Anyone recently hit by credit card fraud?

Has anyone here recently been hit with fradulent charges against the credit card they use for Second Life?

My mate just got off the phone with our bank, who had flagged a large and very suspicious credit card charge. Turned out to be something we definitely had NOT placed, so the bank is investigating it as fraud and has cancelled the card and is issuing us a new one.

Could just be an isolated incident. Some one at a book store or retail store employee where we bought something may have tried to use the card info fradulently.

But... It was the same card that I use for SL, for some of my accounts.

So people here may be advised to double check your credit card statements, just in case there has been a breach of security at LL.

There's a lot of that going around. I got a similar call about a card that is totally unrelated to SL, so there's not necessarily a connection. Plus, it's an international industry nowadays: My fraudster tried out the card number with a $75 (!) airline ticket first, and then made a $1,500 purchase at a music store in Madrid; I live in the US and have never been to Spain.

Google this

Just a few days ago, I got hit with a fraudulent credit card charge from my own credit card company. Apparently, one of the company telemarketers trying to sell me insurance against fraudulent charges got upset that I hang up on telemarketers, and signed me up for the fraud protection service as revenge.

That's why I use Paypal now for SL.. because only the 1 name on the auto-payment agreement can charge anything. And if a fraudulent charge *does* come through SL it would mean someone would have had to hijack my account. I can always dipute the charges both at Paypal AND my bank.

I've never had issues with credit cards I use for online purchases, but I have had trouble with "real world purchase" cards.

90% of credit card theft is still offline, last I checked. You are something like 10 times more likely to get ripped off by all the real, smiling people you handed your real card to, than anything online.

And even if it's computer fraud, odds are they hacked a company that has your cc info for some RL purchase reason.

Yep. Right now our most likely suspect is an employee or associate of an employee at a bookstore where my mate recently used that card, in person. The fake charge attempt happened very soon after that purchase, and was made by phone from a hotel room. We seldom use that particular card to make purchases either on-line or in stores or in restaurants, so it doesn't get much exposure.

Fortunately, the the single attempted charge was so big that it exceeded our available credit line, and credit card company looked at it and determined it didn't look at all like our purchasing patterns, and so gave us a call. When we told them it was absolutely, positively bogus, they immediately killed the card and started a fraud investigation. We'll have replacement cards in a week or so, and don't need the card before then. And someone may soon be facing jail time for attempted credit card fraud. The idiot attempted to buy cruise line tickets, so almost certainly entered information for where they should be sent...

I wound up with $5000 worth of charges in Israel on my card a month after I started SL. (>_<

It was my Am-Ex, so it was trouble free and all the false charges were immediately reversed after a single phone call. But, it made my family paranoid and I wound up being further restricted over what I could do with my card. (T_T)

The really annoying thing is when that person trying to spend a few thousand in Buenos Aires or Bankok *really is you* and your credit card company decides that no, it isn't you... and incidentally, now you are stranded in a foreign city without a way to pay *any* hotel bill.

Always carry two cards... though the better hotels deal with situations like that gracefully all the time, I think.

Last time we took a trip we literally notified out CC company where we were going and a rough guestimate of expenses. They were very good about nailing us being out of town. We also prepaid our hotel so really only incidental charges on that (and I am too cheap to order room service).

I've only had my credit card company call me once due to some stupid hackers. Nothing got charged to me since the company caught it quickly. They canceled the old account and sent a new card to me.

Good thing the card is hardly ever used since it is just for emergencies.

For what it's worth:

Personally, I enter the security code on the back of the card into my electronic wallet, and then black it out on the card with a marker. For MasterCard and Visa, this is the 3 digit code printed on the back but not embossed into the card. It can't prevent all theft, but it could prevent the case where the thieves depends on copying that code off the card.

An online bicycle products store recently admitted they had a breach. It apparently took them several months to admit it, even after there were enough suspicious reports to show up multiple times on a online forum for cyclists. You can read their experiences at http://bikeforums.net , and searching their General Cycling Discussion board for "Identity Theft". Since cycling is a niche market, there wasn't enough publicity for this particular vendor to suffer a huge loss of goodwill, but I'm sure there are plenty of readers of that forum, including me, who won't order from them anymore. (Not that I would have previously; their web site had the sort of security glitches that I frequently rail against as signs of poor attention to security and quality control.)

It would be far worse for LL to allow such a breach to go unreported for long, because a much greater percentage of their customers are connected online, both in-world and through numerous forums such as this one.

I had a weird situation with my card abroad once. I was in Turkey and had made a few large purchases that went through fine, I used to spend quite a lot of time there. Suddenly one day the card was stopped after I used it in a telephone booth in the airport coming home for a very small amount helping another traveller call home about a very delayed flight. Strange how they pick and chose which transactions are suspect.

I had something like that happen to me after buying gas. I'd just had auto service, they didn't reconnect the fuel line properly and it leaked. I hadn't been paying attention and wound up trying to fill up twice within a short period before realizing that I had a serious leak.

It turns out that gas stations are a common way for credit card thieves to test stolen or counterfeit cards, because they don't require signatures, and because the amounts are small enough to not trigger alarms by themselves. So two fill-ups within an hour or two quickly triggered the credit card company's fraud circuits. This is the reason that many gas stations and other automated check-out systems now require a zip code.

It sounds like you got hit by the same type of checking. Random purchases may not trigger alerts, because thieves don't buy groceries or underwear. Large purchases (electronics) may trigger alerts, because that's how thieves get their money, but tiny purchases (gas, phone calls, iTunes) can also trigger alerts, because that's how thieves test the credit cards.

CC# was stolen a bit ago and had to be replaced. So, yes. But I can't say there is a bit of proof that LL has anything to do with it.

The person ordered marketing software. I thought that took brass. What do you know, an enterprising thief.