It never happens to ME....but it does :(

[Zak33]

Credit Card fraud.....via the only place I ever used it....the Web
And that was in JULY......

Now the Zone Alarm has only been down twice in all that time, and even then, I clear my Internet cache, and password stuff every week. PLUS....surely Hertz Renta Car web page was a web page that my details went in at THERE end, not into MY PC...( Idont know the word for that, but you do )

Just checked my internet account, and there was £9 from a Company called EROS Entertainment INCSECAUCUS USA.

So I rang my Natwest people, got through to Credit card fraud and they said "Oh...so the transactions from TODAY aren't yours either?"

"Err.......no...but Id be interested to know what they are"

"A watch company for £60, an AOL payment for ....blah blah blah...."

A tidy sum.....and I wanna know HOW and WHO?

:grr:

What happened...? Scanned? Hacked? Trojaned? I use Zone Alarm all the time except last Thursday when Jiff had a go at my PC remotely......so in that short time, did I get whacked?

I use Hpuse call weekly and it shows me free from Viruses etc.

What more must I do?

I hate the world right now.......

[Paul Adams]

Firstly, sorry that this happened to you.
But on the bright side, if it's a credit card then you should be covered so you won't lose out (not much of a consolation, but hey).


Are you saying you've only ever used your credit card in one place on the Internet, at Hertz, back in July?
Nowhere else, ever?

The page where you did the booking, do you remember was it via SSL (https://...)?
You didn't get any warnings about the certificate when it loaded, and there was a padlock in the bottom-right corner of your browser?

You are right in that any transaction on the Internet of a sensitive nature is done in real time and securely - i.e. the data you submit goes down an encrypted tunnel to the other end and is not stored on your system anywhere.


I would be incredibly surprised if your PC was "hacked", I have yet to come across any genuine case where an intruder gained access to someone's PC in real time to grab data.
The current fad is around trojans which grab keystokes and log them to a file, then broadcast them into an IRC channel or upload them to a server on the Internet - this is a possibility and should be removed as one asap.

Get a trial copy of another AV program to complement the one you have - also I think Symantec have an online scanner which can check your entire hard disk (I ran it at work once and it found my dummy virus in my IE cache so it seems to work pretty well).


Another possibility is that the site you used your card on has had an intrusion and their database ransacked - not so common these days, but even financial companies like egg had it happen to them a few years back, so it can't be ruled out.

It's possible (though unlikely) that someone managed to generate your credit card number at random by pure luck using a CC number generating tool.
I say it's unlikely as they'd not know your name and expiry date on the card if any of the places that were duped asked for them.


Check through your ZA access log - any programs requesting access to the Internet that you allowed, but don't recognise?
If so, what kind of access, and where were they trying to go?

[Kezzer]

That's never happened to anyone i know, very unlucky i must say. Hopefully you should be covered though so you're ok there.

It would be surprising if you were hacked or something like that. Your firewall must have been down at the time or something in order for that to happen.

[Zak33]

I only used the card twice this year.......once on Hertz and once with Natwest (on the phone)

ow Natwest take full responsibilty and tell me nothing from now on.....so I dont know if its an internal problem with Hertz or Natwest or what!

For the General Public, thats probably enough....for me...I wanna know WHAT did it

Firewall was down once for 20 minutes.....so maybe...

gonna get Norton in and update it and we'll see .

Cheers guys

[Zak33]

Nortons up and updated...nowt.

Had to allow IT to access the net through umpteen more additions to Zone Alarm.......I hate this..........my PCis now full of crap....Cntrl Alt Del shows up over a page full...

Fresh install time methinks

[Paul Adams]

To be honest mate, if you've only used your card ONCE through your PC, and you don't have a text file on your desktop called "My Credit Card Details.txt" then I doubt it was lifted from your machine at all.

HTTPS pages are never cached, never use cookies, and are transmitted securely - the endpoints are the only potentially vulnerable bits:
- client end - possibility of keylogger trojan
- server end - vulnerability exposing database to intruders

The client end is relatively easy to check, if 2 AV products say it's clean then I would discount it - unfortunately you will never get satisfaction on the server end as even if they found a flaw and that they'd been intruded, you'd never find out.

Remember that your CC details, if only ever entered this one time, were only potentially obtainable (from your end) at the exact time you entered them - i.e. back in July.

Recent occurrences of your firewall being down for 20 minutes or whatever is irrelevant.

The bank will now take care of tracking the purchases, and can cross-reference to see if there is a site which has had data lifted from it (a very basic example - if 10 people are all subject to CC fraud and have used Hertz's website, it's not a good sign).

As I said, don't expect to hear anything back on their results - security matters are dealt with internally or between the companies involved (if a company is found to have been hacked, the banks can get compensation from them in the same way you got insured by the credit card company).


All that said, it's never a bad idea to rebuild a suspect system, if only for peace of mind - just remember to back up any data before you format (somehow I always forget something!).


I doubt it will make you feel any better, you have probably now got a fear of using the Internet for purchases, but I have used a variety of cards for net transactions for years without problem.
This doesn't go a long way to reassuring people as to the security of the Internet for eCommerce

[Trickle]

>Recent occurrences of your firewall being down for 20 minutes or whatever is irrelevant

This is correct. Whilst Trojan/spyware could possibly be the reson... and ZA can help against these by blocking outgoing - Although I prefer Sygate for itd display of applications and options to accept only known dll's etc.

Its more likely to be a browser exploit or not even PC based - could even be an insider job at the company. I dont like useing IE because I dont trust it (and I tend not to keep up with patches).

Your password. Do you use the same one for everything (like half the peeps where I work do)? Do you give your work password out - in order to give your access to a college in order to get the job done because your IT staff are inflexible/inaccessible - thus

Half the people I know tend to use the same password wherever possible (even I tend to), keep it written down etc and will then use it online with the same email address for every site they use. Often this is all you need to log into a site thats been used in the past. Your cookies leave a trial. Even Amazon has the facility to seach for peoples names - I found my Aunts wish list on there that way.

Too many possible explanations

[Zak33]

Cheers blokes....thanks for the words of advice.

[Moby-Dick]

its also possible that your card had been "skimmed"

basicly someone can clone your card details (esp while you are on holiday - if they let you have one ) when they take your card at a restaurent for example.

a quick google shows the following info

http://news.ninemsn.com.au/Sci_Tech/story_47216.asp

[Trickle]

I think he said h'ed only ever used it on the net? Or perhaps it was that he only got it for the net, then used it elsewhere?

[nichomach]

It's also of course entirely possible that fraud occurred at the bank/CC company; the reason why most are so ready to indemnify their customers is that they know that around 90% of banking/CC fraud is committed by bank/CC employees. You'd be a prime target, I'd have thought - only used the card once, and not recently, there'd be a fair chance that you wouldn't even read the statements.

[Zak33]

I think Nicho is closest by far.....I must stand out a mile "in house" at a Credit Card company as someone who doesnt use it much and therefore doesnt check often......ironically...if they had waited 1 more day it wouldnt have shown up on my statement for another month.....fools

Luckily I check online every day

Cheers dudes