Friday 10 July 2015

Stop! Identitfy thief!

I've only myself to blame. After doing internet purchases for many years without any real problem (and using a secondary credit card with a low credit limit for internet purchases 'just in case') I became too careless about Internet security, and recently made several online payments recently using my main credit card. While I've used that card before for domestic telephone payments and some internet payments where I'm confident about the processor (eg. university fee payments), I'd usually been cautious about payments overseas (such as AliExpress, Banggood etc.).

However, in the past couple of months I must have used it somewhere that has had their payment database hacked, or else I've managed to get some spyware or something onto my home laptop (despite Mcaffee scans showing nothing untoward) as my main credit card suddenly showed eight foreign internet transactions totalling over $1,000 that I hadn't made. Fortunately I happened to be checking my online credit card transaction listing the day that the fraudulent transactions were processed, so I immediately called my bank to report the issue and they 'blocked' my old credit card and issued a new number (I'll have to wait for it to arrive in 5-10 days before I can activate it and advise several direct debit billers of the change in payment details). I then had to lodge on online form 'disputing' these transactions, and they will sit on my account (although I've arranged to not have to pay them in the next billing cycle) until the dispute is resolved - which can take anywhere from one to six months! Hopefully I won't end up being 'out of pocket' for these fraudulent transactions...

As the transaction descriptions made it easy to track down the online company at which five payments for the same amount had been processed, I decided to also lodge a report with the Australian Cyber Crime website ('ACORN') with the details of the transaction, date, amount, merchant etc. I'm not sure if they will actually pass on the information to the Australian or International Police (the amount involved is 'only' $1,000, but it could lead to a 'gang' systematically using stolen credit card details to make online payments), but at least I've done my bit to fight Cyber Crime. Unfortunately I still don't know for sure exactly which prior (legitimate) online purchase was the one the resulted in my credit card details being stolen/hacked.

Theoretically it should be fairly easy for ACORN/Police/Interpol to request details of the IP address used to make the five purchases (as they were for identical amounts and made on the same date using my credit card details) from the online merchant that processed the fraudulent transactions. Whether or not this leads to a suspect (if they were careless), or just leads to an anonymous redirect is unknown. As the five purchases were from an online MOOG company the authorities may also be able to track the IP/identity of who is now using the purchased game service (I suspect the person/gang that made the five online purchases probably bought new game logins and resold them at a steep discount for cash down at the local pub...). If they can find the end-user they might be able to find out who was selling the 'stolen' goods. Hopefully if the online merchant can cancel the services bought with these fraudulent transactions there will be less difficulty getting the disputed transactions cancelled, compared to if the transactions had been for physical goods that had already been shipped out...

Ah well, I've learned my (potentially expensive) lesson and won't be using my new credit card number for any more online purchases in future. I'll stick to using PayPal (wherever possible) or else using my designated 'low credit limit' credit card if a card is required for making an online payments.
Subscribe to Enough Wealth. Copyright 2006-2015

No comments: