Ever have a credit card number stolen???

Looking at the end user machine is not the answer for most of us. My system is clean and my card was compromised. I also work in IT so I run a very tight ship with my system, I think malware on the client computer is the wrong tree to bark up here.
Seems more likely its either the webhost or the processor. I wonder if AHS is hosted locally with their own in house server or if they have some kind of rackspace dealeo somewhere.

 

Not necessarily... Check this out.

http://www.scrippsnews.com/node/59494

I'm guessing that AHS has a hosted web-site offsite somewhere, on a non-dedicated web server. If a banner ad had a malicious script on it, it could have loaded something into your computer easily. Not only do we have AHS in common here, we also have this site. I know, other "experts" are working on this, but this was an idea that I didn't read anywhere on the 29 [email protected] pages.

 

Not hard to find out. Dig or whois will give you the answer. You hit it on your third to last word.

 

Another interesting article on what I mentioned about DNS poisoning above:
http://www.businesswire.com/news/ho...ic-Emerges-World’s-Largest-Payment-Processors

 

Had 3 come up after running the Maleware Bytes software.

c:\users\my name\local settings\application data\85574.exe
c:\users\my name\local settings\85574.exe
c:\users\my name\temporary internet files\Content IE5\77WP02L\index[1].exe

 

I place all of my online orders from my Mac. Although not totally immune to malware/spyware and DNS hacks, the system is pretty darned clean. I'm certain my CC numbers were obtained upstream.

CJ

 

I placed my order with my android smart phone and am running security software.

 

OK, my suggestions are null.

 

This happened to me too!

I made my first ever purchase from Austin Homebrew on Saturday 2/5. On Monday I got a call from my credit card company saying that they suspected fraud as there was a $1000 charge in the UK and a $40 charge at a pizza hut also in the UK (I've never been to the UK). They closed my account. Does Austin Homebrew know about this??

 

Did you read the thread?

 

I just had my bank call me as well they froze my account. I purchased from AHB on 02/01/11, lucky for me I am a broke philosophy student so they tried to charge stuff that got denied!

hahahahahahaha! bastards! I told my bank to let them keep trying on my broke a** acount that way they can find these punks.

I will continue to trickle my little bit of money to AHB!

 

the other common denominator.....






http://www.homebrewtalk.com

Didn't the bb software just recently get upgraded?

 

That talk about banner ad site hijacking got me thinking about it as well. So then the card could have been taken from any other online transaction as well.

 

If it was something to do with HBT, though, wouldn't we be hearing from dozen of people who shopped at Northern Brewer or MoreBeer (or non-homebrew shops) and had their cards stolen? I mean, AHS is pretty popular around here, but they don't have an exclusive on HBT members' spending.

 

Ummmm...

http://www.homebrewtalk.com/f19/ever-have-credit-card-number-stolen-223663/index7.html#post2631122

 

its not AHB it's MS winders
http://news.cnet.com/8301-27080_3-10436083-245.html
http://www.pcmag.com/article2/0,2817,2358157,00.asp

but your best bet is to use paypal,, or if you want to use a card, open a separate account with a debit card and use it for online purchases only. fund the account with only what you plan to spend

we recently did a program for a financial institution where their account holders were given a usb key with a operating system (Linux) and a web browser that would only connect to their bank account. you would reboot with the key and you would be in a virus-Trojan proof environment. that was certificate and password authenticated
their account theft for those accounts dropped to "0"

 

No IE in my household.

 

Im studying for my LSATs tomorrow, please no distractions

 

My coworker who's cc was compromised does not visit hbt.

 

Did you even read those articles? Those 2 articles are over a year old. Not to mention that I placed my order via my android smart phone.

 

+1 what gritmaster said. One can buy CC numbers online. Also can buy kits to make malicious software, cheap and easy. This incident and many similar to it are more common than you might think.

 

My bad man, my bad...

 

Ack... I just placed a small order with AHS for the first time yesterday morning. Not a big deal though... I admittedly used a Visa debit but that account has like $2 right now. I'm just wondering if it'd be prudent to request a new card so I don't get hit down the road. I'm not going to NOT shop at AHS because of this, but I'm in Canada, so I don't expect to be shopping with them very much anyways (beyond some stuff I had difficulty finding here.) I placed my order on my Nexus One (android phone)... we'll see if a probe charge shows up, I guess.

AHS is very lucky though that the "hobbyists" their business supports are more like addicts. Many other businesses could be ruined by even a fraction of the suspicion generated in these threads.

