Shack PSA: Credit fraud up close and personal

I was recently a victim of credit fraud. In light of concerns raised by the theft of personal data from the PlayStation Network, I thought I'd share a little about my own experience and encourage everyone to be safe.

8

As some of you might have seen tweeted by Garnett Lee last night, I was recently a victim of credit fraud. In light of concerns raised by the theft of personal data from the PlayStation Network, I thought I'd share a little about my own experience and encourage everyone to be safe.

It started yesterday afternoon, when I was flipping through some news feeds; we do this all the time between writing stories. I stumbled on this piece from Ars Technica, where readers claimed to have been victims of credit card fraud, on the cards associated with the PlayStation Network.

That reminded me to check my own bank account, which I had been doing regularly since the story broke, and I found it roughly $1,500 lower than it should've been. It came in the form of three identical charges to a Giant Food in Germany, all for slightly over $500, which my bank later told me came over the course of three minutes -- one minute for each transaction.

(A helpful tweet later informed me that Giant Food doesn't even exist in Germany. I'm assuming the fraudsters were aiming to take the actual money, rather than buying $1,500 worth of bratwurst.)

After the moment of panic, I called my bank, which promptly put a freeze on my card and started the wheels rolling to send me a new one. I asked about getting the fraudulent charges revoked, but apparently I would have to wait until the transactions went through, which could take up to a week.

Then it was time to change my passwords. I had already swapped a few important ones, like my email and bank code, but now I figured I might as well go onto the full lockdown mode. So over the course of about an hour, I changed every password I have, to every site I can remember. It was probably the time to refresh my passwords anyway. Finally, since it's so close to the end of the month, I had to change all of my automatic payments to a different card, since the new one won't reach me in time.

I'm not sure when, but someone caught the fraudulent charges, and revoked two out of the three of them last night. That gave me back about $1,000, but I might have to wait for the third charge to go through and then start the fraud process with my bank. This was my debit card, so the situation could've been much worse. If the fraudsters had kept going, I'd have had the money I use to pay for food and bills wiped out completely.

I had been assuming that this was all related to the PlayStation Network hackers, but now there's some conflicting information. Sony says that the credit card information was encrypted, and it has no evidence that credit cards were compromised. Bloomberg reported that some of the major credit card companies (though not mine) said that they haven't seen unauthorized activity related to Sony. Meanwhile, the report from Ars Technica, a new one today from the Australian Broadcasting Company, and my own experiences, sound oddly similar.

I'm writing this to get across why it's important to be on your guard. Having your credit or debit card used is a frustrating, stressful exercise. If your debit card is compromised, like mine was, it can even leave you temporarily short on money in your bank account. Most of all, it's an invasion of privacy that leaves you with a different outlook on everyday financial interactions.

Keep an eye on your credit statements, keep in touch with your bank or credit agency, and change your passwords. An ounce of prevention could be worth $1,500 of cure.

Editor-In-Chief
From The Chatty
  • reply
    April 28, 2011 2:15 PM

    Steve Watts posted a new article, Shack PSA: Credit fraud up close and personal.

    I was recently a victim of credit fraud. In light of concerns raised by the theft of personal data from the PlayStation Network, I thought I'd share a little about my own experience and encourage everyone to be safe.

    • reply
      April 28, 2011 2:39 PM

      Steve, get some 1% cash back credit card and use it for everything. Monitor it every month, and always pay it off so you never pay any fees or interest. Don't use a debit card unless you absolutely must. The fraud protection on a credit card and the laws regarding liability are way better than any other way of paying for something. This is the advice I have always been given, I am not a financial advisor, etc.

    • reply
      April 28, 2011 2:42 PM

      This week I've sat in PCI compliance meetings at a doctor's office, a CPA, and two restaurants. All of them had 0 credit card security.

      It is amazingly easy to steal credit card numbers at a small business. It is also very common to see this type of thing.

