Credit Card hacked again

Ally Dick

I'm getting sick of this. I have had three credit cards in a row, over the last short while, which have been compromised on me. I'm getting tired of the process of replacing the card every time, and notifying all of the websites that I use, that there will be a new number which will be different. I will ring Credit Card services in the morning to do the needful. This time it was Uber taxi transactions, which are appearing on my statement. I've never used Uber in my life. I googled it and it's a very common scam. 
Websites or apps which allow payments should be OBLIGED by law to carry the credit card number, the expiry date AND the three digit verification code on all of their payments. I believe the reason credit cards are getting compromised so frequently is because some sites such as Uber only look for the credit card and the expiry date, and certain devious sorts are guessing them correctly, and if you're caught out, it's just your bad luck. This is more of a rant than a question, but I'd welcome any opinions on this.
I'd nearly forget about the credit card and go visa debit for everything, if it happens again....

sf80

you might want to have your computer checked out and be very careful where you use the card

Ally Dick

Thanks. I have McAfee software on the computer and I try and be careful. I only use reputable sites. However I hear what you're saying.
Do you think though that a lot of this stuff is opportunism where there are sites which don't require the 3 digit verification step ? Is Uber like that I wonder ?

p.s. I checked out Uber. It does ask for the 3 digit code. Gulp....

RossieMan

McAfee is absolutely useless. Run malware bytes and see does anything show up. It's too coincidental that's it's happened you more than once. It's got to be carelessness on your part somewhere.

FortySeven

RossieMan wrote: »

McAfee is absolutely useless. Run malware bytes and see does anything show up. It's too coincidental that's it's happened you more than once. It's got to be carelessness on your part somewhere.

Yep. No coincidence.

percy212

I wouldn't say carelessness. Its more like an absolute pain in the hole. Or you know, bad luck...

Is there somewhere you regularly use cards, where they might be cloned? The bank can look for patterns anyway...

Do you have a partner that likes Uber

Ally Dick

RossieMan wrote: »

McAfee is absolutely useless. Run malware bytes and see does anything show up. It's too coincidental that's it's happened you more than once. It's got to be carelessness on your part somewhere.

Malware bytes found nothing

RossieMan

A site you use regularly? It's something you're doing. They aren't just guessing the card number. I'd be much more careful, it's actually much better to happen on a credit card rather than a debit card. At least you still have funds to spend.

J. Mourinho

Sorry but 3 times in a row has to be something from your end.

Is malware bytes up to date? Might be a newer program and it's isn't looking for it.

Could simply be a dodgy site too is there many you've used all 3 cards on may help reduce the number of culprits?

Then there's the tough question, could it be a friend or family member screwing you over?

Rackstar

I'd say ramming the credit card number into every site going is half of your problem. Use something like PayPal or the equivalent and limit where you are using your credit card number. I'd say the bank will get fed up of this and withdraw the service from you.

Ally Dick

Would file hosting sites be dodgy? There are two I have premium subscriptions with....maybe I should just stick with Netflix....

Tow

Ally Dick wrote: »

Would file hosting sites be dodgy? 

Do you need to ask that question!

Ally Dick

Tow wrote: »

Do you need to ask that question!

I've been using them a long time with no hassle. Only started running into trouble quite recently

Mycroft H

Can you not pay for a lot of these services using PayPal?

Ally Dick

Mycroft H wrote: »

Can you not pay for a lot of these services using PayPal?

The two I use don't take Paypal. Once I get the new card, I shan't be using them again

RossieMan

Are the hosting sites well known?

sf80

The credit card industry is a bit weird; they have no interest in tracing crime across the world. They put the responsibility on insurance payouts and trying to make sure the credit card processors are not the source of the breaches.

Anyone processing credit cards is monitored for security compliance, and usually the credit card user is the weak link in the chain.

Besides your computer, also consider any time you have used the card on your phone, any businesses you use in person and any bank machines you might regularly use with it.

You should consider a professional check of your devices, although I don't know how much that would cost.

I would reinstall my systems and stop using the card for anything except essentials

munchkin_utd

Ally Dick wrote: »

Would file hosting sites be dodgy? There are two I have premium subscriptions with....maybe I should just stick with Netflix....

so, would a website which gladly hosts illegal material causing 100s of millions if not billions of losses to the music and film industry (incurring the wrath of the FBI and refused services by Paypal due to their illegal activities) be dodgy ? 

No, of course not. 

mickoneill31

I haven't had the issues you've had but I have a method that might help you.

I've a Revolut card that I can top up in seconds from my debit card. When I want to make a transaction on a site I don't trust too much I top up the card with the amount I want to spend and then use the Revolut card on the site.
Then Revolut also has an app where you log in, press a button and lock the card. Every credit card provider should have this facility these days. Revolut is free and they have this. We pay our banks fees and they can't manage it. Here are a couple of screenshots of how hard it is to enable the security
http://67.media.tumblr.com/79fc16015b01dddd1b2e482161c8804e/tumblr_inline_o5xhk7rZxy1ty3m0w_1280.png

Once the card is locked the vendor can try to use the card but it'll be declined and you'll be notified. A legitimate use I use this for is parkingtag.ie
When your balance on parkingtag goes down below €10 they'll automatically try and take €20 off your credit card to top themselves up. I don't use their service enough so a tenner might do me 3 months the amount I use them. So I've entered my Revolut card and it's always in blocked mode unless I want to unblock it for a transaction. When I park my car and pay using parking tag, about 30 seconds later I get a message on Revolut saying €20 transaction declined from Parkingtag (or a message similar to that).

I doubt that your card is being guessed. I've a couple of cards and I've had the same numbers for years and so far there has been no issue. Some site / service you're using or your computer is compromised.

