PSA to anyone who shops at newegg.com. It would be wise to watch your accounts - Page 2

Site Notices

[ARCHIVED THREAD] - PSA to anyone who shops at newegg.com. It would be wise to watch your accounts (Page 2 of 2)

Posted: 1/5/2012 6:28:32 AM EDT

[#1]

Quoted:
Sorry, I have to yell this:

NEVER USE A DEBIT CARD FOR AN ONLINE TRANSACTION.

Use a credit card only. You are pretty well protected if you use a credit card. As the OP has discovered, a compromised debit card means the money is fucking gone man.

Untrue.

You actually are usually better off these days with a debit card. First your bank will usually catch it and it can be reversed that way, and if you are smart enough to bank at a small loal bank it simply takes a phone call or walking in the branch.

Been there, done that.

In addition, Visa and Mastercard both have zero liability policies if your bank fails to make it right.

Right from the Visa website:

What happens if someone steals my Visa Debit card and uses it fraudulently?
If your Visa Debit card is lost or stolen and fraudulent activity occurs, you are protected by Visa's Zero Liability policy.* That means 100 percent protection for you. Whether purchases occur online or off, you pay nothing for fraudulent activity.

If you notice fraudulent activity on your Visa Debit card, promptly contact your financial institution to report it. It is important to continually monitor your monthly statement to identify any unauthorized transactions.

So with a debit card you actually have 2 avenues of recourse, first your bank, second Visa/Mastercard.

The only time you may have a hard time is if your card AND pin get compromised and the make a fake card and use your PIN. 99.9999% of debit card fraud isn't this advanced. and even then if you choose your bank well they will make it right.

Posted: 1/5/2012 6:29:59 AM EDT

[#2]

Quoted:
Years ago my mom started to have some unauthorized charges to her credit card account. They included things like blockbuster online, and random online orders. Well I started to call the different phone numbers listed for each transaction. With each phone call I was able to gather bits and pieces of information about the person who did it. Each time I called a new place I used the previous information I got to make the next place think I was the person who bought the item and they believed I was him,. I would ask things like "what address do you have listed", then on the next one I would ask "what phone number do you have listed for me?" Well eventually I got the persons full name, phone number, address, etc etc. I called the son of a bitch, and his initial silence proved his guilt to me. He mumbled and tried to make up excuses etc etc. I don't remember the exact conversation, but I swore at that man up and down. He would hang up and I would call back. He theatened to call the police, but he lived in Virgina and I lived in Illinois. I asked him what he would say to the police, and he ended up apoligizing. I called her credit card company and gave them all the information I had gotten, and left it up to them.

Wow.

Someone on the site is/was involved in credit card security. I'd be interested to know if what you did is more than the police/DAs/CC companies would have done.

Hackers and CC thieves should be neutered so they don't reproduce.

eta: my Citi card has a "Virtual Card" option. You can go to the site, call it up and get a "Virtual CC#" tied to your account. You enter this # and the 3 digit security code for your online purchases which appear on your next statement as if you used your actual card. I use this and recommend it.

I don't believe you can jot it down and use it for a FTF purchase.

Posted: 1/5/2012 6:36:13 AM EDT

[#3]

Quoted:
Sorry, I have to yell this:

NEVER USE A DEBIT CARD FOR AN ONLINE TRANSACTION.

Use a credit card only. You are pretty well protected if you use a credit card. As the OP has discovered, a compromised debit card means the money is fucking gone man.

"IF" it happens to mine, I get my money back the same day. Don't know what experience you've had that would leave you to believe this....

Posted: 1/5/2012 6:46:25 AM EDT

[#4]

Quoted:

Quoted:
Sorry, I have to yell this:

NEVER USE A DEBIT CARD FOR AN ONLINE TRANSACTION.

Use a credit card only. You are pretty well protected if you use a credit card. As the OP has discovered, a compromised debit card means the money is fucking gone man.

"IF" it happens to mine, I get my money back the same day. Don't know what experience you've had that would leave you to believe this....

Even if the bank makes you whole in time, the money is gone from your account instantly, and gone until the bank decides to credit you. In some cases they may not, and yes, it depends on the bank. Why would anyone even risk this, when using a credit card has zero liability?

Posted: 1/5/2012 7:02:40 AM EDT

[#5]

I'm not making the connection, sorry. Sucks that your info was compromised. It happens sometimes. My mother never makes online purchases and yet her number was stolen by some Africans several years ago that had apparently gotten lucky with a randomly generated number.

