Jump to content

Security issues with online ordering?

jabow

By jabow,
in General Discussion

 Share Followers 0

Recommended Posts

jabow

jabow

Posted
Posted (edited)

Strange, I haven't used my CC in more than a week, but just today, I ordered on line from Sprue Bros and tonite, my CC Company calls and advised of someone buying $74 worth of shoes in a Wilmeton, DE shoe store. Someone, Sprue or maybe me, has a security issue. I heard just today that MS's operating system was compromised last week. May see a bunch more of this in the future.

Has anyone else had trouble like this in the past?? One other time I ordered some models from an oriental model company, and got a call saying someone in Vietnam ordered CD from Japan!!

I wish model retailers would go back to telephone sells!!

EDIT: Sprue Bros. did contact me tonite about this. Not only do they ship fast, they do everything FAST!!

Good show Sprue Bros.!! Good show!!

Bo Roberts

Edited by SBARC
Link to post
Share on other sites
RiderFan

RiderFan

Posted
Posted
Strange, I haven't used my CC in more than a week, but just today, I ordered on line from Sprue Bros and tonite, my CC Company calls and advised of someone buying $74 worth of shoes in a Wilmeton, DE shoe store. Someone, Sprue or maybe me, has a security issue. I heard just today that MS's operating system was compromised last week. May see a bunch more of this in the future.

Has anyone else had trouble like this in the past?? One other time I ordered some models from an oriental model company, and got a call saying someone in Vietnam ordered CD from Japan!!

I wish model retailers would go back to telephone sells!!

Bo Roberts

Nope, haven't had any problems. Granted I keep a close eye, but never a problem.

But in regards to the telephone sales, that's infinitely worse. A computer transaction is encrypted. It's extremely difficult for someone to get that data and use it against you. With 128 bit encryption, it would take someone longer than the universe has existed to break the code if they made one attempt every second.

Whereas there's no security whatsoever with giving all your CC information to some stranger over the phone.

Link to post
Share on other sites
Crash Test Dummy

Crash Test Dummy

Posted
Posted
Strange, I haven't used my CC in more than a week, but just today, I ordered on line from Sprue Bros and tonite, my CC Company calls and advised of someone buying $74 worth of shoes in a Wilmeton, DE shoe store. Someone, Sprue or maybe me, has a security issue. I heard just today that MS's operating system was compromised last week. May see a bunch more of this in the future.

Has anyone else had trouble like this in the past?? One other time I ordered some models from an oriental model company, and got a call saying someone in Vietnam ordered CD from Japan!!

I wish model retailers would go back to telephone sells!!

Bo Roberts

It happened to me in the spring and it was a couple months between using my card a website that later reported a breach and when fraudulent charges showed up.

Link to post
Share on other sites
PNW_Modeler

PNW_Modeler

Posted
Posted

I can tell you that using your credit card online is safer than going to a restaurant and giving the waitress your card.

In my opinion, the more appropriate thing to do would be find the exact source of the problem before you drag any other party into it.

Many people make the mistake of assuming that someone got their card information from a website that they ordered something from.....99.999 percent of the time that is NOT where the card information was gleaned. More likely than not, your card number was obtained through use of a random card generator. Hackers will find a new online merchant or a merchant that has not established good safety protocol and will run a generator for very miniscule amounts (typically a penny). They get a list of all the numbers that go through....BAM! Shopping spree time! Another option is the aforementioned waitress....you hand her your card to pay your check....that card is out of your sight for at least 5 minutes....plenty of time to casually jot down your card number

Link to post
Share on other sites
jabow

jabow

Posted
  • Author
Posted
I can tell you that using your credit card online is safer than going to a restaurant and giving the waitress your card.

In my opinion, the more appropriate thing to do would be find the exact source of the problem before you drag any other party into it.

Many people make the mistake of assuming that someone got their card information from a website that they ordered something from.....99.999 percent of the time that is NOT where the card information was gleaned. More likely than not, your card number was obtained through use of a random card generator. Hackers will find a new online merchant or a merchant that has not established good safety protocol and will run a generator for very miniscule amounts (typically a penny). They get a list of all the numbers that go through....BAM! Shopping spree time! Another option is the aforementioned waitress....you hand her your card to pay your check....that card is out of your sight for at least 5 minutes....plenty of time to casually jot down your card number

First off, read my edit.