 

You know, if something malicious was on a banner, it could be on other web pages too... And if it was written in something universal, like a java script, that would run across platforms, i.e. Firefox, IE, Mac, Android, etc.

 

There's plenty of folks getting hit with this that aren't paid members, so I can't see it as coming from HBT.

 

True enough. I just think that we should not speculate. Also I never click on any banner ads, etc. The card I used is one I use for common purchases locally, such as gas station and ABC store. Both brick and mortar. The only online purchase on this card was with AHS.

 

on a brewing board, a connection with a homebrew store is not necessarily anything relevant. same with walmart, the largest retailer in the world. typically these things are stolen in local ways, through using a private ATM machine that someone's attached a card reader to (youd never notice anything out of the ordinary), it can also happen on some older card transaction machines when the reciept printed out does not X out all the card numbers... this is VERY common with small mom and pop store, hairdressers, nail salons, garden shops, florists, etc. who dont have advanced POS systems...

i use my cards alot, mostly instead of cash. i find my numbers get swiped probably once every 18 months or so. two things that help. work with good banks with good protection... my banks give me the benefit of the doubt and refund me the stolen money immediately pending the investigation, if they are able to get the money back from the merchants (which they are very motivated to do) they'll send me a note telling me when they will take back the advance they gave me and when the merchant money will be refunded back to my account. i also have email notification of any charges on my debit made by either phone or internet (ie. not in person).. i always catch the charges this way because i get the email on iphone promptly and i know whether ive purchased anything in the last 15min or not.

its not the end of the world. just a cost of doing business with plastic.

 

Gas stations have been mentioned a bunch of times, and I know more people that have been nailed at a gas station (a couple times perpetrated by the owner themselves!) than everything else combined.

 

Are you inferring that we all had our cards compromised by the very same local vendors? I doubt that all these people were in my town.

 

i posted before i saw the post by forrest, if they have confirmed then that's that. but i am saying that local transactions are more likely to be compromised than online. and there are thousands of card compromised every day, tens of thousands probably.

im just sayin, it happens. be aware it can happen, take reasonable precautions and roll with the flow. if you want you can change your account number every year if you want, get a new card and start "fresh"

i tend to end up doing that anyway because when i read about a million cards being stolen from XYZ national store, its usually one i stop at so i get a new card, then once in awhile ill see a transaction thats not mine, or see a $1 transaction out of the blue. those are warnings, call the bank , stop the card, get a new one issued.

im just saying, this happens alot, every day, all over. its not a rare occurrence.

 

I can certainly say that my CC number was not taken locally. I do not use credit at gas stations, grocery stores, etc. I only use my card for online purchasing and even that is uncommon. I've made three purchases from AHS this year: 1/8, 1/16, and 2/5. There was also a purchase from Kegconnection on 1/31, and one from Amazon on 2/5. The fraudulent charges on my card were done on 2/7.

I use a Mac as well which isn't as vulnerable to scripting attacks (but not impervious, so I won't rule that out).

I've done online shopping for the last 10 years without any incident or fraudulent charges on any of my credit cards. I knew it would happen some day. I just happened to get a brew kit for Christmas (thanks wife) and have had a 'need' to expand on the hobby

CJ

 

So for you computer techies out there, could their PC have been compromised when our CC #'s were stored on it for 1-1.5 weeks?

 

Simply....yes.

 

i don't know how its being done, but

has anyone had any charges newer than 2/7/11?

it seems all bogus charges were on that day.

-=Jason=-

 

i actually got dinged on feb 1. i wonder how far back forrest hold cc#'s? i haven't bought anything from him in like 2 yrs. my only other transactions online lately with the card went through paypal. 500$ from some clothing company in china was the trigger for stoppage......unfortunately my issuer didn't contact me had to stop in my cu to find out why i couldn't use the card to find the fraud. (it didn't show on my online account because the charges hadn't gone through but had been authorized)

 

I just got a call, my card was compromised, with fraudulent charges on 2/10 exceeding $1000, only 250 of which the credit card company approved... and I did order from AHS fairly recently.

The only other retailers I did business with recently on that card were amazon, the payment processor for BeerSmith, and Chipotle, and I saw the card swiped at Chipotle.

I really wasn't thrilled, no I was disappointed, with my experience with AHS, and this would really be the cherry on top....


Pablo

 

It looks like my card has also been charged. I have two charges from OpenZone London. Seems to be a wi-fi company from England. The two charges are for less than $10 each.

I also ordered from AHS on Jan. 10. I will curtail ordering from them.

Thanks for originally posting this. I would not have thought to check.

Prost.