be transfered over. The only thing you really have to worry about are any pending or automatic charges you have going onto your card - just call the vendors and give them your new card number. Slight hassle, but nothing big. The only time it has ever been a hassle for me was when I charged a tuition payment to a card and then before the tuition payment cleared, the card was compromised. Perhaps someone at the school was running a scam - who knows? Regardless, I had to jump through some hoops to get the tuition payment transfered onto another form of payment. It was straightened out, but it took a little time on my part. Otherwise, the whole experiences have been pretty much hassle-free and I haven't been liable for anything. |
I doubt that your credit card information was "intercepted." A more likely explanation is that someone working for one of the hotels or the tour agency browsed the e-mails and copied your numbers. Even a FAX can be risky, but it is better than e-mail, especially if the FAX is immediately destroyed.
Although unrelated to European travel, I had some bogus transactions appear on one of my credit cards a few years ago. My VISA company spotted the suspicious activity and notified me even before I received the bill. In the end, I didn't pay a dime, but it was a major hassle. About every four or five months, I would receive threatening phone calls or letters from a phone company that sold numerous $100 calling cards to the person that was fraudulently using my card. After a half-dozen phone calls, and two weeks of phone tag, it would be "resolved" until I heard from them again in a few months and the process would start over again. It finally stopped after I collected enough information to discover that the phone cards were charged to my credit card several days after I canceled the card. The VISA investigator that I spoke with said that many small telecomms that e-mail phone card PINs (no physical address required) are well aware that a significant portion of their transactions are fraudulent but continue to profit from such transactions. |
Did the bank closed or froze your account and issued a new card with another number?
|
Sorry. I forgot to mention that the telecommunications company that honored the fraudulent transaction on my card did not even bother the verify that the card was valid. Had they checked, they would have discovered that it was recently cancelled. |
Since the card was physically used in Australia what makes you think it was skimmed in Europe - could it not have been done when you used the card recently in the US and coincidentally it was misused now? Skimming usually involves copying the magnetic strip onto a blank card. If it was used over the net or by phone then maybe it was the result of your e-mailing the number, but only if you included the security code from the back of the card too, toherwise I suspect your card was skimmed much closer to home.
|
Hi In,
>The card was actually physically used in Australia..... Have you ever given your card to a waiter who disappeared for a short while and then brought it back? It is more likely that that is how it was copied than by an internet intercept. ((I)) |
In
As a follow up to Ira's question... I am confused as to the card used in Australia and the loss being in Euros? <<card was ' duplicated/ skimmed' and over €6,000 euros went on my credit>> |
As a number of people here have posted, your card details are far, far more likely to be intercepted physically than over the internet. In every restaurant I've ever been in, when I paid with a credit card, the waiter took the card and went into the back for a few minutes. It's trivially easy to use such advanced technology as a PENCIL to record the card information.
This is WAY more common than intercepting individual internet transmissions, email or otherwise, which is quite rare. Shop clerks at every store you've ever been in have access to your card name and number as well. Have you ever ordered something over the phone -- a pizza, even -- and read your number out loud, and heard the clerk repeat it out loud back to you? If you've ever used your credit card before, even physically in person, there's a good chance that the name and number live on in a database somewhere -- a database that's supposed to be inaccessible from the internet, but often isn't. And even if it is, all it takes is someone to steal the computer. This happens ALL THE TIME. Dozens of major banks and corporations have lost their databases of names, CC#s, social security numbers, and so on, not through high-tech wizardry but through someone picking up a computer and walking away with it. There are millions of credit card numbers in the hands of thieves. Sophisticated thieves will use data-mining techniques to ferret out your name from other sources to match the credit card, or vice versa. It is possible that you've got some nasty malware on your computer; millions of people do. Almost all of the trillions of spam messages sent today come out of computers owned by unsuspecting private individuals. Not many of those people are having their CC# snooped as well, but it does happen. But it's the LEAST likely possibility of all of these. Get antivirus and anti-spyware software and keep it updated. But your credit card number is still quite vulnerable even if you do. |
hello,
Just today I'm having an affidavit notarized from having my credit card used while I had it in my possession, and it's travel related. I didn't use it on the internet, I used this card (rarely used it, only for traveling really) when I traveled to Australia over a year ago. I believe that someone in a restaurant or other store where they had to take my card in to be processed (most likely restaurant) copied down the numbers and CVS code (3 digit on back of card, or CVV code for American Express) waited almost a year to use it in Australia. I was in the US when the Australian charge went through a year after I had been to Australia and I had never shopped at the store that was being charged, nor visited that city. I had to then close the account and get this whole affidavit process taken care of. My point is that credit card fraud isn't only online. I have an online retail store and to process credit cards online you need the number, CVS code, and billing address. I always call the issuing bank to verify that the card has not been compromised in the cases where the billing address does not match (raises a red flag). This usually happens when someone moves, and my customers have been ok with the inconvinence of having to correct this with the credit card company before I proccess their order (I cancel and they have to readd to their shopping card and check out again). Only on one occasion did I not get a response from the customer, in which case I cancelled his order. Other merchants are not as strict and will waive incorrect billing addresses and charge the order. That is what happened in my case, the scary thing is that it was a major worldwide retailer. Just check all statements every month, that is how I caught this transaction, the quantity was just under $400US. |
A friend of mine, a very succesful RE Broker who was always rushed for time would pay his CC bill monthly but he did not match their receipts up to the charges on his monthly statement. Sometime around the 3rd month he was irritated that his wife was charging so much and said something to her. She hadn't.
