Corey Posted July 13, 2014 Posted July 13, 2014 So over the past month I have had 2 different credit cards and a debit card incur an international charge of $49.50. All of them coming from a different fake websites setup to look like customer service sites. I googled one of the websites ( HCINCSUPPORT.COM ) and I am not the only one getting hit from this supposed company. After the first card was hit I thought it was a travel agents fault in their email security since i sent them my credit card info. So i just blew it off got a new card. A week later my second credit card was hit for the same charge. This past week my debit card was hit for the exact international charge from a phony website. I contacted the company and they told me I ordered some weight loss supplement and they even had my address with the order. I ran a malware bytes scan after the 2nd fraud charge and found 3 malware from an accidental install of a toolbar (incredibar ) and got rid of that. I used my debit card ( 3rd fraud charge) a day before i ran the scan so maybe they got the info? Does anyone have any recommendations on what I should do? Am I safe now that the malware has been removed? Was that the cause in the first place? I mean I have all new cards now and I have ran malware bytes and virus scans multiple times and they aren't coming up with anything now. Thanks for any information or advice. Quote
docwarren Posted July 13, 2014 Posted July 13, 2014 Best advice? Cancel all credit cards. Re-apply for two. AND TWO ONLY! One for emergencies and one you use regularly. Pick the ones with best reputations for fraud protection. Just an example, my emergency card is a bank affiliated card. My primary card is Discover mainly for the cash back rewards, but their fraud protection is outstanding. Today is a perfect example..... I am traveling in Florida to the beach from Texas..... they (Discover) have tracked my charges and called me to verify I am traveling and making these purchases. Feel very secure....... except when DD or Dirt get ahold of my PayPal info after a donation. Want to minimize your debt? Pay off that regular credit card EVERY Month. Don't live beyond what you can afford. Sorry it turned into a financial soap box moment, but I am big on financial independence. Greets from Miramar Beach! 3 Quote
Raskin Posted July 13, 2014 Posted July 13, 2014 I do same exact way doc..discover my use card-pay off every month..get the rewards..I also have life lock-mostly cuz my house is paid off and someone could take loan or line of credit using your home as colateral .. I remove that incredibar thing from a persons PC a few weeks ago..always check when u download any software or update to uncheck those boxes for addons.I've noticed they are also getting sneeky and putting addons that look like a next screen u have to hit decline or skip to move to next screen to not add it 1 Quote
Vanaraud Posted July 13, 2014 Posted July 13, 2014 As far as I know when its debit card with chip and code verification its pretty hard to copy it(not to say very rare). If it works on magnetic strip and with signature verification then the magnetic part can be copied pretty easiliy in resaurants, shops, ATM etc. So when traveling, have to be extra careful. Usually the copied debit card is used far from your home, so its wise to close your debit card for transactions made in foreigh countries, ofc if you are not frequent traveler. If you mean by debit card bank transactions accessed by PSWD and codes, then I think you have to change on clean system your PSWD for starters. And I guess keylogger and screen capture can retrieve enough info, so I´d suggest dual boot(see next paragraph). Theres also the possibility for middle man attacks, so when paying\ accessing your bank check the earth sign on address bad and tap on "more information" in firefox it should tell you if you are visiting "mybankaddress.com" or "mydankaddress.com". And in lifetime I won´t trust any antivirus to secure my system, if it has found some keyloggers or more harmful I´d feel safe only by doing low level format with MBR deletion as some nasty malware can write themselves in hidden parts of HDD and even "only" clean installation of OS can´t get rid of them. If you are going for it then take backups first and check your HDD manufacturer for HDD software. About security then I´m using 2 different systems on PC: one for everday usage(Win) and 2nd for secure usage(Linux), then theres little chance for cross contamination as they use different file systems and you are not accidentally DL viruses to secure system as you use it only to surf to secure locations with default browser.... Also don´t you guys have "virtual credit card", it can be opened for only internet buyings? Or yes as suggested above ask different banks for their antifraud measures. I´m not an expert but at least I hope its any use for me and anyone else. Better ideas? Bring it on... 2 Quote
Seggy Posted July 13, 2014 Posted July 13, 2014 Echo what doc said. I have 3 cards: debit, shared card with my wife, and my "working" CC. 99.9% of the time, I use my working card. If it's something my wife normally takes care of, I use her card — which is her main card. I *only* ever use my debit card at ATMs, and only those that I've checked for card-skimmers or other sketchy signs. My wife and I pay off both our cards each month and when we travel, we let the company know. They have a good fraud detection unit — at an airport once, the clerk fat-fingered a $4.95 charge into $495. It never went through, however, because my company called me up as soon as they saw the charge. They called me because it was outside my normal pattern. When I was doing work in Taiwan, I'd sometimes get calls at 3AM because they saw my card used halfway around the world from my normal address. Also, if you're paying for stuff online, make sure the site is using SSL encryption, with a valid certificate, and has been verified by something like Verisign, etc. 1 Quote
