I just ordered one for the boy. I really do NOT like this on-line ordering gig, but there was no other choice offered. I set up a credit card with a low limit just for that purpose. My young'uns tell me this is the 'wave of the future', and many smaller companies are going to it exclusively… so I suppose I had better get used to it.

.

Damn youngun's and their new fangled technology ;)

I just ordered one for the boy. I really do NOT like this on-line ordering gig, but there was no other choice offered. I set up a credit card with a low limit just for that purpose. My young'uns tell me this is the 'wave of the future', and many smaller companies are going to it exclusively… so I suppose I had better get used to it.

.

Don't worry. This whole internet thing probably won't take off.

One thing that's always puzzled me is people who won't use a card on the internet, but will hand it to a waiter to carry out of the room without a second thought. :confused:

One thing that's always puzzled me is people who won't use a card on the internet, but will hand it to a waiter to carry out of the room without a second thought. :confused:

That's easy. If the waiter "hacks" it, you can track his/her ass down and put the habeus grabbus on them; done it twice, once from a restaurant and the other from an Auto Zone.

Some geek in Lower Slobovia (or Chicago, etc.) hacks it… well, getting the charges wiped is the best you can hope for.

.

Damn youngun's and their new fangled technology ;)

Shouldn't you be out violating someone's rights?

.

That's easy. If the waiter "hacks" it, you can track his/her ass down and put the habeus grabbus on them; done it twice, once from a restaurant and the other from an Auto Zone.

Some geek in Lower Slobovia (or Chicago, etc.) hacks it… well, getting the charges wiped is the best you can hope for.

.

But suppose the waiter just sells the number to the guy in Upper Revolta? :eek:

That's easy. If the waiter "hacks" it, you can track his/her ass down and put the habeus grabbus on them; done it twice, once from a restaurant and the other from an Auto Zone.
.

That happened to someone we know- waitress takes the card to pay for dinner, and they start getting text alerts that the card is buying stuff at the Best Buy across the parking lot. The halfwits had taken the actual card and used it. IIRC it ended up being similar to a run down in baseball once the cops got there.

I just ordered one for the boy. I really do NOT like this on-line ordering gig, but there was no other choice offered. I set up a credit card with a low limit just for that purpose. My young'uns tell me this is the 'wave of the future', and many smaller companies are going to it exclusively… so I suppose I had better get used to it.

.
OT but Bank of America issued-cards have a free feature called ShopSafe. If you login to your online account, it allows you to generate one-time or recurring credit cards with a set limit that are associated to your primary card. I use it pretty extensively for online purchases. Even if you create a recurring card with a higher limit, it locks to the merchant with whom it was initially used and will decline any other charges.

I assume other card providers have similar services.

But suppose the waiter just sells the number to the guy in Upper Revolta? :eek:

Exactly. The smart waiter is going to swipe the card through a skimmer to get the data off the mag stripe and maybe take a picture of the back of the card to get the CCV code then sell the info to a guy in outer Slobovia (or Nigeria).

Shouldn't you be out violating someone's rights?

.

I did that last night. A guy's gotta rest right?!

Exactly. The smart waiter is going to swipe the card through a skimmer to get the data off the mag stripe and maybe take a picture of the back of the card to get the CCV code then sell the info to a guy in outer Slobovia (or Nigeria).

Happens to me about once a year.

I just ordered one for the boy. I really do NOT like this on-line ordering gig, but there was no other choice offered. I set up a credit card with a low limit just for that purpose. My young'uns tell me this is the 'wave of the future', and many smaller companies are going to it exclusively… so I suppose I had better get used to it.

Beside's zacbol's suggestion (http://pistol-forum.com/showthread.php?10138-Raven-Phantom&p=174195&viewfull=1#post174195), you could also simply use prepaid cards. A small premium, to be sure, to buy the card, but most prepaid cards can be used almost anywhere the standard credit card is accepted. You can load the card with the amount you want and just spend from there until you need to load it again.

But suppose the waiter just sells the number to the guy in Upper Revolta? :eek:

That happens, I suppose. In which case, we're back to Being Hosed, Act 2. The two times it has happened to me, I guess I was fortunate in that both were local low-brows who gave it up quicker than a high school prom queen when I showed up with a warrant and real bad attitude.

Still, it would seem to me that, given all these magic-working geeks worldwide who can manipulate the "system", I stand a good chance of getting my CC info harvested from a extant database via on-line ordering.

