Calguns.net  

Home My iTrader Join the NRA Donate to CGSSA Sponsors CGN Google Search
CA Semiauto Ban(AW)ID Flowchart CA Handgun Ban ID Flowchart CA Shotgun Ban ID Flowchart
Go Back   Calguns.net > GENERAL DISCUSSION > Technology and Internet
Register FAQ Members List Calendar Mark Forums Read

Technology and Internet Emerging and current tech related issues. Internet, DRM, IP, and other technology related discussions.

Reply
 
Thread Tools Display Modes
  #1  
Old 09-22-2009, 4:50 AM
halifax's Avatar
halifax halifax is offline
Veteran Member
 
Join Date: Oct 2005
Location: Mendocino County
Posts: 4,418
iTrader: 11 / 100%
Default Online Purchases and CC Theft

For the second time my CC has been fraudulently used after placing an order online. The first time it was minutes after placing an order with Sportsman's Guide about a year ago. Last week, it was an order I placed at a NY company for an Ohaus scale. Nothing fishy about either site, both claimed "secure" online ordering. How is my CC info being stolen? At the NY site, my CC was used by someone in New Orleans only minutes after!!

WTH

BTW, I've got the email address of the person who used my card in NO but what do I do with that information? (Fradulent charge was <$100.)
__________________
Jim


Reply With Quote
  #2  
Old 09-22-2009, 4:59 AM
THT's Avatar
THT THT is offline
Calguns Addict
 
Join Date: Mar 2009
Location: Missouri
Posts: 5,573
iTrader: 166 / 100%
Default

Are you sure your machine is clean? No keystroke logger/malware found its way onto your PC?
__________________
Ty | 815.246.AR15 (2715) | info@midwestpx.com



Magpul | Mega Arms | LMT | Hiperfire | ODIN Works | Multitasker
Spike's Tactical | Fortis | Centurion Arms | Limited Capacity PMAGs

FREE SHIPPING ON $150+ ORDERS!
Reply With Quote
  #3  
Old 09-22-2009, 5:04 AM
halifax's Avatar
halifax halifax is offline
Veteran Member
 
Join Date: Oct 2005
Location: Mendocino County
Posts: 4,418
iTrader: 11 / 100%
Default

I'm using ESET Smart Security and scan weekly. It has never found anything. The NY order was placed from work which is supposed to be secured (TrendMicro, I think).
__________________
Jim



Last edited by halifax; 09-22-2009 at 5:09 AM..
Reply With Quote
  #4  
Old 09-22-2009, 6:22 AM
ocabj's Avatar
ocabj ocabj is offline
Calguns Addict
 
Join Date: Oct 2005
Location: Riverside
Posts: 7,126
iTrader: 39 / 100%
Default

It's possible that the vendor is compromised. Having a secure connection between the client and server is pointless if either is already compromised.

I had one CC with fraudulent charges recently and I've used the CC with legitimate vendors, but who were smaller outfits. It's most likely one of their servers which received the CC information was compromised.
__________________

Distinguished Rifleman #1924
NRA Certified Instructor (Rifle and Metallic Cartridge Reloading) and RSO
https://www.ocabj.net | http://jocabphoto.com

My AR15 Service Rifle - Used for CMP/NRA High Power Service Rifle Competitions
My Eliseo R5 (Remington 700) Tube Gun - Used for NRA High Power (Match Category) Competitions
My M1 Garand Service Rifle - Used for JCG Matches, rebuilt by Dean's Gun Restorations
Reply With Quote
  #5  
Old 09-22-2009, 6:26 AM
scott.cr scott.cr is offline
Member
 
Join Date: Feb 2006
Location: Los Angeles, Calif.
Posts: 202
iTrader: 5 / 100%
Default

I JUST got nailed by some CC fraudsters. It was about a week after a trip to Florida... Florida, as I understand it, is quite the hub of credit card fraud. There are two ways I can think of that my CC info was stolen.

1. Waitress at Hooter's. (She took my card away to charge it to settle the bill.)

2. Info stolen over hotel's unsecured WiFi. BUT!!! I was purchasing over a 128 bit SSL... so this seems somewhat unlikely.