Corey Posted July 13, 2014 Author Posted July 13, 2014 Greets from Miramar Beach! I actually just left Miramar Beach yesterday Stayed at some house in the Maravilla resort. Hope you have fun there! I suggest eating at McGuire's Irish Pub if you haven't had it before. Thanks for the information. I don't actually have any credit card debt. I pay them off immediately each month. I'll have to look into the security features of my cards but I have Capital One and Visa. I remove that incredibar thing from a persons PC a few weeks ago..always check when u download any software or update to uncheck those boxes for addons.I've noticed they are also getting sneeky and putting addons that look like a next screen u have to hit decline or skip to move to next screen to not add it Yeah it happened by accident a while back. I'm actually surprised it still had pieces of it on my PC. Do you think its possible that's how my information was stolen? And in lifetime I won´t trust any antivirus to secure my system, if it has found some keyloggers or more harmful I´d feel safe only by doing low level format with MBR deletion as some nasty malware can write themselves in hidden parts of HDD and even "only" clean installation of OS can´t get rid of them. If you are going for it then take backups first and check your HDD manufacturer for HDD software. this is all that has been found on my computer. so I cant really say if they are keyloggers or not. the 3rd one is kind of weird since I don't have google chrome, but I may have had it installed at some point. Quote
Raskin Posted July 14, 2014 Posted July 14, 2014 Incredibar kept redirecting the persons explorer homepage and search so bad they barely able to use the pc....unsure if to do with you're credit issue..its a nasty adware or something.. Quote
Administrators JoeDirt Posted July 14, 2014 Administrators Posted July 14, 2014 Let your bank know, they will change your cards also change all pins. Call your credit bureau and they should have an option where they flag any suspicious activity there and let you know right away. Don't use credit cards or debit cards unless absolutely necessary. Always carry cash with you. 2 Quote
TulsaGeoff Posted July 14, 2014 Posted July 14, 2014 Discover.com will let me create a virtual CC number for a one time use. I'm not sure if your CC issuers have anything like that. Quote
docwarren Posted July 14, 2014 Posted July 14, 2014 "I actually just left Miramar Beach yesterday Stayed at some house in the Maravilla resort. Hope you have fun there! I suggest eating at McGuire's Irish Pub if you haven't had it before." I stay every year at Edgewater Condo. 1 Quote
aky101 Posted July 14, 2014 Posted July 14, 2014 (edited) Have you claimed your money back through CC chargeback? Also all a company needs is the long number on the front name on card and expiry to make a charge. The 3 digit ccv number on back isnt essential so think back to who you may have given such info to. From that screenshot malware bytes hasnt picked up a keylogger that i can see..I suspect a phising scam where the toolbar may have redirected you to a spoof website where you have put your card details in. Edited July 14, 2014 by aky101 Quote
.KeLFOuTO!r. Posted July 14, 2014 Posted July 14, 2014 Yeah it happened by accident a while back. I'm actually surprised it still had pieces of it on my PC. Do you think its possible that's how my information was stolen? this is all that has been found on my computer. so I cant really say if they are keyloggers or not. the 3rd one is kind of weird since I don't have google chrome, but I may have had it installed at some point. Struggling against frauders is part of my job everyday... There are several ways for them to get your information. And getting the info on your pc is only one way. Once they collected your card IDs they generally exchange and sell them on hackers sites/forums. Quote
Corey Posted July 14, 2014 Author Posted July 14, 2014 Have you claimed your money back through CC chargeback? Also all a company needs is the long number on the front name on card and expiry to make a charge. The 3 digit ccv number on back isnt essential so think back to who you may have given such info to. From that screenshot malware bytes hasnt picked up a keylogger that i can see..I suspect a phising scam where the toolbar may have redirected you to a spoof website where you have put your card details in. Yeah I disputed the charges already so I won't have to pay for any of them. It just bothers me that it happened to all 3 of my cards so fast. The toolbar was accidentally installed months ago and I removed it as soon as it happened ( obviously not all of it ). I know better than to put my credit card details in a site unless I am making a purchase so the redirection to a spoof site is little unlikely especially since all 3 of the cards information was stolen. Discover.com will let me create a virtual CC number for a one time use. I'm not sure if your CC issuers have anything like that. I checked last night I did not find any virtual credit card information. Struggling against frauders is part of my job everyday... There are several ways for them to get your information. And getting the info on your pc is only one way. Once they collected your card IDs they generally exchange and sell them on hackers sites/forums. So i guess its possible I had them stolen awhile ago and they are just now being used by these frauders? Would make sense since it all happened at one time. I appreciate all the help guys Quote
Leader RedBaird Posted July 14, 2014 Leader Posted July 14, 2014 this is all that has been found on my computer. so I cant really say if they are keyloggers or not. the 3rd one is kind of weird since I don't have google chrome, but I may have had it installed at some point. I think some of those are pre-installs for when you might be running other browsers. http://en.wikipedia.org/wiki/Browser_hijacking makes for some scary reading. My own accidental experience was with Conduit. I am glad that I used a third-party malware remover as one warning in the wiki article is that the Conduit uninstaller may remove not just its own files, but also Windows boot files. That sounds as vicious as a malicious ex-lover! Incredibar sounds much worse. It comes in many flavors with different names. It is not to be confused with the "Original IncrediBar Milk Chocolate Peanut Butter Bars". ADDED: searching for the "dlnembnfbcpjnepmfjmngjenhhajpdfd" from the Incredibar PUP (Potentially Unwanted Program) in your screenshot shows links to s3.amazonaws.com, Amazon's 'Cloud service'. It seems that someone had parked malicious packages there at one time. Some Security programs reportedly detected Trojans and other malware inbound from there with that gibberish as part of the address. 1 Quote
Corey Posted July 14, 2014 Author Posted July 14, 2014 wow that is kinda scary. thanks for the info Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.