Online Fraud -- how can I protect myself.

[JB]

I noticed an unusual charge of around $2,000 on my credit card statement so I called the credit card company to dispute the charge. Then I noticed a package notice that the usps left for me that's from the same company. Turns out that someone got my credit card number and address, set up an account on paypal, and bought an item on ebay. I called paypal and it doesn't sound like the item is worth very much, so I am suspicious that the ebay store bay be complicit. I tried to contact the ebay store though the phone number on their website but have been unable to get through.

I looked through recent purchases with the card and there is a recent online purchase that may have resulted in my personal information being compromised.

So far I have talked with PayPal and they are investigating. I also canceled the credit card.

I'm generally pretty careful when it comes to electronic security, but now I am wondering if I should be doing more.

Any suggestions? Should I contact the store that may have compromised my personal information?

 

[chinaco]

Place a fraud warning with the credit rating companies (e.g. equifax) it is good for 90 days. You can renew it if you need.

You can probably put a freeze on your credit information with the credit rating companies if you want.

I closed my ebay account because I did not use it regularly.

If I were you, I would make sure my computer was secure (no key loggers, etc).

Once I knew my PC was secure, I would change my passwords on any online accounts that you use.

The only measure I know of today (besides the credit freeze) is to educate yourself be careful and vigilant.

 

[cantlogin]

My experience with Paypal is that they are unresponsive to security and fraud issues.

 

[donheff]

I recently files a complaint with Paypal over an eBay vendor who never sent me the items I purchased and stopped responding to my inquiries. Paypal "opened an investigation" which I think amounts to sent a query to the vendor. That investigation remained open for several weeks and then the items arrived. I guess the vendor was worried about a negative reponse from Paypal if they couldn't document my receipt of the items.

 

[Nords]

Then I noticed a package notice that the usps left for me that's from the same company. Turns out that someone got my credit card number and address, set up an account on paypal, and bought an item on ebay. I called paypal and it doesn't sound like the item is worth very much, so I am suspicious that the ebay store bay be complicit. I tried to contact the ebay store though the phone number on their website but have been unable to get through.
So far I have talked with PayPal and they are investigating.

If you have a cash balance in your own PayPal account, empty it out right now before PayPal gets all officious about your complaint.

Is there a possibility that the fraudster also linked your checking account to that PayPal account? If you have your PayPal account linked to your checking account, then you may want to close your PayPal account and consider changing your checking account number.

Definitely dispute the charge on the credit card. They'll reverse charges, which will motivate PayPal to finish their investigation.

I can vouch that leaving negative feedback on eBay will stir up the hornet's nest. (Heck, it's darn near impossible to leave even neutral feedback.) Including the phrase "credit card fraud" could only make it more interesting. You'll hear from the (aggrieved & suddenly motivated) seller, you'll hear from eBay, and you'll get some action from PayPal.

If you haven't already, you might want to take on the merchant who lost control of your credit-card info. That might need a dispute on their charge, a letter to their local BBB, and another complaint to eBay/PayPal.

I'm surprised the merchandise came to your address and not somewhere else. Either the seller committed the crime and didn't care where the shipment went, or the crook couldn't persuade the seller to deliver the shipment to a place other than the billing address, or the crook lives local and was planning to hook the package off your doorstep before you noticed the delivery.

Are you able to track down the IP address or the ISP of the seller (the presumed crook?) or whoever opened the PayPal account? I don't know if that can be requested from PayPal or if it requires a different set of skilz.

http://www.early-retirement.org/forums/showpost.php?p=493331&postcount=13

http://www.early-retirement.org/forums/f28/a-problem-on-ebay-26431.html

 

[Rustward]

It is difficult to say where your information might have gotten into the wrong hands. My card number and name were recently used without my knowledge. We had been out of town at the time this happened -- hotels, restaurants, gas... Given the timing, if it occurred at one of the merchants we used, it would likely have been limited to perhaps two merchants -- a retailer and a restaurant. I remember in the restaurant thinking the waiter was a little shady looking, and when I paid he disappeared with my card for a while even though there was a waiter station within my view. The card might have been skimmed. There is no proof of anything wrong there, other than my subjective observations.