Bank of Ireland: Nicola

Ally Dick wrote: »

I'm getting sick of this. I have had three credit cards in a row, over the last short while, which have been compromised on me. I'm getting tired of the process of replacing the card every time, and notifying all of the websites that I use, that there will be a new number which will be different. I will ring Credit Card services in the morning to do the needful. This time it was Uber taxi transactions, which are appearing on my statement. I've never used Uber in my life. I googled it and it's a very common scam. 
Websites or apps which allow payments should be OBLIGED by law to carry the credit card number, the expiry date AND the three digit verification code on all of their payments. I believe the reason credit cards are getting compromised so frequently is because some sites such as Uber only look for the credit card and the expiry date, and certain devious sorts are guessing them correctly, and if you're caught out, it's just your bad luck. This is more of a rant than a question, but I'd welcome any opinions on this.
I'd nearly forget about the credit card and go visa debit for everything, if it happens again....

Hi Ally Dick, 

I'm very sorry to hear about this, please let me assure you that we're committed to protecting you from fraud and as part of our fraud monitoring we regularly carry out security checks.

Firstly, if you haven't done so already please get in touch with our 24 hour helpline to cancel your card ph. 1890 706 706 (or from abroad ph.+353 56775 7007). Or if you would like to PM your name and phone number I'll arrange a call to you so that the card can be cancelled.

There are some measures that you can take to help prevent fraud and there's more information that you might find useful on our website here.

As other posters have mentioned, you can use a reputable third-party payment service when paying for things online and you can take preventative steps to make sure your PC isn't at risk by:

• Ensuring you've up to date, anti-malware and anti-virus software in place. Keep it updated and use it to perform regular checks.
• Ensuring that your operating system and all other software is up to date with security patches/fixes.
• Using reputable browser security add-ons such as anti-phishing, pop-up blocking, and script blocking software.
• Enabling your PC's firewall or install a reputable one if you don't have one at the moment.
• Only download or shop from recognised trustworthy website sites that use a secure connection.

Check if the web page offers encryption of your data - look for a lock symbol on your browser window or check that the web address of the page you are viewing begins with https:// (page properties will usually tell you what level of encryption is being used).

• Online retailers that use verified by visa or 3D secure as part of their payment process offer additional security for online purchases.
• If you're paying with your card in person don't let the card out of your sight, insist on being present when your transaction is processed.
• When using an ATM make sure to pay close attention for any differences or unusual characteristics. If you do notice anything don't use the ATM - walk away and immediately notify local Gardaí

I hope this helps, please let me know if you need anything else.

Thanks
Nicola

beauf

I wonder does someone have your details on a site, so everytime you change the card, they can just get the details of the card. Or enough details to get access to it. 

I would make sure you are using 2 factor authentication for all sites that have it. Change all your passwords to be different on every site, and use something like LassPass if you can't remember them. 

If it were me I'd wipe my computers and set them for scratch, installing a proper AV like Avast or Kaspersky. 

You have a breech somewhere. 

aphex™

Do you run any apps on a smartphone or tablet from unofficial/jailbreaked sources?

Ally Dick

aphex™ wrote: »

Do you run any apps on a smartphone or tablet from unofficial/jailbreaked sources?

Not that I know of

RossieMan

You're not full of information. Very hard to help you out with were the info is being stolen from.
It's almost definitely a key grabber on either your phone, laptop, tablet.

Ally Dick

RossieMan wrote: »

You're not full of information. Very hard to help you out with were the info is being stolen from.
It's almost definitely a key grabber on either your phone, laptop, tablet.

Sorry. Not trying to be candid or cagey. The filehosts I use are Rapidgator, Uploaded and Keep2Share. I've used Rapidgator for ages, Uploaded a few months and Keep2Share fairly recently. My Google account was hacked recently. I am a bit embarrassed about that. Got an email from a "friend" with an attachment. Asked me for my Google Docs user and password to open it, which I did. Next day I was asked if I was accessing Google from Lagos. I changed my gmail password and added 2 step verification to all my email accounts. I keep getting phishing attempts emailed to me containing false Itunes purchase invoices. I ignore them, and they mostly go to Spam filter anyway.
Other sites that have my credit card details are - Easytrip, Netflix, Bet365, Paypal, Parcel Motel, Spotify, National Lottery, AON insurance, McAfee, ITunes

p.s. I haven't responded to spam attempts to get my details by email. I am at least savvy not to do that

Ally Dick

aphex™ wrote: »

Do you run any apps on a smartphone or tablet from unofficial/jailbreaked sources?

XBMC/TVMC and Mobdro are the two that I can think of

mansize

I don't like 3rd party sites storing my credit card details. Always say no, and put in CC details or use PayPal each time.

MackMack

Ally Dick wrote: »

My Google account was hacked recently.

Log into your gmail, scroll all the way down to the bottom. On the bottom right there's a line "Last Account Activity - xx hours ago" Underneath that there's a link for "Details". Go into this and it'll tell you if there's anyone else still logged into your gmail. There's a button for signing out every device that's logged in. Changing password and enabling 2 factor auth won't sign out the people that hacked you as far as I know.
Mine was hacked before and even after changing the password etc the hacker was still logged in until I forcibly kicked him out

FizzleSticks

This post has been deleted.

Ally Dick

FizzleSticks wrote: »

This post has been deleted.

That's a horrific thought. What do I do about that ? Factory restores? System reinstalls ?

Jodotman

Ally Dick wrote: »

FizzleSticks wrote: »

This post has been deleted.

That's a horrific thought. What do I do about that ? Factory restores? System reinstalls ?

Op you mentioned that you use Rapidgator and other dodgy file sharing sites.
My account was hacked twice from using Rapidgator and had to get replacement cards. 

They are notoriously dodgy and should only be using a prepay card to register to these sites. They are not brand name sites.