They charged my CC $1,800 over its limit and the bank never even said anything!!! I went to buy gas BEFORE this all happened and the card was declined. I ended up having to call the bank for an identity check.

BTW this is an HSBC card.
Reply With Quote
  #6  
Old 09-22-2009, 6:29 AM
halifax's Avatar
halifax halifax is offline
Veteran Member
 
Join Date: Oct 2005
Location: Mendocino County
Posts: 4,418
iTrader: 11 / 100%
Default

Quote:
Originally Posted by THT View Post
Are you sure your machine is clean? No keystroke logger/malware found its way onto your PC?
Just scanned my computer at work with Trend Micro, it came up with dozens of Cookies flagged as spyware. Can cookies be a problem with CC information and access by un-desirables?
__________________
Jim


Reply With Quote
  #7  
Old 09-22-2009, 7:10 AM
glcK23 glcK23 is offline
Junior Member
 
Join Date: Sep 2009
Location: Riverside, CA
Posts: 32
iTrader: 0 / 0%
Default

Yes I believe Keyloggers can be implemented in browser cookies.

I would try SuperAntiSpyware trial to detect anymore malware/spyware.
Reply With Quote
  #8  
Old 09-22-2009, 12:07 PM
sfwdiy's Avatar
sfwdiy sfwdiy is offline
Senior Member
 
Join Date: Feb 2008
Location: Hollywood
Posts: 2,135
iTrader: 6 / 100%
Default

Quote:
Originally Posted by halifax View Post
For the second time my CC has been fraudulently used after placing an order online. The first time it was minutes after placing an order with Sportsman's Guide about a year ago. Last week, it was an order I placed at a NY company for an Ohaus scale. Nothing fishy about either site, both claimed "secure" online ordering. How is my CC info being stolen? At the NY site, my CC was used by someone in New Orleans only minutes after!!

WTH

BTW, I've got the email address of the person who used my card in NO but what do I do with that information? (Fradulent charge was <$100.)
It's very likely that your personal info was compromised in some much more mundane fashion. Most identity theft occurs when people steal credit card statements out of your mailbox or trash can. Also, credit card skimmers are used by restaurant employees to steal card numbers. All the waiter has to do is keep one in his apron and swipe every card he gets though the skimmer as he walks over to the register.

Here's a very small card skimmer:


Your card info is saved on a flash card in the skimmer which is dumped to a PC later.

Card skimmers are getting more and more common on ATM machines as well. They look like this:


These are custom-made to fit over the card slots on many brands of ATMs, as well as the card readers on gas station pumps.

It's also possible that it was an inside job by someone who works for the merchant or the credit card company. Both have been known to occur.

Spyware on your machines is another possibility.

The odds of a third party intercepting your credit card number over the Internet while you're making an online purchase are slim-to-none.

--B
Reply With Quote
  #9  
Old 09-22-2009, 12:52 PM
bigmike82 bigmike82 is offline
Bit Pusher
CGN Contributor
 
Join Date: Jan 2008
Location: W. Los Angeles
Posts: 3,053
iTrader: 59 / 100%
Default

" Yes I believe Keyloggers can be implemented in browser cookies."

No keylogger can be implemented in a cookie. You'd have to use the cookie to do an attack on the browser, and I've never heard of a cookie-based buffer overflow attack in any current browser versions.

You could potentially have a case where someone stores your CC info in a cookie, but the cookie itself isn't a keylogger.
__________________
-- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Reply With Quote
  #10  
Old 09-22-2009, 12:54 PM
sfwdiy's Avatar
sfwdiy sfwdiy is offline
Senior Member
 
Join Date: Feb 2008
Location: Hollywood
Posts: 2,135
iTrader: 6 / 100%
Default

Quote:
Originally Posted by bigmike82 View Post
" Yes I believe Keyloggers can be implemented in browser cookies."

No keylogger can be implemented in a cookie. You'd have to use the cookie to do an attack on the browser, and I've never heard of a cookie-based buffer overflow attack in any current browser versions.

You could potentially have a case where someone stores your CC info in a cookie, but the cookie itself isn't a keylogger.
Yep, a cookie is just a string of text that stores preferences.