Dunno, I could be wrong.

.

Beside's zacbol's suggestion (http://pistol-forum.com/showthread.php?10138-Raven-Phantom&p=174195&viewfull=1#post174195), you could also simply use prepaid cards. A small premium, to be sure, to buy the card, but most prepaid cards can be used almost anywhere the standard credit card is accepted. You can load the card with the amount you want and just spend from there until you need to load it again.

Good idea; probably "safer" than what I'm doing. I may go that route if I get tagged on this new card.

Thanks to all for the suggestions.

.

I stand a good chance of getting my CC info harvested from a extant database via on-line ordering.

Just because you shopped locally doesn't mean it's safer. Your 'local purchase' data, at a big box store, is often in the same central database as online transactions.

And when you shop locally, at small mom and pop shops, you cc info is probably stored with a 3rd party too - the one from which they rented the swipe machine. I've had far more issues with this type of transaction, from honest businesses too! My wife's card data was compromised (twice) because she used her cc at a local knitting/yarn store.

Good idea; probably "safer" than what I'm doing. I may go that route if I get tagged on this new card.

Thanks to all for the suggestions.

.

If you get hit using the low limit credit card, the credit card company is out the money until it's resolved. If you're carrying a zero balance and someone hits it for $500, it's the CC co's money that has been stolen. If you get hit using the pre-paid card, you've already fronted the money that is stolen. The money that's missing came from your pocket.


I think a specific, unique low-limit card for online transactions like you're doing is probably the best way to protect yourself while still doing online transactions.


And for whatever it's worth, several of the times my cards have been compromised, it's been a card I wasn't actively using at all, on or offline. Even a "stale" card gets hit sometimes.

The "waitress attack" to steal cc info is amateur because they're easy to catch and prosecute, but there's little you can do to prevent it. In many countries, waiters will bring a portable card reader to the table, that helps.

The vast majority of cc thefts are sophisticated professional organizations who won't get their hands dirty, often operating in jurisdictions where it's almost sort of legal. (Famously, the largest underground cc trading forum was out in the open so much that they paid the Moscow Ballet enough to get their logo super sized right on the cover of the program booklets.) These are the guys that will clean you out before the fraud detection notices, at pretty much no legal risk to themselves. The specific techniques are many and varied, but the bottom line is you can do very little to stop them. The banks and the feds play whack-a-mole and can't seem to slow them down for long, either.

So, I use only credit cards (not prepaid, not debit) and only if the fine print of the card agreement fully covers all fraudulent charges. Then I stop worrying. You can avoid, mitigate, or transfer risk - for risks associated with shopping, most cards from big banks make it easy and cheap to transfer. I only use my debit card at the ATM, and I try real hard not to write checks.

I do a lot of .gov purchasing and my card gets whacked on a fairly regular basis. I'm told that the most common way today is to hack a legit but poorly secured business and steal the info. They will also run random card numbers until one 'hits.'. Not much you can do about either one bit be vigilante.

The "waitress attack" to steal cc info is amateur because they're easy to catch and prosecute, but there's little you can do to prevent it. In many countries, waiters will bring a portable card reader to the table, that helps.

The vast majority of cc thefts are sophisticated professional organizations who won't get their hands dirty, often operating in jurisdictions where it's almost sort of legal. (Famously, the largest underground cc trading forum was out in the open so much that they paid the Moscow Ballet enough to get their logo super sized right on the cover of the program booklets.) These are the guys that will clean you out before the fraud detection notices, at pretty much no legal risk to themselves. The specific techniques are many and varied, but the bottom line is you can do very little to stop them. The banks and the feds play whack-a-mole and can't seem to slow them down for long, either.

So, I use only credit cards (not prepaid, not debit) and only if the fine print of the card agreement fully covers all fraudulent charges. Then I stop worrying. You can avoid, mitigate, or transfer risk - for risks associated with shopping, most cards from big banks make it easy and cheap to transfer. I only use my debit card at the ATM, and I try real hard not to write checks.
The waiter attacks are still common. I had to replace my work travel card last year after a waiter skimmed it. They are easy to prosecute if the waiter is using your Cc info himself as occurred with LSP but in some cases, such as mine, they are selling the info to a 3rd party. Actually that was quite a trip as my CC was compromised, I ran across what turned out to be a ring smuggling ammo into Mexico while browsing in a gun shop off duty and then the BP dog hit on my Govt vehicle as I was going through the checkpoint !

