Credit card warning

Peter Ezetta protocall7 at gmail.com
Thu Jun 6 01:37:29 PDT 2013 

Hi All,

I'd like to start by saying I'm very sorry that you had to go through this
process, as having your personal info stolen and used against you is never
any fun.  I hope I'm not intruding on the thread, as I was unable to attend
the conference (company only pays for one a year, and we're not a Perl
shop, so YAPC lost out).

Speaking from personal experience, from having this situation happen to me
twice, I'd like to give a few insights.  Take it for what it's worth, as
obviously, there's criminals out there of all types.

--

First, call your bank's fraud dept, and report this asap (obviously).  They
may want you to stop by a branch and sign an affidavit stating that these
charges were not made by you.  Next up, file a police report;  the local
police aren't going to do a darn thing to help you, but that case number
you provided just adds to your case (you wouldn't call the cops on yourself
if you were just trying to get out of charges you made).  At that point,
you should have the charges reversed, a new card with a new number issued,
and chances are, you'll never hear a word about it again.

Now, on to the fun part...  Very commonly, credit card theft is a
multi-tier system.  At some point, you probably encountered a waiter or
bar-tender that was less than scrupulous.  We are all too accustomed to
letting our credit/debit cards out of our sight at bars and restaurants
when we run a tab, or leave a card in a ticket book to be run by a waiter.
This waiter or bartender will then take your card, run it for your order,
and also run it through a skimmer.  Most of the time, the transaction you
made with the establishment will go through as expected.  This puts some
degree of separation between the theft and the legitimate transaction.

This bartender or waiter will then get paid a flat rate (think $25-50 per
stolen card) by another party.  When this has happened to me, I have found
by searching through historical data, that it is normally followed within a
day or two by several VERY small transactions... A dollar here, two dollars
there.  The point is to make sure that the account is active and has funds
without alerting the owner, so the transactions are of amounts that you
won't notice unless you're watching carefully.  After that, often the card
info is sold again to a party who will collect cards until they have enough
to convince someone to run a batch.  With enough money, its not hard to
have 500 cards made with whatever you want encoded onto the mag strips.

This is the point, that in my experience, one gets taken to the cleaners.
A criminal now has a cloned copy of your credit card in hand.  The first
time this happened to me, there was an attempted purchase of a 3D TV
totaling over $8000.  Since it was in a city on the opposite side of the
country, my bank noticed and gave me a courtesy call.  The second time,
someone attempted to make a $30k cash advance against my account at a
casino.  This was also enough to alert my bank that something was probably
wrong, leading to a courtesy call.

Tl;dr:  It's entirely possible that someone at the restaurant in question
swiped your info and went on a shopping spree, but more likely than not,
you were compromised sometime in the past, the restaurant transaction is
still being processed, and the timing of the whole ordeal was just a
coincidence.

For what it's worth... hopefully I was at least able to provide some
insight, and give you a few places to start looking for foul play.

Hope you get it all sorted out quickly!

Regards,

Peter


On Tue, Jun 4, 2013 at 1:23 PM, Jonathan Rockway <jrockway at cpan.org> wrote:

> Hi everyone,
>
> I went to a restaurant last night called El Chile and payed with a credit
> card.  This morning, about $5000 of fraudulent activity appeared on my
> statement, but I wasn't charged for dinner.  This leads me to believe they
> may have nefariously taken my credit card number, and I wanted to warn
> everyone else who was there last night to take a look at their credit card
> activity.
>
> I have no hard evidence that this is what actually happened, but the
> timing does feel very suspect, so I wanted to let everyone else know.
>
> --jrockway
>
>
> _______________________________________________
> yapc mailing list
> yapc at pm.org
> http://mail.pm.org/mailman/listinfo/yapc
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.pm.org/pipermail/yapc/attachments/20130606/4369f290/attachment.html>

More information about the yapc mailing list