In
As a follow up to Ira's question...
I am confused as to the card used in Australia and the loss being in Euros?

<<card was ' duplicated/ skimmed' and over €6,000 euros went on my credit>>

As a number of people here have posted, your card details are far, far more likely to be intercepted physically than over the internet. In every restaurant I've ever been in, when I paid with a credit card, the waiter took the card and went into the back for a few minutes. It's trivially easy to use such advanced technology as a PENCIL to record the card information.

This is WAY more common than intercepting individual internet transmissions, email or otherwise, which is quite rare.

Shop clerks at every store you've ever been in have access to your card name and number as well.

Have you ever ordered something over the phone -- a pizza, even -- and read your number out loud, and heard the clerk repeat it out loud back to you?

If you've ever used your credit card before, even physically in person, there's a good chance that the name and number live on in a database somewhere -- a database that's supposed to be inaccessible from the internet, but often isn't. And even if it is, all it takes is someone to steal the computer. This happens ALL THE TIME. Dozens of major banks and corporations have lost their databases of names, CC#s, social security numbers, and so on, not through high-tech wizardry but through someone picking up a computer and walking away with it.

There are millions of credit card numbers in the hands of thieves. Sophisticated thieves will use data-mining techniques to ferret out your name from other sources to match the credit card, or vice versa.

It is possible that you've got some nasty malware on your computer; millions of people do. Almost all of the trillions of spam messages sent today come out of computers owned by unsuspecting private individuals. Not many of those people are having their CC# snooped as well, but it does happen. But it's the LEAST likely possibility of all of these.

Get antivirus and anti-spyware software and keep it updated. But your credit card number is still quite vulnerable even if you do.

hello,
Just today I'm having an affidavit notarized from having my credit card used while I had it in my possession, and it's travel related.

I didn't use it on the internet, I used this card (rarely used it, only for traveling really) when I traveled to Australia over a year ago.

I believe that someone in a restaurant or other store where they had to take my card in to be processed (most likely restaurant) copied down the numbers and CVS code (3 digit on back of card, or CVV code for American Express) waited almost a year to use it in Australia.

I was in the US when the Australian charge went through a year after I had been to Australia and I had never shopped at the store that was being charged, nor visited that city.

I had to then close the account and get this whole affidavit process taken care of. My point is that credit card fraud isn't only online.

I have an online retail store and to process credit cards online you need the number, CVS code, and billing address. I always call the issuing bank to verify that the card has not been compromised in the cases where the billing address does not match (raises a red flag).

This usually happens when someone moves, and my customers have been ok with the inconvinence of having to correct this with the credit card company before I proccess their order (I cancel and they have to readd to their shopping card and check out again). Only on one occasion did I not get a response from the customer, in which case I cancelled his order.

Other merchants are not as strict and will waive incorrect billing addresses and charge the order. That is what happened in my case, the scary thing is that it was a major worldwide retailer.

Just check all statements every month, that is how I caught this transaction, the quantity was just under $400US.

A friend of mine, a very succesful RE Broker who was always rushed for time would pay his CC bill monthly but he did not match their receipts up to the charges on his monthly statement. Sometime around the 3rd month he was irritated that his wife was charging so much and said something to her. She hadn't.

He reviewed his statements and found that for the past 3 months there were unauthorized charges on his CC statements that neither he or his wife had made. If memory serves me right they totaled over $4,000.00. And I believe he only got credited for the unauthorized charges on his last statement as he hadn't notified the CC Co promptly as to the charges on the earlier statements.

This family had not been on any type of trip. Due to the pressure of their RE business they had hardly been out of the city they lived in.

They figured the information was stolen from some employee at some restaurant as they often ate out and they had not purchased any item online or sent their CC info to any business via their computer.

fnarf - "In every restaurant I've ever been in, when I paid with a credit card, the waiter took the card and went into the back for a few minutes"

I believe that this is illegal in France.

I have had three credit cards scammed in the past two years. Once, $16,000 was racked up in a couple of days in New Brunswick Canada! Once it was for about $5000 at a garage in Provence. Once at the Guicci shop in HK.

Because I travel so much, it is difficult for the CC companies to identify fradulent activity. All three times the banks (ScotiaBank and Royal Bank) were steller. They cancelled the cards and got me replacements within days, sent me an affidavit to sign and cancelled all charges without any penalty.

After the first incident, when I discovered the problem on my statement, I started checking my statement on-line every week, which is how I caught the other 2 problems quickly. I recommend you do the same. Obviously, be careful checking on-line when you travel, but prehaps you can deligate a family member to check on your account when you travel.

PIN numbers on CC, now compulsory in the UK and Ireland I believe, help reduce the incidence of fraud. However, my neice had her cc and cell phone stolen in Dublin last week in a nightclub. She had her pin number stored on her phone and they withdrew 600 Euros before she discovered the loss. I was shocked, but apparently it is not uncommon for people to store their PIN on their phone (under C or V)! It was her own fault, so she had to pay. She was very stoic about it and delared it an expensive, but valuable lesson

I was sitting in my USA office one morning about 7:00 am when the phone rang - it was my mastercard company. After I identified myself, the agent acknowledged that I was not in England and asked if anyone who was signatory to my account was in England. I said no. He stated that someone had made three charges on my account since the day before in England. He immediately blocked my card, ordered a new one and stated they would be sending out some paperwork for me to sign. I asked how they identified it was not me. He stated they have very sophisticated software which follows the pattern of your spending, but also told me that I always call before I leave the country. I had not done so this time. I was not liable for a dime since there was no fault on my part.

For our upcoming trip to Italy, we're booked primarily at small hotels or B&B's. We're staying at 4 differnt places like this and 3 of them wanted me to confirm w/ my credit card number by email. I'm in the web business, I know that this is a no-no so I asked (via email) for a fax number instead. All the establishments sent their fax and reservations were made. Never send your credit card information via email, it can too easily be skimmed. Fax or phone is the only way I'd do it, unless I know the establishment had a secure website.

There is an easy solution for sending a credit card over the internet to secure reservations. I used a dedicated card that has strict instructions never to honor a foreign card. When I check in I either pay in cash or use a different card. Never had a problem.

There are many ways for your CC to be compromised - as many as there are dishonest people. It does matter that you check your statement before paying; as Loveitaly noted in her post, there is often a window of time in which the cardholder must report the fraud in order to avoid responsibility.
As to emailing a CC number - never. Not ever. Sure, the odds may be against your message being intercepted, but it only takes once. There is a reason why sites that do online business have secure message servers. Even that won't protect you from unscrupulous employees who steal your account number, but it's just prudent. the route your email takes to get to its destination can be astounding - sometimes being relayed through several countries. Not worth the risk. If you are dealing with a company that insists you must email it, then absolutely break it up into two or three messages.

My AMEX corporate card was hacked into last month after I made a bunch of online reservations at hotels in the US for a business trip. Well, that said, maybe it was the result of that or maybe not. I've been using the card for more than a decade to do the same kinds of transactions.

I must say AMEX was absolutely wonderful. Called me on my home and office phones to let me know about the fraudulent activity ($5,800 worth of purchases of video war games in a 72-hour period, most of them made in pounds sterling); canceled my card, sent me a temporary card via DHL to the hotel where I wa staying on business and called and confirmed with me how much I'd need to be charging to the card while on business; and sent me a replacement card that was waiting for me when I got home. And their Fraud Squad is awesome - still trying to figure out who got the number and how, but they are really in-touch and responsive. I'd never have even known about what was going on had AMEX not been so vigilant and been so proactive in contacting me. Love AMEX!

Thanks everyone

I contacted the hotels I had booked yesterday and advised them what happened. The replies were all the same -

Sorry this happened - now send us on a new card number to guarantee your reservation!!!!! What can I do so close to my trip only fax on a new card number????

There is no way of contacting SCAVI - they just do not respond to anything

While the card was used in OZ - I live in ireland and the conversion back was in Euro - this my balance showed I was €6k in debt

I rang the Co and asked why they had not contacted me due to the high level of unusual activity but they said as it was the Easter Bank Holiday weekend it went unnoticed - which sounds like a strange answer - surely they monitor suspicious activity 24/7.

They have cancellled my card ( still shows the same balance online) and are issuing me with a new card.

I guess in future the best thing to so is split the details via e mails.

I work for an international bank - I assuming my own PC has good protection etc but I am not the best when it comes to that kind of thing

D

Hi In,

>What can I do so close to my trip only fax on a new card number????

A fax is a good idea. So is emailing in 2 messages.

>I rang the Co and asked why they had not contacted me due to the high level of unusual activity but they said as it was the Easter Bank Holiday weekend it went unnoticed -...<

That is so British.

Why not just call???

I have sent my credit card details hundreds of times for hotel and other reservations over the years. It has not been compromised from any of those transactions.

My partner's credit card has never been used in that way and no emails, faxes, or other uses have been made of his CC details. Yet he has had three cases of credit card fraud like you experienced.

It is not possible to assume that the sending of your details where you did has anything to do with the fraudulent use of your credit card.

Re: intercepting emailed CC numbers: rubbish.

If your email is going to be read it's going to be at the source or the destination, not in between. I am an email administrator and have been working in internet security for over a decade, and I can tell you that the chances of having your email read en route is about the same as having Tom Cruise drop down from the ceiling and stealing your wallet off your bedside table.<br>
If your PC is infected with something it might be taken there -- but not just from an email; it could be taken from your internet cache as well (which is why shopping pages encrypt). And the same goes for the email server or client on the other end; it's not going to be intercepted, it's going to be read off a screen by a human being.<br>
Anybody who's telling you different is either uninformed or in the business of drumming up fear to sell products.

Hear !!! Hear !!! fnaarf99 !! You are absolutely correct. I have made the same point about e-mail transmissions before, and generally have some "computer expert" climb my case for not being correct. Glad to see someone expression the same position. When someone is using a "secured" site it only means that the end server is secured --- and this is what counts. You have to remember how the internet was designed in the first place. It was designed to be secure.

You guys are the experts, but like I've always said, "I don't worry about sending things over the internet". But every time some waiter carries my card to the back of a restaurant I'm at an infinitely greater risk of "identity" theft. In face we've always believed that's how all three of my partner's credit card fraud situations happened.

Right on NP.
And yet we don't seem to worry when that waiter "disappears" with our card here at home. I won't leave my card at with the gas attendant when I fill up either.
Why are we so far behind the accepted practices in Europe? Why do we always think it is going to happen in that backward continent of Europe?

NeoPatrick, that was my point exactly. People tend to worry about the wrong thing with internet security. The weakest link has always been and will always be people, not technology.<br>
The biggest illegal "hackers" have not been particularly skilled with computers; what they've been very skilled with is what they call "social engineering", whereby they call people on the telephone and persuade them, unbelievably, to give up their passwords and so on willingly.<br>
Same with credit cards; most of you reading this have voluntarily handed your credit card details to dozens of complete strangers in the past year.