Later I found out that small merchants sometimes use credit card "processors" and the merchants have almost no control over your card info when it goes through one of those processors. If one were going to skim large numbers of cards, one of these "processors" would be a good place to do it. But I really don't know exactly how my info got out. In this case, the merchant that the crooks used to open a $100 gambling account caught the fact that the crooks used the wrong address on their account and credited the $ back to my account on their own volition. When I found out I did a security transfer of the account to a new account number.

Noticed this just looking at my online card information after getting home. So now I check it several times per week. I don't know how you could keep this from happening.

Wish I had some suggestions. Just be as observant as possible, observe often, and question anything that looks even remotely out of line.

 

[dex]

Put this all in witting the the companies involved - not e mail - keep copies to protect yourself.

 

[JB]

Place a fraud warning with the credit rating companies (e.g. equifax) it is good for 90 days. You can renew it if you need.

You can probably put a freeze on your credit information with the credit rating companies if you want.

I closed my ebay account because I did not use it regularly.

If I were you, I would make sure my computer was secure (no key loggers, etc).

Once I knew my PC was secure, I would change my passwords on any online accounts that you use.

The only measure I know of today (besides the credit freeze) is to educate yourself be careful and vigilant.

Thanks for the suggestions. I'll will look into the credit freeze. I don't think it was my computer that was compromised. I have two firewalls, one external, and the XP firewall, run AVG once in awhile, and don't do anything risky. Although, the thing that really bugs me is that there is no way to be 100% sure.

 

[JB]

My experience with Paypal is that they are unresponsive to security and fraud issues.

I didn't expect much from PayPal, but they were responsive and cooperative. I only had to wait for a few minutes to speak with someone and they immediately told me what happened, and closed the account. They even gave me a detailed description of the item that was purchased. I was surprised at how responsive they were. Maybe they are getting better.

 

[JB]

If you haven't already, you might want to take on the merchant who lost control of your credit-card info. That might need a dispute on their charge, a letter to their local BBB, and another complaint to eBay/PayPal.

The thing is that I can't be sure that this is the merchant to lost control of my information. PayPal told me that the fraudster had my credit card number, and billing and shipping addresses. I looked over my statement and realized that I had given this information to another vendor just a few days before the fraud occurred. It's possible that their e-commerce system is compromised somehow, either via an employee, or remote criminal. I am thinking of calling them to let them know but I don't think there is any benefit for me.

I'm surprised the merchandise came to your address and not somewhere else. Either the seller committed the crime and didn't care where the shipment went, or the crook couldn't persuade the seller to deliver the shipment to a place other than the billing address, or the crook lives local and was planning to hook the package off your doorstep before you noticed the delivery.

This is exactly what I've been thinking about. Either the ebay seller is the fraudster, or they are working together, or the fraudster was planning to take the item from my mailbox. But the Ebay seller has a long positive history, and from PayPal's description, the item isn't worth much.

The item is sitting at the post office right now and I am very tempted to pick it up to see what's inside, but I think it's probably better to have it returned.

Are you able to track down the IP address or the ISP of the seller (the presumed crook?) or whoever opened the PayPal account? I don't know if that can be requested from PayPal or if it requires a different set of skilz.

http://www.early-retirement.org/forums/showpost.php?p=493331&postcount=13

http://www.early-retirement.org/forums/f28/a-problem-on-ebay-26431.html

I doubt paypal would give me the IP address, and even if they did, it's likely to be from an internet cafe, or an anonomizing proxy. Even if it was a residence, I'd have to sue the ISP to release the name.

 

[JB]

Put this all in witting the the companies involved - not e mail - keep copies to protect yourself.

Good idea. Right now I only have the names of the reps I spoke to, and the case numbers.