He reviewed his statements and found that for the past 3 months there were unauthorized charges on his CC statements that neither he or his wife had made. If memory serves me right they totaled over $4,000.00. And I believe he only got credited for the unauthorized charges on his last statement as he hadn't notified the CC Co promptly as to the charges on the earlier statements. This family had not been on any type of trip. Due to the pressure of their RE business they had hardly been out of the city they lived in. They figured the information was stolen from some employee at some restaurant as they often ate out and they had not purchased any item online or sent their CC info to any business via their computer. |
fnarf - "In every restaurant I've ever been in, when I paid with a credit card, the waiter took the card and went into the back for a few minutes"
I believe that this is illegal in France. |
I have had three credit cards scammed in the past two years. Once, $16,000 was racked up in a couple of days in New Brunswick Canada! Once it was for about $5000 at a garage in Provence. Once at the Guicci shop in HK.
Because I travel so much, it is difficult for the CC companies to identify fradulent activity. All three times the banks (ScotiaBank and Royal Bank) were steller. They cancelled the cards and got me replacements within days, sent me an affidavit to sign and cancelled all charges without any penalty. After the first incident, when I discovered the problem on my statement, I started checking my statement on-line every week, which is how I caught the other 2 problems quickly. I recommend you do the same. Obviously, be careful checking on-line when you travel, but prehaps you can deligate a family member to check on your account when you travel. PIN numbers on CC, now compulsory in the UK and Ireland I believe, help reduce the incidence of fraud. However, my neice had her cc and cell phone stolen in Dublin last week in a nightclub. She had her pin number stored on her phone and they withdrew 600 Euros before she discovered the loss. I was shocked, but apparently it is not uncommon for people to store their PIN on their phone (under C or V)! It was her own fault, so she had to pay. She was very stoic about it and delared it an expensive, but valuable lesson :( |
I was sitting in my USA office one morning about 7:00 am when the phone rang - it was my mastercard company. After I identified myself, the agent acknowledged that I was not in England and asked if anyone who was signatory to my account was in England. I said no. He stated that someone had made three charges on my account since the day before in England. He immediately blocked my card, ordered a new one and stated they would be sending out some paperwork for me to sign. I asked how they identified it was not me. He stated they have very sophisticated software which follows the pattern of your spending, but also told me that I always call before I leave the country. I had not done so this time. I was not liable for a dime since there was no fault on my part.
|
For our upcoming trip to Italy, we're booked primarily at small hotels or B&B's. We're staying at 4 differnt places like this and 3 of them wanted me to confirm w/ my credit card number by email. I'm in the web business, I know that this is a no-no so I asked (via email) for a fax number instead. All the establishments sent their fax and reservations were made. Never send your credit card information via email, it can too easily be skimmed. Fax or phone is the only way I'd do it, unless I know the establishment had a secure website.
|
There is an easy solution for sending a credit card over the internet to secure reservations. I used a dedicated card that has strict instructions never to honor a foreign card. When I check in I either pay in cash or use a different card. Never had a problem.
|
There are many ways for your CC to be compromised - as many as there are dishonest people. It does matter that you check your statement before paying; as Loveitaly noted in her post, there is often a window of time in which the cardholder must report the fraud in order to avoid responsibility.