The waiter attacks are still common. I had to replace my work travel card last year after a waiter skimmed it. They are easy to prosecute if the waiter is using your Cc info himself as occurred with LSP but in some cases, such as mine, they are selling the info to a 3rd party.

There are certainly differing levels of clownishness, from LSP's case, to folks who think they're slick by selling the info instead of using it, to folks who install clever little skimmers in ATMs and gas pumps. It's just too easy to correlate fraudulent cards, find the one place they were all used before the fraudulent charges, and pinpoint the thieves from there. I've helped with some of these investigations, they're pretty boring. The thing is, these amateurs are always hitting folks, they cause confusion and delay, but they're small-time almost by definition - they'll get some TVs or something. The pros use much more sophisticated methods with very little risk to themselves. This makes them dangerous for a couple of reasons: a) they don't get taken out of circulation, so they keep getting better and better and they're always working; and b) they're more likely to clean you out. I've worked cases where folks lost their life savings, their kids' college fund, their investment portfolios, one dude even woke up with a 100% mortgage on his house. All with phone records, notarized papers and all that. If you're a millionaire, you've hopefully got good advice - follow it. If you're broke, or if you've sunk all your net worth into guns and ammo, ;) you're golden! If you're John Doe with a little nest egg in the bank or whatever, the "best" answer is: it depends. But here's a simple formula that will make you much less of a target for the pros: don't type or send asset account info on a computer, use credit accounts for that. That's basically what I do.

For background, I started chasing cyber bad guys for a living around 97 with cellular fraud. (Remember clones?) Spent some years consulting with various public and private agencies around "smash-and-grab" online crime like credit card fraud and etc. The last 5 years or so I've been focused on other kinds of online chicanery, but my colleagues assure me that while the details have evolved, the basic premises are the same as ever.

There are certainly differing levels of clownishness, from LSP's case, to folks who think they're slick by selling the info instead of using it, to folks who install clever little skimmers in ATMs and gas pumps. It's just too easy to correlate fraudulent cards, find the one place they were all used before the fraudulent charges, and pinpoint the thieves from there. I've helped with some of these investigations, they're pretty boring. The thing is, these amateurs are always hitting folks, they cause confusion and delay, but they're small-time almost by definition - they'll get some TVs or something. The pros use much more sophisticated methods with very little risk to themselves. This makes them dangerous for a couple of reasons: a) they don't get taken out of circulation, so they keep getting better and better and they're always working; and b) they're more likely to clean you out. I've worked cases where folks lost their life savings, their kids' college fund, their investment portfolios, one dude even woke up with a 100% mortgage on his house. All with phone records, notarized papers and all that. If you're a millionaire, you've hopefully got good advice - follow it. If you're broke, or if you've sunk all your net worth into guns and ammo, ;) you're golden! If you're John Doe with a little nest egg in the bank or whatever, the "best" answer is: it depends. But here's a simple formula that will make you much less of a target for the pros: don't type or send asset account info on a computer, use credit accounts for that. That's basically what I do.

For background, I started chasing cyber bad guys for a living around 97 with cellular fraud. (Remember clones?) Spent some years consulting with various public and private agencies around "smash-and-grab" online crime like credit card fraud and etc. The last 5 years or so I've been focused on other kinds of online chicanery, but my colleagues assure me that while the details have evolved, the basic premises are the same as ever.

I remember clone phones - 1997 We arrested a Nigerian on a warrant - when we booked him his property consisted of a monogramed briefcase with $10k in cash and three cloned Motorola flip phones( the originals).

My favorite Nigerian moment: I finally arrested a Nigerian we had been chasing for two years. Get him in an interview room and he immediately starts trying to BS me. I stop in and tell him "look, just tell the truth, we know everything anyway".

He looks at me with perfectly straight face and says "Sir, in my country the truth is something reserved for only the most desperate of circumstances ."

That convinced me to sink my entire net worth into guns and ammo!

Going back to the OP's question I am wearing a Raven phantom LC as I type this (SIG 229R w/ TLR-1). H
I think I'm up to five of them for various guns.

Wow, LSP972 and mariodsantana helped steer this thread in all kinds of interesting and helpful directions. If only there were a staff member involved who could, like, split off the CC/online bit and make it into its own thread in Romper Room, 'cause that'd be awesome! ;)

split off the CC/online bit and make it into its own thread in Romper Room, 'cause that'd be awesome! ;)Better?

