Jump to content

Recommended Posts

Posted

So over the past month I have had 2 different credit cards and a debit card incur an international charge of $49.50. All of them coming from a different  fake websites setup to look like customer service sites. I googled one of the websites ( HCINCSUPPORT.COM ) and I am not the only one getting hit from this supposed company. After the first card was hit I thought it was a travel agents fault in their email security since i sent them my credit card info. So i just blew it off got a new card. A week later my second credit card was hit for the same charge. This past week my debit card was hit for the exact international charge from a phony website. I contacted the company and they told me I ordered some weight loss supplement and they even had my address with the order.

 

I ran a malware bytes scan after the 2nd fraud charge and found 3 malware from an accidental install of a toolbar (incredibar ) and got rid of that. I used my debit card ( 3rd fraud charge) a day before i ran the scan so maybe they got the info?

 

 

Does anyone have any recommendations on what I should do? Am I safe now that the malware has been removed? Was that the cause in the first place?

 

 

I mean I have all new cards now and I have ran malware bytes and virus scans multiple times and they aren't coming up with anything now.

 

Thanks for any information or advice.

 

 

 

 

 

 

 

Posted

Best advice? Cancel all credit cards. Re-apply for two. AND TWO ONLY! One for emergencies and one you use regularly. Pick the ones with best reputations for fraud protection.

 

Just an example, my emergency card is a bank affiliated card. My primary card is Discover mainly for the cash back rewards, but their fraud protection is outstanding. Today is a perfect example..... I am traveling in Florida to the beach from Texas..... they (Discover) have tracked my charges and called me to verify I am traveling and making these purchases.

 

Feel very secure....... except when DD or Dirt get ahold of my PayPal info after a donation. ;)

 

Want to minimize your debt? Pay off that regular credit card EVERY Month.

 

Don't live beyond what you can afford.

 

Sorry it turned into a financial soap box moment, but I am big on financial independence.

 

Greets from Miramar Beach!

  • Like 3
Posted

I do same exact way doc..discover my use card-pay off every month..get the rewards..I also have life lock-mostly cuz my house is paid off and someone could take loan or line of credit using your home as colateral .. I remove that incredibar thing from a persons PC a few weeks ago..always check when u download any software or update to uncheck those boxes for addons.I've noticed they are also getting sneeky and putting addons that look like a next screen u have to hit decline or skip to move to next screen to not add it

  • Like 1
Posted

As far as I know when its debit card with chip and code verification its pretty hard to copy it(not to say very rare). If it works on magnetic strip and with signature verification then the magnetic part can be copied pretty easiliy in resaurants, shops, ATM etc. So when traveling, have to be extra careful. Usually the copied debit card is used far from your home, so its wise to close your debit card for transactions made in foreigh countries, ofc if you are not frequent traveler.

If you mean by debit card bank transactions accessed by PSWD and codes, then I think you have to change on clean system your PSWD for starters. And I guess keylogger and screen capture can retrieve enough info, so I´d suggest dual boot(see next paragraph). Theres also the possibility for middle man attacks, so when paying\ accessing your bank check the earth sign on address bad and tap on "more information" in firefox it should tell you if you are visiting "mybankaddress.com" or "mydankaddress.com". And in lifetime I won´t trust any antivirus to secure my system, if it has found some keyloggers or more harmful I´d feel safe only by doing low level format with MBR deletion as some nasty malware can write themselves in hidden parts of HDD and even "only" clean installation of OS can´t get rid of them. If you are going for it then take backups first and check your HDD manufacturer for HDD software.

 

About security then I´m using 2 different systems on PC: one for everday usage(Win) and 2nd for secure usage(Linux), then theres little chance for cross contamination as they use different file systems and you are not accidentally DL viruses to secure system as you use it only to surf to secure locations with default browser....

Also don´t you guys have "virtual credit card", it can be opened for only internet buyings? Or yes as suggested above ask different banks for their antifraud measures.

I´m not an expert but at least I hope its any use for me and anyone else. Better ideas? Bring it on...;)

  • Like 2
Posted

Echo what doc said. I have 3 cards: debit, shared card with my wife, and my "working" CC. 99.9% of the time, I use my working card. If it's something my wife normally takes care of, I use her card — which is her main card. I *only* ever use my debit card at ATMs, and only those that I've checked for card-skimmers or other sketchy signs. My wife and I pay off both our cards each month and when we travel, we let the company know.

 

They have a good fraud detection unit — at an airport once, the clerk fat-fingered a $4.95 charge into $495. It never went through, however, because my company called me up as soon as they saw the charge. They called me because it was outside my normal pattern. When I was doing work in Taiwan, I'd sometimes get calls at 3AM because they saw my card used halfway around the world from my normal address. Also, if you're paying for stuff online, make sure the site is using SSL encryption, with a valid certificate, and has been  verified by something like Verisign, etc.

  • Like 1
Posted

 

Greets from Miramar Beach!

 

I actually just left Miramar Beach yesterday :D Stayed at some house in the Maravilla resort. Hope you have fun there! I suggest eating at McGuire's Irish Pub if you haven't had it before.

 

Thanks for the information. I don't actually have any credit card debt. I pay them off immediately each month. I'll have to look into the security features of my cards but I have Capital One and Visa.