Second off, I'm trying to give others a 'heads up' about the MS database thing!

Thirdly, How does one verify WHO stole my info?? Beats me!!

Bo Roberts

Link to post
Share on other sites
RiderFan

RiderFan

Posted
Posted
First off, read my edit.

Second off, I'm trying to give others a 'heads up' about the MS database thing!

Thirdly, How does one verify WHO stole my info?? Beats me!!

Bo Roberts

Well you've got conflicting information there. "MS's Operating System" and "MS Database thing" are two, completely, different things. Windows is as secure as you make it. Run a firewall and it's extremely unlikely that someone's going to gain access to your machine... that is unless you've given them access to your machine in some other way...which isn't Microsoft's fault. There are litterally dozens of ways someone can obtain your CC information off of your computer, and none of them really have anything to do with Microsoft. Those ways are just as easily accomplished on any machine, Windows run or not.

Link to post
Share on other sites
jabow

jabow

Posted
  • Author
Posted
Well you've got conflicting information there. "MS's Operating System" and "MS Database thing" are two, completely, different things. Windows is as secure as you make it. Run a firewall and it's extremely unlikely that someone's going to gain access to your machine... that is unless you've given them access to your machine in some other way...which isn't Microsoft's fault. There are litterally dozens of ways someone can obtain your CC information off of your computer, and none of them really have anything to do with Microsoft. Those ways are just as easily accomplished on any machine, Windows run or not.

Well, the Computer man today said that the MS breach was a HUGH problem for MS!! The news media did mention something last week about security allowing viruses to be spread.

I do have a secure firewall, and every so often it tells me all is well!! Yeah right!! No such thing as security!! Any defense can and will be overcome!!

Bo Roberts

Link to post
Share on other sites
GreyGhost

GreyGhost

Posted
Posted

That happened with my Dad's CC last year, funny thing was, a shoe company (is it always shoes?) called and asked if the large oder placed with them was legit because the card came up with one address and the order was to be shipped to somewhere in N.C. ...

We contacted the bank and they felt that it was a random number generator that got the number ...

The number was passed around and there were several orders of $200-$400 dollars placed all within 10 hours ...

One thing the bank did recommend to us was only order from sites that require the security number on the back of our cards ...

Everything was caught that was ordered before anything shipped and the bank and CC company were after the culprits ...

The great thing is, they had shipping addresses ...

Gregg

Link to post
Share on other sites
RiderFan

RiderFan

Posted
Posted
Well, the Computer man today said that the MS breach was a HUGH problem for MS!! The news media did mention something last week about security allowing viruses to be spread.

I do have a secure firewall, and every so often it tells me all is well!! Yeah right!! No such thing as security!! Any defense can and will be overcome!!

Bo Roberts

I work in the industry, the only "breach" Microsoft is working on right now is how the heck did their latest HALO game find itself being downloaded weeks before its official release.

Microsoft releases Windows updates on a fairly regular basis. And unlike Apple, they're extremely transparent with what is being updated and where to get more information.

There are something around 1 billion PC's in the world now running some form of Windows..many are very, very, very out of date versions that have never had any type of security update. When you hear horror stories about Windows being cracked and information stolen etc... 90% of the time, it's these old machines that nobody ever bothered to update.

I think if someone has your CC number, either it was grabbed via a number generator as indicated above. Or you've fallen for some email phishing scam and given them access to your information.

Link to post
Share on other sites
Scooby

Scooby

Posted
Posted

My card has been skimmed in the last year and I hardly use it. I am told it may have been skimmed as long as a year ago and that the only internet payment I made was likely the most secure. And that one occured the night of the un-authorized use.

My cc company said cards are skimmed when someone takes your card for payment.

Link to post
Share on other sites
jabow

jabow

Posted
  • Author
Posted
I think if someone has your CC number, either it was grabbed via a number generator as indicated above. Or you've fallen for some email phishing scam and given them access to your information.

Well, for SURE the later is NOT the case.