As to emailing a CC number - never. Not ever. Sure, the odds may be against your message being intercepted, but it only takes once. There is a reason why sites that do online business have secure message servers. Even that won't protect you from unscrupulous employees who steal your account number, but it's just prudent. the route your email takes to get to its destination can be astounding - sometimes being relayed through several countries. Not worth the risk. If you are dealing with a company that insists you must email it, then absolutely break it up into two or three messages. |
My AMEX corporate card was hacked into last month after I made a bunch of online reservations at hotels in the US for a business trip. Well, that said, maybe it was the result of that or maybe not. I've been using the card for more than a decade to do the same kinds of transactions.
I must say AMEX was absolutely wonderful. Called me on my home and office phones to let me know about the fraudulent activity ($5,800 worth of purchases of video war games in a 72-hour period, most of them made in pounds sterling); canceled my card, sent me a temporary card via DHL to the hotel where I wa staying on business and called and confirmed with me how much I'd need to be charging to the card while on business; and sent me a replacement card that was waiting for me when I got home. And their Fraud Squad is awesome - still trying to figure out who got the number and how, but they are really in-touch and responsive. I'd never have even known about what was going on had AMEX not been so vigilant and been so proactive in contacting me. Love AMEX! |
Thanks everyone
I contacted the hotels I had booked yesterday and advised them what happened. The replies were all the same - Sorry this happened - now send us on a new card number to guarantee your reservation!!!!! What can I do so close to my trip only fax on a new card number???? There is no way of contacting SCAVI - they just do not respond to anything While the card was used in OZ - I live in ireland and the conversion back was in Euro - this my balance showed I was €6k in debt I rang the Co and asked why they had not contacted me due to the high level of unusual activity but they said as it was the Easter Bank Holiday weekend it went unnoticed - which sounds like a strange answer - surely they monitor suspicious activity 24/7. They have cancellled my card ( still shows the same balance online) and are issuing me with a new card. I guess in future the best thing to so is split the details via e mails. I work for an international bank - I assuming my own PC has good protection etc but I am not the best when it comes to that kind of thing D |
Hi In,
>What can I do so close to my trip only fax on a new card number???? A fax is a good idea. So is emailing in 2 messages. >I rang the Co and asked why they had not contacted me due to the high level of unusual activity but they said as it was the Easter Bank Holiday weekend it went unnoticed -...< That is so British. :) ((I)) |
Why not just call???
|
I have sent my credit card details hundreds of times for hotel and other reservations over the years. It has not been compromised from any of those transactions.
My partner's credit card has never been used in that way and no emails, faxes, or other uses have been made of his CC details. Yet he has had three cases of credit card fraud like you experienced. It is not possible to assume that the sending of your details where you did has anything to do with the fraudulent use of your credit card. |
Re: intercepting emailed CC numbers: rubbish.
If your email is going to be read it's going to be at the source or the destination, not in between. I am an email administrator and have been working in internet security for over a decade, and I can tell you that the chances of having your email read en route is about the same as having Tom Cruise drop down from the ceiling and stealing your wallet off your bedside table.<br> If your PC is infected with something it might be taken there -- but not just from an email; it could be taken from your internet cache as well (which is why shopping pages encrypt). And the same goes for the email server or client on the other end; it's not going to be intercepted, it's going to be read off a screen by a human being.<br> Anybody who's telling you different is either uninformed or in the business of drumming up fear to sell products. |
Hear !!! Hear !!! fnaarf99 !! You are absolutely correct. I have made the same point about e-mail transmissions before, and generally have some "computer expert" climb my case for not being correct. Glad to see someone expression the same position. When someone is using a "secured" site it only means that the end server is secured --- and this is what counts. You have to remember how the internet was designed in the first place. It was designed to be secure.
|
You guys are the experts, but like I've always said, "I don't worry about sending things over the internet". But every time some waiter carries my card to the back of a restaurant I'm at an infinitely greater risk of "identity" theft. In face we've always believed that's how all three of my partner's credit card fraud situations happened.
|
Right on NP.
And yet we don't seem to worry when that waiter "disappears" with our card here at home. I won't leave my card at with the gas attendant when I fill up either. Why are we so far behind the accepted practices in Europe? Why do we always think it is going to happen in that backward continent of Europe? |
NeoPatrick, that was my point exactly. People tend to worry about the wrong thing with internet security. The weakest link has always been and will always be people, not technology.<br>
The biggest illegal "hackers" have not been particularly skilled with computers; what they've been very skilled with is what they call "social engineering", whereby they call people on the telephone and persuade them, unbelievably, to give up their passwords and so on willingly.<br> Same with credit cards; most of you reading this have voluntarily handed your credit card details to dozens of complete strangers in the past year. |
| All times are GMT -8. The time now is 03:08 PM. |