Better?

As awesome as predicted! :cool:

I've had credit card numbers stolen twice. The first time I caught it because I check my bank accounts online several times a week. I called the bank and immediately cancelled the card and got a new one. The second time I was in the field at Fort Drum when my bank called me to ask me about a suspicious charge. Again, the card was cancelled immediately. Sadly, Chase recently ended their identity protection/credit monitoring service. I believe the best way to catch this kind of basic identity theft is to regularly check your credit card and account statements on the bank's website. Having a separate, low limit card strictly for online transactions, as mentioned previously in this thread, is also a smart option. If your bank offers a service where they monitor your activity and call you when anything suspicious occurs, I recommend subscribing to it.

I believe the best way to catch this kind of basic identity theft is to regularly check your credit card and account statements on the bank's website. Put a credit freeze in at all 3 bureaus. It prevents new credit inquiries from happening, which prevents most new accounts from opening, without you putting a temporary release in place. It sucks when you apply for a new auto loan, or new credit card, without first putting in the temp release - but the benefits far outweigh the inconvenience, IMO.

Put a credit freeze in at all 3 bureaus. It prevents new credit inquiries from happening, which prevents most new accounts from opening, without you putting a temporary release in place. It sucks when you apply for a new auto loan, or new credit card, without first putting in the temp release - but the benefits far outweigh the inconvenience, IMO.

Thanks for that JV. I never heard of that before. New accounts being opened up is one huge hole in my current strategy since checking my statements online won't tell me if someone opened accounts in my name with other banks. I'm going to do what you suggested.

You're welcome.

Here's a better explanation: https://www.experian.com/consumer/security_freeze.html

My most recent fun with credit cards was when ordering the new PKAL and trainer......... According to Visa, the transaction was intercepted, and when I went to check out, it directed all of my card info to a third party. Slightly inconvienient, but it's not like they stole my money. Sign an affidavit, and charges removed, new card issued.

It's a bit of a PITA when you travel a lot, and new cards take 10 working days to arrive to a stateside address, then another month or more to finally catch up to your physical location. But I have simply learned to have multiple cards available for use if the need should arise.

Now I get a little more cautious about ordering from websites I am not familiar with. Some do use external billing companies, especially small businesses. I either call and give it to them directly, use the dreaded/evil anti-gun PayPal, or just do a direct bank transfer.

It is what it is. A few precautionary moves as suggested by JV, and others......it's really not much of a big deal. Minor distraction, but certainly doesn't stop me from continuing E-commerce.

It prevents new credit inquiries from happening, which prevents most new accounts from opening, without you putting a temporary release in place.

It may work for larger purchases like autos and houses but the majority of credit card applications are approved without running a credit report. People have actually gotten credit card for their dogs.

It may work for larger purchases like autos and houses but the majority of credit card applications are approved without running a credit report.

I don't doubt there are some consumer debts that don't run a report, but I'm skeptical that's the norm.

I couldn't even get my credit limit increased without a new credit pull, and my history with the cc company is perfect.

I don't doubt there are some consumer debts that don't run a report, but I'm skeptical that's the norm. I couldn't even get my credit limit increased without a new credit pull, and my history with the cc company is perfect.

I think that you are giving the credit card companies too much credit for being ethical. Their goal is to get you signed up and "into the system." They don't care whether you're late or miss a payment. They'll make more on the penalties than the interest they're charging. Sure, once you're one of their customers, they'll check your credit to limit their liability but not when they're trying to get you in at first. The numbers I have are that 80% of credit card are approved without a credit check.

The other side is that if you are really close to your limits, they'll check your credit every month, hoping to find you delinquent on some other account so that they can bump your rates. I experienced this personally when I still had credit cards (2006 or so). I had a card with a $13000 limit. I ran it up to $12900 when I did some intense traveling and training in a short period of time and then paid it back down. They checked my credit four months in a row when they hadn't checked it in years.

You're welcome.

Here's a better explanation: https://www.experian.com/consumer/security_freeze.html

Do you have to do that with the other two bureaus as well, Transunion and Equifax?

Thanks for the info.

Cookie Monster

Do you have to do that with the other two bureaus as well, Transunion and Equifax?Yes. The same applies to the temporary releases too - all 3.