 

 I remove that incredibar thing from a persons PC a few weeks ago..always check when u download any software or update to uncheck those boxes for addons.I've noticed they are also getting sneeky and putting addons that look like a next screen u have to hit decline or skip to move to next screen to not add it

 

Yeah it happened by accident a while back. I'm actually surprised it still had pieces of it on my PC. Do you think its possible that's how my information was stolen?

 

 And in lifetime I won´t trust any antivirus to secure my system, if it has found some keyloggers or more harmful I´d feel safe only by doing low level format with MBR deletion as some nasty malware can write themselves in hidden parts of HDD and even "only" clean installation of OS can´t get rid of them. If you are going for it then take backups first and check your HDD manufacturer for HDD software.

 

 

 

1DsyTBu.png

 

this is all that has been found on my computer. so I cant really say if they are keyloggers or not. the 3rd one is kind of weird since I don't have google chrome, but I may have had it installed at some point.

Posted

Incredibar kept redirecting the persons explorer homepage and search so bad they barely able to use the pc....unsure if to do with you're credit issue..its a nasty adware or something..

  • Administrators
Posted

Let your bank know, they will change your cards also change all pins. Call your credit bureau and they should have an option where they flag any suspicious activity there and let you know right away. Don't use credit cards or debit cards unless absolutely necessary. Always carry cash with you.

  • Like 2
Posted

Discover.com will let me create a virtual CC number for a one time use. I'm not sure if your CC issuers have anything like that.

Posted

"I actually just left Miramar Beach yesterday :D Stayed at some house in the Maravilla resort. Hope you have fun there! I suggest eating at McGuire's Irish Pub if you haven't had it before."

 

I stay every year at Edgewater Condo.

 

 

 

 

  • Like 1
Posted (edited)

Have you claimed your money back through CC chargeback? Also all a company needs is the long number on the front name on card and expiry to make a charge. The 3 digit ccv number on back isnt essential so think back to who you may have given such info to. From that screenshot malware bytes hasnt picked up a keylogger that i can see..I suspect a phising scam where the toolbar may have redirected you to a spoof website where you have put your card details in.

Edited by aky101
Posted

 

Yeah it happened by accident a while back. I'm actually surprised it still had pieces of it on my PC. Do you think its possible that's how my information was stolen?

 

 

this is all that has been found on my computer. so I cant really say if they are keyloggers or not. the 3rd one is kind of weird since I don't have google chrome, but I may have had it installed at some point.

 

Struggling against frauders is part of my job everyday... 

There are several ways for them to get your information. 

 

And getting the info on your pc is only one way. 

Once they collected your card IDs they generally exchange and sell them on hackers sites/forums. 

Posted

Have you claimed your money back through CC chargeback? Also all a company needs is the long number on the front name on card and expiry to make a charge. The 3 digit ccv number on back isnt essential so think back to who you may have given such info to. From that screenshot malware bytes hasnt picked up a keylogger that i can see..I suspect a phising scam where the toolbar may have redirected you to a spoof website where you have put your card details in.

 

Yeah I disputed the charges already so I won't have to pay for any of them. It just bothers me that it happened to all 3 of my cards so fast. The toolbar was accidentally installed months ago and I removed it as soon as it happened ( obviously not all of it ). I know better than to put my credit card details in a site unless I am making a purchase so the redirection to a spoof site is little unlikely especially since all 3 of the cards information was stolen.

 

Discover.com will let me create a virtual CC number for a one time use. I'm not sure if your CC issuers have anything like that.

 

I checked last night I did not find any virtual credit card information.

 

Struggling against frauders is part of my job everyday... 

There are several ways for them to get your information. 

 

And getting the info on your pc is only one way. 

Once they collected your card IDs they generally exchange and sell them on hackers sites/forums. 

 

So i guess its possible I had them stolen awhile ago and they are just now being used by these frauders? Would make sense since it all happened at one time.

 

 

 

I appreciate all the help guys

  • Leader
Posted

 

 

 

1DsyTBu.png

 

this is all that has been found on my computer. so I cant really say if they are keyloggers or not. the 3rd one is kind of weird since I don't have google chrome, but I may have had it installed at some point.

 

I think some of those are pre-installs for when you might be running other browsers.

 

http://en.wikipedia.org/wiki/Browser_hijacking makes for some scary reading.  My own accidental experience was with Conduit. I am glad that I used a third-party malware remover as one warning in the wiki article is that the Conduit uninstaller may remove not just its own files, but also Windows boot files. That sounds as vicious as a malicious ex-lover!

 

Incredibar sounds much worse.  It comes in many flavors with different names.  It is not to be confused with the "Original IncrediBar Milk Chocolate Peanut Butter Bars".

 

ADDED:  searching for the "dlnembnfbcpjnepmfjmngjenhhajpdfd" from the Incredibar PUP (Potentially Unwanted Program) in your screenshot shows links to s3.amazonaws.com, Amazon's 'Cloud service'.  It seems that someone had parked malicious packages there at one time. Some Security programs reportedly detected Trojans and other malware inbound from there with that gibberish as part of the address.

  • Like 1
Posted

wow that is kinda scary. thanks for the info

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.