Guest writer Dave Brooks, a vastly experienced computer Tech from New Hampshire, who is an expert at online safety, shares this chilling story on why even exercising proper security measures won’t guarantee your online financial safety.
Bill is constantly trying to pound security into his reader’s heads, and with good reason, but unfortunately, no matter how careful you are, there are things that are beyond your control when buying stuff online.
Case in point: at Bill’s request I’m going to relay a recent unnerving personal experience, if only to show that even the most security conscious are still at risk.
I’m very online safety/security conscious and I buy online only from reputable, well known stores. My online bank account password looks like an alien language, my ATM pin is 8 digits long (compared to 4 or so many people use), and I monitor my account closely.
Even so my ATM card number was recently used, in the middle of the night, in Georgia, while I was sound asleep in New Hampshire. Luckily Bank of America has decent monitoring, and I have a ton of alerts set up to email me when certain things happen with my account.
I woke up in the morning to find an alert that my card was used while I was asleep, and an email from Bank of America that they had detected suspicious activity on my account, had frozen the transaction, and placed a lock on my account to prevent further activity.
The charge was for the amount of $1.22; it’s apparently common practice by those that use stolen card numbers to make a small charge such as this to confirm that the number is good before using it to make larger purchases.
Thanks in part to my diligent monitoring, and Bank of America’s account monitoring system, the thieves were never able to get to step two and spend my hard earned cash on god knows what.
A call to the number provided in the alert email I got from the bank (after confirming it was in fact their number by matching it up on the Bank of America website; phishing emails are pretty convincing nowadays!), confirmed the illegal activity. Bank of America cancelled my ATM card, and cancelled the charge, and a trip to my local bank branch netted me a new ATM card.
My number was likely stolen from a hacked online database of a company that I had made an online purchase from in the past, but there’s no way to confirm this – it could have just as easily been a dishonest employee from a local store where I used my card.
I have since opened a second account with an ATM card, and use only that account for online purchases, (I had been contemplating doing this for a year or more or more, but never did),
I keep a balance of about 5 bucks in it, and when I want to buy something online, I transfer the purchase amount from my main account to the “internet” account to cover it. At least that way, my main account is less exposed, and if it happens again I’ll be able to determine if it was the “internet” or “local purchase” that led to the compromise.
Bottom line here is, even though you think you’re safe, if you purchase stuff online, your bank or credit card info is out there for the taking. The best you can do is keep a close eye on your accounts for suspicious activity, and try to minimize possible damage that might be done if your card number is stolen.
Guest Writer: This is a guest post by Dave Brooks a professional computer technician from New Hampshire, USA. Dave has become a regular guest writer, who’s articles are always a huge hit.
Pay a visit to Dave’s site at Tech-N-Go, and checkout the Security Alerts.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.
7 responses to “Think You’re Immune From Online Fraud? Maybe Not!”
Dave, and Bill
Great post, you can never be too careful and even when you are some slacker policy similar to the whole T.J. Max debacle can nail you. Their stores were using WEP encryption on their wireless transactions and hackers were able to gain access to the main database.
In the States we can get a single use number from many of our credit card companies as well as PayPal. This still can be hacked theoretically but it lowers your target profile and removes you from the “low hanging fruit” category.
I saw this morning that the TJM hacker was sentenced to 20 years. Finally, this type of exploit is beginning to be taken seriously.
Excellent article by Dave (at Tech-N-Go). Will have to add his site to my tech link collection…
I too know someone personally where their bank account was henpecked (some years back). The cybercriminal in this case actually walked away with an estimated couple hundred bucks before the account owner picked up on it. Important to pay attention to the smallest of details in our accounts.
Dave is really at the top of the Tech game. An excellent man to bounce ideas off.
Excellent article from Dave. Hearing it from someone with his experience really makes me think.
The article definitely shows that despite the fact some things are out of your control, in a way, we can still modify and reduce even those risks.
Thanks for coming by.
Pingback: Dave Brooks – You’re the Best! « Bill Mullins' Weblog – Tech Thoughts