--B
Reply With Quote
  #11  
Old 09-22-2009, 12:58 PM
SuperSet's Avatar
SuperSet SuperSet is offline
Vendor/Retailer
 
Join Date: Feb 2007
Location: OC/DC
Posts: 8,951
iTrader: 41 / 100%
Default

This happened to one of the AR15.COM vendors (GTS) last year and it affected many people, including myself. Keep a close eye on your statements.
Reply With Quote
  #12  
Old 09-22-2009, 12:58 PM
Corbin Dallas's Avatar
Corbin Dallas Corbin Dallas is offline
Veteran Member
 
Join Date: May 2006
Location: SD
Posts: 4,367
iTrader: 80 / 100%
Default

There are MANY ways to get your information if you know HOW to get it.

Even "other" open web pages can become keystroke readers.

Best way to ensure a secure connection is to have only one browser open at a time and scan your PC often.
__________________
NRA Certified Instructor: Pistol - Rifle - Shotgun - PPITH - PPOTH - NRA Certified RSO

WTB the following - in San Diego
--COLT Delta Elite 10mm Blued
--Steyr M357A1 357SIG
--Five Seven IOM (round trigger guard)

Never forget - השואה... לעולם לא עוד.
Reply With Quote
  #13  
Old 09-22-2009, 1:11 PM
berto's Avatar
berto berto is offline
Calguns Addict
 
Join Date: Oct 2005
Location: Berkeley, CA, USA
Posts: 7,744
iTrader: 11 / 100%
Default

I got hit over the last month. The home and work boxes are clean. I bought from a few new online vendors and suspect one of them was compromised.

The CC company took care of it but they really need to find some better help in India.
Reply With Quote
  #14  
Old 09-22-2009, 1:23 PM
halifax's Avatar
halifax halifax is offline
Veteran Member
 
Join Date: Oct 2005
Location: Mendocino County
Posts: 4,418
iTrader: 11 / 100%
Default

Quote:
Originally Posted by berto View Post
I got hit over the last month. The home and work boxes are clean. I bought from a few new online vendors and suspect one of them was compromised.

The CC company took care of it but they really need to find some better help in India.

^^^This is the one I suspect happened to me
__________________
Jim


Reply With Quote
  #15  
Old 09-22-2009, 2:56 PM
artherd's Avatar
artherd artherd is offline
Vendor/Retailer
 
Join Date: Oct 2005
Location: North SF Bay Area
Posts: 5,069
iTrader: 1 / 100%
Default

I know a little something about this...

CC numbers by themselves are absurdly easy to compromise. As mentioned it's usually via human error rather than machine. (ie card skimmers, leaks inside the CC companies themselves, etc.)

By comparison it is really rather difficult to snatch your CC number out of thin air when encrypted via an SSL certificate.

The real solution IMO lies in better fraud monitoring and prevention techniques.
__________________
- Ben Cannon.
Chairman, CEO - GPal, Inc.™
CoFounder - GeoVario™, LLC. - the hosting company that brings you Calguns™

Postings are my own, and are not formal positions of any other entity, or legal advice.
Reply With Quote
  #16  
Old 09-22-2009, 4:16 PM
JDay's Avatar
JDay JDay is offline
I need a LIFE!!
 
Join Date: Nov 2008
Location: El Dorado County
Posts: 18,844
iTrader: 5 / 100%
Default

Your information was most likely stolen some other way (mail theft, digging though trash being more common than online) since its not likely that it would be used within minutes of being stolen.
__________________
Oppressors can tyrannize only when they achieve a standing army, an enslaved press, and a disarmed populace. -- James Madison

The Constitution shall never be construed to authorize Congress to prevent the people of the United States, who are peaceable citizens, from keeping their own arms. -- Samuel Adams, Debates and Proceedings in the Convention of the Commonwealth of Massachusetts, 86-87 (Pearce and Hale, eds., Boston, 1850)
Reply With Quote
  #17  
Old 09-22-2009, 4:38 PM
halifax's Avatar
halifax halifax is offline
Veteran Member
 
Join Date: Oct 2005
Location: Mendocino County
Posts: 4,418
iTrader: 11 / 100%
Default

Quote:
Originally Posted by JDay View Post
Your information was most likely stolen some other way (mail theft, digging though trash being more common than online) since its not likely that it would be used within minutes of being stolen.
Are you saying both times were just coincidences?
__________________
Jim


Reply With Quote
  #18  
Old 09-22-2009, 5:16 PM
JDay's Avatar
JDay JDay is offline
I need a LIFE!!
 
