I'm getting kind of freaked out.
A month or two ago, someone tried to use my ATM card to make a purchase of around $400 from gamestop.com, a site I've never visited. Gamestop apparently thought it seemed fishy, and called me, and I told them it wasn't me. I immediately called my bank, who checked all my transactions -- that was the only fraudulent one, and it didn't go through because Gamestop had caught it. But I had them close my account anyway.
The other day, a fraudulent charge appeared on my PayPal account, which I virtually never use. I reported it, PayPal put me through their fraud process which included changing my password, and they reversed it out right away.
This morning, someone tried to charge over a thousand dollars on an airline miles credit card I have. The charge was declined and the credit card company called me with a fraud alert.
I confirmed it was not my charge, reviewed all my other charges with them (they were fine), and canceled the card.
I never enter my credit card in public computers or my laptop. I have a router, a firewall, and spyware, adware, and antivirus programs -- Norton 360, Spybot, Adaware -- and run them all frequently, with Norton running in the background at all times. All of them are on auto-update or I update them manually every week. I have had computer techs tell me I have the cleanest machine they've ever checked. I don't even accept COOKIES except manually, even though I know they can't "do" anything to my computer.
Of course, I do use my credit cards and debit card in real life -- at restaurants, airlines, the vet, whatever. I hand them to waiters and they bring them back, and I never think about it.
The PayPal incident freaks me out, because how could someone have had my account password? It's not an easily guessable one. I've never given it to anyone, no one shares my computer, and I have never logged into PayPal from anything but my desktop at home. And like I said, I almost never use PayPal. I've never used EBay or any auction sites. I don't buy stuff online from individuals. I just don't use it much.
I have been changing and mixing up my passwords all over the web, I have checked and re-checked with my anti-spyware software and nothing comes up.
I'm seriously starting to freak out, though. If it weren't for the PayPal incident, which for all I know was some kind of computer glitch and had nothing to do with my account being compromised, I would feel sure this was a "real life" credit card theft... but now this one involves TWO cards, my debit card and my airline mileage card.
I'm not sure what to do. Eeek.
Editing to add: I did obtain my credit reports, and there are no incorrect addresses, no unexplained inquiries, and no accounts that aren't mine.
Okay, that's beyond weird. If you don't have it on your computer (google's auto-fill function) anywhere, my guess is that someone, somewhere copied your card number. I was watching something last week about this on one of those Most Daring Idiots or whatever. One way of doing it is to swipe your card through the reader placing a post-it sticky over the numbers, leaving the imprint. Or placing the sticky over the stripe, then, when it doesn't read, putting it in manually. There's all kinds of messed up stuff that people can do right in front of your face. I've noticed now that most places will swipe your card in unobstructed view of you, then place your card on top of the machine. I prefer this, it keeps the cashier honest and makes me feel better. Maybe when you use your card, any card, in the future, insist that they keep the card in plain view of you. Oh, and a friend told me to sign my card with a Sharpie, and write on it, "check ID." Works most of the time, and sometimes, I prompt them.
Posted by: Red | 09 July 2008 at 03:07 PM
1. call your bank and make sure they put an alert on your accounts. 2. go to the credit bureau sites and put a fraud alert on your credit report. Both of these will make it harder for anyone to use your info and also keep them from opening any accounts with your credit. Your bank should have a department that can help you through the identity theft morass - I know Wells Fargo does.
3. The weird thing is the paypal and the cards both being hit. Start thinking what ties the three together. Also, didn't you recently get a new computer - what did you do with the old one? Are you sure that info wasn't saved somewhere on that old machine?
Posted by: Cheryl | 09 July 2008 at 09:23 PM
Thanks Cheryl! I will put the fraud alerts on, I didn't know about that!
I kept my old computer. It's right here. So that's not it. Plus the first incident happened before I got the new one.
I agree, the PayPal incident makes this a different story. It's quite disturbing. ;/
Posted by: Christie | 09 July 2008 at 09:43 PM
Make a police report! Also check your Homeowner's insurance policy as many now include Identity Fraud protection. They don't cover loss by fraud as a rule, but do reimburse for the expenses needed to restore your good name and protect your accounts.
Posted by: Moira | 11 July 2008 at 12:56 PM
Our credit card got scanned soon after we moved to London, at a restaurant. They took it away for a few minutes to swipe it, and then within an hour someone had charged $3000 at an online gambling site. Our bank ate the charges.
Recently our cards were stolen, we cancelled them, and soon after I got my credit cards, they wouldn't work. I found out our bank had put an alert on my debit card. After receiving my card I'd immediately donated to Obama, and to a charity, then used the card here. They were concerned that I was spending money on two continents on the same day!
Anyway, just shows what a good bank will do. I have no idea what's happened to you. I'd get all new cards (after first assuring you have enough money to get you through until new ones arrive!) and start over.
Posted by: KathyF | 20 July 2008 at 10:36 AM
Your computer probably has a virus, such as a keylogger that tracks every letter you type on your keyboard. That's how they got your credit card AND password information. Go get your computer checked out asap.
Posted by: Jon | 11 September 2008 at 01:32 PM
Well, this might not be your case but sometimes, if the scammer has your social security number, your birthdate, your other important details, changing cards is of no use.
Posted by: | 14 December 2008 at 08:49 AM
The same PayPal thing just happened to my wife's card, which is not associated with any PayPal account. To comfort you, they never did log into your PayPal account. Just someone got your credit card number (by some means) and used PayPal as their credit card processor. You don't have to have a PayPal account for a PayPal charge to show up on your statement. Some scammer just thought it would be better to get cash from a stolen credit card number than try to buy something with it.
Posted by: Brian | 05 April 2009 at 02:12 AM