It just seems odd two times my CC was stolen was right after I ordered on line from a model company NOT near my home, and both times its fraud use was closer to the model retailer, than me!! Wonder if it's not an inside job from the CC company!!

I suggested that to them tonite when they called.

Bo Roberts

Link to post
Share on other sites
RiderFan

RiderFan

Posted
Posted

That's the most common way. That's why I no longer order pizza with my CC. If the pizza company doesn't have mobile debit machines, I go to another place.

On an aside, many of the new "quick pay" credit cards are horribly insecure. This are the CC's that allow you to pay with a purchase just by holding your card up against a reader. Often at Gas Stations and things. These readers are available to purchase off the net for about $20. And they have a very long range. It's very easy for someone with one of these readers and a netbook sitting in their backpack, to simply walk around a crowded mall and read all the quick pay credit cards that come with in 10 feet of the person. You can actually buy wallets now with mesh linings to prevent the cards from being read without your knowledge.

http://www.idstronghold.com/

Okay yeah, it's the same guy that sells 'cash for gold' but the problem is legit and the sleeves do actually work... and no, I have no affiliation with that company at all. I post this because it really is as simple as the video shows.

Link to post
Share on other sites
vince14

vince14

Posted
Posted
There is no such thing as a 100% secure network, just some that are harder to breach than others. Don't ask me how I know..I could tell you, but then I'd have to...........

True, but most of the very hard to crack networks are not breeched by what we think of when we use the term 'hackers' - in fact, the vast majority of networks are breeched from the inside. Either through Social Engineering (fooloing an employee into giving away their login credentials) or through direct abuse, usually by those employed as system admins. It's shocking the number of companies and organisations who have no idea how much power is in the hands of a small number of people, and how much disruption they can cause. As an example, I know of a mid-sized company (200-odd employees) that nearly went to the wall because they had one SysAdmin who went bad. He locked everyone out of their network one Friday night, dropped a resignation note on boss's desk and then went off to Thailand the following morning. The company took almost a week to get control of it's network back - fortunately the SysAdmin may have been bright, but he was adverse to the thought of jail time and coughed up the relevent passwords after a little bit of pressure!

As for Social Engineering, I also remember a study done here in the UK a few years ago. Researchers stopped people in the street during their lunch break and, after establishing a few details from them (name, DOB, address etc) then asked them to tell them their username and password for their work computer - most refused. However, the researchers then said they'd give the employee a chocolate bar if they told them, and IIRC about 60-70% of them did!

Vince

Link to post
Share on other sites
richter111

richter111

Posted
Posted

Back in 07 I won an auction on ebay, and I paid by personal check. Later the next month, I am going through my statement and find a check with an astronomical #. Seems the fellow I wrote a check to, paying for my ebay purchase decided to get an online subscription to a *********ographic website.

No more checks mailed out for me.

Link to post
Share on other sites
Dave Williams

Dave Williams

Posted
Posted (edited)
Well, for SURE the later is NOT the case.

It just seems odd two times my CC was stolen was right after I ordered on line from a model company NOT near my home, and both times its fraud use was closer to the model retailer, than me!! Wonder if it's not an inside job from the CC company!!

I suggested that to them tonite when they called.

Bo Roberts

SB is located in Missouri. Your card was used in Wilmington, DE. I'd hardly call that "close" to SB, and it's doubtful that someone at SB stole your card during the day, hopped on a plane, and bought shoes in DE that night. It seems like you are blaming SB for this, not only here, but at other forums (HS and Z5 at least), without any real proof that it's related to SB at all. Maybe the number was stolen a week ago when the card was last used, or even before, or maybe it is on your end, but blaming SB (or any company) on multiple forums within a few hours of getting word of your card being used somewhere else without any real proof seem very uncool.

So you said SB called you. What did they say? Did they say their credit card system was compromised?

Edited by Dave Williams
Link to post
Share on other sites
thegoodsgt

thegoodsgt

Posted
Posted (edited)

Not sure what the timeframe has to do with fraudulent use of a credit card. Somebody may have nabbed the credit card number weeks or months ago and only now using it, which from a criminal point of view is pretty smart.