Join Date: Nov 2008
Location: El Dorado County
Posts: 18,844
iTrader: 5 / 100%
Default

Quote:
Originally Posted by halifax View Post
Are you saying both times were just coincidences?
Quite possibly. The best thing to do if you want to be safe is to put a fraud alert on your credit, you'll get called to authorize every purchase.
__________________
Oppressors can tyrannize only when they achieve a standing army, an enslaved press, and a disarmed populace. -- James Madison

The Constitution shall never be construed to authorize Congress to prevent the people of the United States, who are peaceable citizens, from keeping their own arms. -- Samuel Adams, Debates and Proceedings in the Convention of the Commonwealth of Massachusetts, 86-87 (Pearce and Hale, eds., Boston, 1850)
Reply With Quote
  #19  
Old 09-22-2009, 9:13 PM
THT's Avatar
THT THT is offline
Calguns Addict
 
Join Date: Mar 2009
Location: Missouri
Posts: 5,573
iTrader: 166 / 100%
Default

Quote:
Originally Posted by SuperSet View Post
This happened to one of the AR15.COM vendors (GTS) last year and it affected many people, including myself. Keep a close eye on your statements.
I thought what happened to Denny/GTS was someone hacked the store admin and skimmed the cards as the orders were placed. I was hit by that one and my AMEX was jacked. The thief promptly joined, I kid you not, match.com, eharmony.com, and truth.com ... three dating sites! Must be a lonely thief lol
__________________
Ty | 815.246.AR15 (2715) | info@midwestpx.com



Magpul | Mega Arms | LMT | Hiperfire | ODIN Works | Multitasker
Spike's Tactical | Fortis | Centurion Arms | Limited Capacity PMAGs

FREE SHIPPING ON $150+ ORDERS!
Reply With Quote
  #20  
Old 09-22-2009, 9:25 PM
artherd's Avatar
artherd artherd is offline
Vendor/Retailer
 
Join Date: Oct 2005
Location: North SF Bay Area
Posts: 5,069
iTrader: 1 / 100%
Default

Quote:
Originally Posted by JDay View Post
Quite possibly. The best thing to do if you want to be safe is to put a fraud alert on your credit, you'll get called to authorize every purchase.
TFAs placed on the 3 big CRAs will actually only restrict opening of new *credit accounts* in your name.

They will not act on the purchase-level.
__________________
- Ben Cannon.
Chairman, CEO - GPal, Inc.™
CoFounder - GeoVario™, LLC. - the hosting company that brings you Calguns™

Postings are my own, and are not formal positions of any other entity, or legal advice.
Reply With Quote
  #21  
Old 09-22-2009, 9:41 PM
SuperSet's Avatar
SuperSet SuperSet is offline
Vendor/Retailer
 
Join Date: Feb 2007
Location: OC/DC
Posts: 8,951
iTrader: 41 / 100%
Default

Quote:
Originally Posted by THT View Post
I thought what happened to Denny/GTS was someone hacked the store admin and skimmed the cards as the orders were placed. I was hit by that one and my AMEX was jacked. The thief promptly joined, I kid you not, match.com, eharmony.com, and truth.com ... three dating sites! Must be a lonely thief lol
You have better details than I.
GTS never informed me that my number was jacked until I noticed several weird purchases. Working backwards, it all went back to GTS so it was definitely a black eye for him.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT -8. The time now is 4:34 AM.




Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2016, vBulletin Solutions, Inc.
Proudly hosted by GeoVario the Premier 2A host.
Calguns.net, the 'Calguns' name and all associated variants and logos are ® Trademark and © Copyright 2002-2016, Calguns.net an Incorporated Company All Rights Reserved.