Understanding how credit card info is stolen (and preventing this)

ctviggen · « **on:** 21 Feb 2009, 09:39 pm »

I just got back from vacation, and while on vacation, I logged into my gmail account. I have the Vonage phone service, which will email you a version of your phone messages. I noticed a "Restricted" number was listed (Vonage puts the phone number of the caller in the message topic). I listened to this message, and learned that my credit card company suspected credit card fraud.

The perpetrators charged from "ABC Gift Cards" (never heard of this) and Newegg.com.

In order for someone to place an order at Newegg, they'd have to have all my credit card information, my address, and phone number. Additionally, I have a credit card account that requires a second verification, where I enter a password. The second verification occurs after I enter all my credit card info in Newegg. That's a ton of information they have to have.

My questions: how did the perpetrators get the information from me/Newegg in order to place the orders at Newegg, and how do I prevent this from happening in the future?

I ran a deep scan with ESET anti-virus, and found nothing. Are they likely using a key-stroke recording program, and if so, how would I find it/get rid of it?

Thanks.

Nels Ferre · « **Reply #1 on:** 21 Feb 2009, 09:51 pm »

A similar thing happened to us over New Years. Someone charged $180 at Footlocker online. The only two places that week where my Debit Card was out of my possession was at restaurants. Working with the police (I filed a report) and the fraud department at Footlocker, it turns out it was one of the waitresses.

Your computer can be fine, your network secure- it may be more basic than you are thinking. Did you use that card on vacation? Was it ever out of your possession?

ctviggen · « **Reply #2 on:** 21 Feb 2009, 10:32 pm »

It may have been out of my possession. However, to order at Newegg using this card, there's a second screen that comes up that's from my credit card processor. That screen requires a password that only I know. Unless they somehow got around this second screen without using the password, they'd have to know the password.

This is the description of this service:

http://www.navyfcu.org/credit_cards/card_guard.html

So, this is what has me leaning toward a device that records keystrokes, but my virus program doesn't show anything.

zybar · « **Reply #3 on:** 21 Feb 2009, 10:40 pm »

Quote from: ctviggen on 21 Feb 2009, 10:32 pm

It may have been out of my possession. However, to order at Newegg using this card, there's a second screen that comes up that's from my credit card processor. That screen requires a password that only I know. Unless they somehow got around this second screen without using the password, they'd have to know the password.

This is the description of this service:

http://www.navyfcu.org/credit_cards/card_guard.html

So, this is what has me leaning toward a device that records keystrokes, but my virus program doesn't show anything.

Couldn't they phone in an order? I have similar protection on a VISA card, but it is only used when placing online orders, not over the phone.

Do you know how the fraudulent orders were placed?

George

whubbard · « **Reply #4 on:** 22 Feb 2009, 09:12 am »

Newegg purchases are all done online. I too have a password on my Visa, and newegg does prompt for it. I too would suspect a keylogger, or someone stealing your 'packets'
When was the last time you entered this password online? Was it over a wifi network, or over a hardwired network? Have you ever entered this password in a public place?

-West

PhilNYC · « **Reply #5 on:** 22 Feb 2009, 01:35 pm »

Does the fraudulent order show up in your order history at NewEgg.com?

Unrelated to that question, it's possible that NewEgg.com was hacked, not your computer...

ctviggen · « **Reply #6 on:** 22 Feb 2009, 04:15 pm »

Quote from: zybar on 21 Feb 2009, 10:40 pm

Couldn't they phone in an order? I have similar protection on a VISA card, but it is only used when placing online orders, not over the phone.

Do you know how the fraudulent orders were placed?

George

George,

I do not know how the order was placed. I have an email into Newegg to discuss this issue (I found out about the credit card usage Thursday night in AZ, and I traveled all day Friday back to CT, so I couldn't call).

ctviggen · « **Reply #7 on:** 22 Feb 2009, 04:25 pm »

Quote from: PhilNYC on 22 Feb 2009, 01:35 pm

Does the fraudulent order show up in your order history at NewEgg.com?

Unrelated to that question, it's possible that NewEgg.com was hacked, not your computer...

It does not show up in my order history, so they must be using a different account. The person from the credit card company said numerous orders were placed at Newegg, but only one shows up on my credit card account, and none on my Newegg account.

I'm also thinking of some type of key stroke recording program or packet sniffer, but my computer virus program (ESET, supposedly one of the best) shows no viruses. I have had the same password at my account for a while now (changed yesterday). Perhaps that's a mistake, but I have so many passwords that I have to write them down. At work, I have at least 20 separate passwords, and an additional 5 or so at home. I simply cannot remember them if I don't link them somehow, which is perhaps what I'll do -- change my online account passwords to be linked to my work password, which I change every 75 days.