Edited by thegoodsgt
Link to post
Share on other sites
jabow

jabow

Posted
  • Author
Posted
SB is located in Missouri. Your card was used in Wilmington, DE. I'd hardly call that "close" to SB, and it's doubtful that someone at SB stole your card during the day, hopped on a plane, and bought shoes in DE that night. It seems like you are blaming SB for this, not only here, but at other forums (HS and Z5 at least), without any real proof that it's related to SB at all. Maybe the number was stolen a week ago when the card was last used, or even before, or maybe it is on your end, but blaming SB (or any company) on multiple forums within a few hours of getting word of your card being used somewhere else without any real proof seem very uncool.

So you said SB called you. What did they say? Did they say their credit card system was compromised?

Well,yeah, the first time I ordered from Hong Kong and the scam came outta Vietnam. But both cases it would appear that I was traveling, you see, and just might pass as legit.

From what I heard, the MS breach was the first time ever this was none, and all of our personal data may be compromised. There is NO SUCH thing as total security even from the Pros!! Retailers may not even know themselve that their security is breached!!

Bo Roberts

Link to post
Share on other sites
crazydon

crazydon

Posted
Posted
Well,yeah, the first time I ordered from Hong Kong and the scam came outta Vietnam. But both cases it would appear that I was traveling, you see, and just might pass as legit.

From what I heard, the MS breach was the first time ever this was none, and all of our personal data may be compromised. There is NO SUCH thing as total security even from the Pros!! Retailers may not even know themselve that their security is breached!!

Bo Roberts

I would say you owe Sprue Brothers a apology Bo, you did plaster this over every modeling forum you could find without getting the scoop first

Link to post
Share on other sites
Kalashnikov-47

Kalashnikov-47

Posted
Posted

My question is is how often do you use that card, both on- and offline?

How are you so certain the breach involved S.B. in any way? Handing

a card to a clerk or waiter is far more dangerous than a transaction with

a legitimate online merchant.

When you are dealing with a CLEAN site, you are about as secure as you

can get.

A couple years back, I got a call from my bank asking about a couple of

questionable transactions on my visa debit card. Both were for less than

25 cents. Bank told me it was somebody testing the card, and they were

trying to stay under the radar by using tiny charges. Nobody will ever figure

out where my card was compromised but I'm 99% certain it was not online.

Ditto Crazy Don....

Link to post
Share on other sites
RiderFan

RiderFan

Posted
Posted
Well,yeah, the first time I ordered from Hong Kong and the scam came outta Vietnam. But both cases it would appear that I was traveling, you see, and just might pass as legit.

From what I heard, the MS breach was the first time ever this was none, and all of our personal data may be compromised. There is NO SUCH thing as total security even from the Pros!! Retailers may not even know themselve that their security is breached!!

Bo Roberts

You really need to cite your sources. "All of our personal data" LOL... like what? Microsoft isn't big brother they don't keep files on people... now Facebook...there's a REAL source for concern. But seriously.. until you can cite a source of this amazing breach of security that nobody has heard about, it's just hyperbole.

Link to post
Share on other sites
jabow

jabow

Posted
  • Author
Posted
When you are dealing with a CLEAN site, you are about as secure as you

can get.

Ditto Crazy Don....

I guess my purpose is to notify all, IF MicroSoft has really been compromised, it's gonna happen alot more often to all of us!! There is NO SUCH thing as a SECURE site, now more than ever!!

I VERY seldom use my CC on line!! I cringe when I think of ever 15 yr has a PC with time on their hands to CHALLENGE the security system!! About the time a defense is designed, there are those hard at work to defeat it!! And sooner, rather than later, they do!

So my suggestion to all y'all, is to WATCH IT!!

Bo Roberts

Link to post
Share on other sites
loftycomfort

loftycomfort

Posted
Posted (edited)
I guess my purpose is to notify all, IF MicroSoft has really been compromised, it's gonna happen alot more often to all of us!! There is NO SUCH thing as a SECURE site, now more than ever!!

In that case, can you remove sprue brothers from the title please? Thx.

Terry

PS: the correct term to use is "Asian", not "Oriental".

Edited by loftycomfort
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Followers 0
Go to topic listing
×
×
  • Create New...