Saved By The Bank
Or credit union, I guess.
Some of you may remember a few weeks ago, back in the middle of June, I suffered a major virus attack that resulted in me having to reformat my hard drive. The trojan allowed all kinds of stuff in, including programs that could steal information. I was worried about that and kept an eye on my bank account for a while. Turns out the bad guys waited even longer before trying to use my debit card info, part of which I had stored on a form filling program.
Got a call from the credit union security folks a couple hours ago. They were inquiring into the validity of a couple debit card purchases that had been attempted around 10:30 this morning. I'd made neither of them. Both were for small amounts of around 80 or 90 cents. I'd read elsewhere that's how the crooks check to see if the card info is good: they try to charge small amounts and that's what I kept checking my account for.
I told the gal I hadn't made the charges. She told me one of the flags that got their attention was that they tried to use invalid expiration dates with both purchases. I guess it's a good thing I'd decided a year or so ago to use invalid numbers when I stored that card number info on Roboform. I just kept the real date in my head and insert it when needed. Good thing I did or they'd probably be charging things to my card as I write this.
As for now, the gal canceled my old debit card as soon as she knew the bogus charges were attempted. I haven't added my debit card info to Roboform since I reformatted my hard drive and have no plans to. Should be ok now.
Kudos to the security folks at Provident Central Credit Union for catching this and giving me a call. I love it when they do that. I've had calls from them every now and then over the years, but this is the first time it was an actual crime in progress.
posted by Fred Mangels @ 3:47 PM
5 comments
5 Comments:
Is this why you got the $1,000 e-mail and phone call as they also know what games and things you do on your computer?
I would be a little concerned about that one also unless you have received the funds and made sure they are good funds. A lot of times they want checks deposited to get account information and then the checks turn out no good as they get them back as NSF and then close the account before they are caught.
I would actually contact the bank their check is written on and confirm that the funds are there or have your credit union do this and if the funds are there just have them put a hold on them which I believe they can do (used to work for a bank and have done this).
No. Dave Ramsey has a radio show and this isn't the first cash giveaway he's run. I entered the last one he had, too, but never won. His web page is still up there as it's always been.
Haven't received the check yet, but I would expect it to be here before the end of this week.
Great story, Fred. And good advice not to store the correct EXP date.
Scary that they were actually able to steal your data.
Scarier even more when I think of what might have happened hadn't I changed the way I had the info listed. I'm wondering if the bank would have picked up on it if they'd used the right expiration date? I would think the small amount of the charge would be a flag, but she didn't mention that as being the main reason.
I've been wondering if maybe the info was stolen from somewhere else, but it always comes back to the period of the virus attack.
I wondered if maybe they got it from my computer since I reformatted, but that wouldn't work cause I don't have the info on Roboform anymore. Also, if they hacked me while I was making a purchase, they would have had the correct expiration date. As best as I can figure it had to be the virus attack.
And, no, the $1K drawing I entered never got my debit card info.
I wish I'd thought of asking the security gal what expiration date they used. If it was the one I had the info stored under, that would be a good indicator they got it during the virus attack.
Also, I got to thinking about when it was I changed the expiration date and remembered it was almost a fluke.
It was either last summer or the summer before that, I believe. The last time they issued me a new card with a new expiration date. I was going around changing the card info with businesses that auto deduct from the card for certain expenses. I remembered Roboform but then decided not to bother updating the expiration date in case someone stole the information. Turned out to be a good move I made just as a spur of the moment decision.
Oh, speaking of updating card info with businesses, I did the same thing yesterday after I remembered my satellite TV bill is charged directly to the debit card. I went to their web site to change to a different card but couldn't get into my account. I usually use Roboform to log in and that info had been lost in the reformat.
So, I tried the "Remind me of my password" (and username) thing. There were two ways to do it but I couldn't find my account number to use the first one through e-mail. So I tried doing on the television.
I couldn't figure out how they said to do it but by fooling around with the remote control I found a place to change my monthly charge info. Simple enough, and I changed the card info. I thought that was pretty neat.
Then I checked my debit card account info this morning and noticed they'd charged me a dollar just to change my monthly charge info. I seem to remember them charging for it on their web site, too. Pisses me off.
Post a Comment
<< Home