Posted: 1/5/2012 7:09:57 AM EDT

[#6]

I have purchased several hundred dollars worth of PC parts on Newegg.com for 10 years. Sorry you had trouble, but I'd bring this up with Newegg themselves, they're extremely responsive to customer inquiries and will certainly help you if they are at fault.

But that would be too easy.

Enjoy shopping at shitty, shady websites. Chances are you have something on your PC keylogging or browwer intercepting data before it POSTs.

Posted: 1/5/2012 7:25:20 AM EDT

[#7]

Good to know, I will have to keep an eye out as I have used newegg.com a month or 2 ago to purchase some items for Christmas presents.

Although I used paypal for payment and do no use my card directly on their site. One of the few times I use my paypal is for certain online vendors like them as I do not like entering my card info to order online, otherwise I am not a big fan of paypal.

Posted: 1/5/2012 7:30:28 AM EDT

[#8]

Quoted:
Good to know, I will have to keep an eye out as I have used newegg.com a month or 2 ago to purchase some items for Christmas presents.

Although I used paypal for payment and do no use my card directly on their site. One of the few times I use my paypal is for certain online vendors like them as I do not like entering my card info to order online, otherwise I am not a big fan of paypal.

Newegg is a perfectly safe site. They use 256-bit encryption and if you use a VISA-branded card, 3rd party VISA verification. I am sure the same exists for Discover and other providers.

The only way the OP got compromised is if his PC had something grabbing data before it made it to Newegg's servers. The chances of somebody having plain-text access to the database (which would be monumentally stupid for it to even exist––the company I work for uses a 5-token "ring" to store sensitive customer data, where you need to compromise all 5 to gain access to anything inside) and stealing his credit card are about nonexistent.

Posted: 1/5/2012 2:46:11 PM EDT

[#9]

Back with good news. As other's have suggested in this thread, I was wrong. It seems in my state of anger I was too quick to point fingers. My fault and my bad. Still, the 10 min driving distance between the Newegg shipping point and the VZW charge was an odd coincidence with some crazy odds.

The Verizon charge was indeed someone who called in to pay their bill and their own fraud department took care of it, it just didn't reflect the credit to my account until this afternoon. Whoever got my info apparently still owes Verizon $320.97.

A phone call to customer support at bodybuilding.com took care of that one, a helpful and very sexy voiced bunch they were I might add. Active Ashley, what a name for a customer service rep lol.

The skype charges aren't that big of a deal now that the big ones are taken care of. The account manager I spoke with at my bank insists I'll get my money back either way, though I first have to wait until they clear. I just have to sign a form and I get the money back instantly while they resolve it.

Quoted:
OP, update your anti virus and do the deepest scan possible of your computer. I'm quite sure a trojan or keylogger is how my debit card was compromised.

This is exactly what it was. There was a trojan with all kinds of nasty spyware etc. Sadly, the combination of Malwarebytes, Avast, and McAfee couldn't prevent or even detect it. I'm not very trusting so I went with your advice and tried another program. Luckily for me SUPERantispyware did the trick.

It appears someone on my desktop's non password protected guest account, with no admin priveledges, was up to no good and compromised my PC. Again, it nothing to do with Newegg at all. I suspect my younger brother.

Lesson learned, shit's on lockdown down. Nobody is using my stuff without my discerning eyes looking over their shoulder.

I've got to give it to the the bad guys on their ingenuity though. Their methods are amazing in a technical sense. Whoever made tools they use is a very crafty and intelligent mofo.

ETA: Oh, and what better way to spend the money I got back, eh?

Posted: 1/5/2012 2:50:49 PM EDT

[#10]

I've purchased over $150k from newegg and never had this problem

How about don't type in your credit card data on a machine full of spyware/malware.

This is not neweggs fault

Posted: 1/5/2012 2:52:28 PM EDT

[#11]

Quoted:
Sorry, I have to yell this:

NEVER USE A DEBIT CARD FOR AN ONLINE TRANSACTION.

Use a credit card only. You are pretty well protected if you use a credit card. As the OP has discovered, a compromised debit card means the money is fucking gone man.

I'm getting all the money back. All the separate fraud departments at the various companies involved are more or less on top of their shit. Still, I'm probably going to use a prepaid card or something from now on, as someone else suggested.

Posted: 1/5/2012 2:54:04 PM EDT

[#12]

Quoted:
I've purchased over $150k from newegg and never had this problem

How about don't type in your credit card data on a machine full of spyware/malware.

This is not neweggs fault

Isn't that what I just said in the update?