      It is because of this I've stopped using a Visa check card. If I had $1500 drawn against my credit, no big deal. A new card and I'm right as rain. Even if it took them 3 months to clear that out I would still have enough credit to absorb $1500 and I'd never have to pay any interest or anything like that on those charges.

      With my check card I wouldn't ever be out the fraud but it would be a pain in the ass all the same.

    • reply
      April 28, 2011 2:52 PM

      Kinda odd that 3 high dollar charges from a non-normal location (country?) didn't automatically lockdown the card. I tried to pay for a car repair with my debt card once and THAT tripped the anti-theft stuff with the bank. Bit of a pain to get the charge authed, but I'm glad they had such a high level of sensitivity on my debt card.

    • reply
      April 28, 2011 2:52 PM

      This happened to me back in January after I'd used my debit to buy a bunch of Steam deals. The thief charged about $1600 on it, using forged company names, like in your case. I think it was a virus on my network, not a security breach of Steam. Unless you use the card conservatively or for one bill, then it's difficult to determine how they stole your info. I used my card for everything however. Luckily I bank with USAA, and they kick ass, so it wasn't a huge problem. They tracked the largest charge ($1000 or so) to Japan. I hope the hacker lived on the coast. ...what?

    • reply
      April 28, 2011 2:55 PM

      I had mine stolen on day 3 of a 7 month deployment (my ONLY personal CC i took)... yea that was fucking gay. it was like 20 $1 charges to Itunes

    • reply
      April 28, 2011 2:59 PM

      I'm fucking nuking everything on my computer from orbit tonight.

    • reply
      April 28, 2011 3:00 PM

      this is why I don't understand why people use debt cards. i've had my credit card number stolen before and I called the company, they reversed the charges and sent me a new card. problem solved.

      • reply
        April 28, 2011 3:10 PM

        Yeah, even simple accidental duplicate charges can be a big PITA with a debit card because that shit takes real money away from you the instant it happens, and it always takes way too long to get it back.

        • reply
          April 28, 2011 4:05 PM

          Yup. Same here. I'm credit card and ATM card only. No debit cards. No automatic withdrawals from my bank account. Only *I* have access to my money (theoretically).

      • reply
        April 28, 2011 3:44 PM

        Exactly, using a debit card is very risky since it's tied directly to your money. Credit cards are much safer and easier to reverse fraudulent charges.

        I've had people tell me that they prefer debit cards because it helps them to limit their spending and not go into debt, but if that's your goal then use a pre-paid credit card that you put a limited amount of money into every month. Still not quite as safe as a normal credit card but it's better than a card that takes money from your bank account.

      • reply
        April 28, 2011 4:16 PM

        This is true. That and it helps build credit.

      • reply
        April 28, 2011 5:53 PM

        My bank did the same thing for my debit card. I don't understand the problem?

    • reply
      April 28, 2011 4:14 PM

      I use an Amex for everything. Their fraud protection is fantastic. My number got stolen somehow a year ago and was used to purchase a $1000 ticket to Turkey. The charge was auto-blocked, they flagged my account and called me to confirm the purchase. I said hells no that wasn't me, the card was cancelled, and a new one was mailed which I received the next day less than 24 hours after speaking with them.

      • reply
        April 28, 2011 5:55 PM

        That Steve Watts guy is pretty shady.

    • reply
      April 28, 2011 5:26 PM

      I suspect a lot of fraudsters are using the PSN debacle to cover their own nefarious misdeeds.

    • reply
      April 29, 2011 2:17 AM

      burn the internet down, we need a new way to pay online

    • reply
      May 2, 2011 9:50 AM

      I got two fraudulent charges in November from Full Tilt Poker. $500 at 11:59 PM and $500 at 12:01 PM the next day. I use my cards online all the time; I have no idea where the info got leaked. My bank reversed the charges and sent a new CC. Still makes you feel like crap when it happens, though.

Hello, Meet Lola