Credit Card Fraud

[appleman_thai]

Hi,

Last week I purchased flowers online using the link from the mainpage on thaivisa.

http://www.forever-florist-thailand.com/

However, since then i have had a number of unauthorised uses of my credit card in Australia. ( l live in Ireland)

I've used my card online for years without any problems - maybe its a MAJOR coincidence that these fraudulent uses happened the day after buying the flowers.

However, I think if you guys have some affliliation with the company who takes the credit card details that they should be checked out.....

PS - the flowers arrived fine so maybe the flower company arent even aware of the fact that someone is snooping on them.......

[Chaimai]

Hi,

Last week I purchased flowers online using the link from the mainpage on thaivisa.

http://www.forever-florist-thailand.com/

However, since then i have had a number of unauthorised uses of my credit card in Australia. ( l live in Ireland)

Suggestion - email Forever Florists about this. I have used them on several occasions and they have been very good.

[dave111223]

Did you enter the Credit card directly on the company's website? Or did it transfer you first to a credit card processing company website (such as Paypal, Google Checkout).

If the latter then it is unlikely this is the source of the fraud, if the former then chances are much higher.

[Guest Reimar]

I'll move this topic to Support Forum because: 1. isn't really computer pp. related and 2. Support should take a look at it as well.

///MOVED///

[Forever Florist Thailand]

Dear Appleman_Thai & ThaiVisa Members

We take credit card fraud with the utmost seriousness which is why we invest heavily in making sure the payment processors we use are the most secure available online and that they use the most sophisticated technology available. The two payment processors we use are 1. Barclays Business EPDQ (Part of Barclays Bank PLC) and 2. PayPal (www.paypal.com) (The same payment system which powers ebay) both which use 128-bit encrypted technology and are industry leaders in online payment processing solutions.

Further to this we have the industry leading security cerificate, Verisign. By achieving the Verisign certificate we have demonstrated to Verisign we have met the security standards set by Verisign (the world leader in internet security payment technology) and as such they have provided us with their security certificate. Further information can be found regarding the security standards Verisign ensures its members follow and maintain at www.verisign.com to keep the Verisign Security Certificate. Our Verisign security certificate can be viewed by clicking on the padlock in your browser when you are on our payment page (the page where you enter your card details) and/or can also be independently verified by contacting Verisign directly.

As part of our further commitment to payment security we also are members of Verified by Visa and MasterCard SecureCode which provide further anti fraud facilities which we have optionally integrated into our payment to ensure our customers details are handled in the most secure way possible. Members can find further information about Verified by Visa and MasterCard SecureCode on their respective web sites.

Finally we do not store any of our customer card details or personal information under any circumstances which ensures we cannot be victim to any hackers or loss of customers sensitive details in any way. All details are destroyed immediately after the customers purchase is completed to ensure the maximum security and we recommend that all members check with any online retailer they are intending purchasing from that they follow this proceedure before they order.

If any members have any further questions or concerns regarding Forever Florist security or privacy policies please do not hesitate to contact our Managing Director Mr Richard Smith ( richard (at) forever-florist-international.com )

Forever Florist Thailand Management

[TopDogger]

PS - the flowers arrived fine so maybe the flower company arent even aware of the fact that someone is snooping on them.......

Might have been a good idea to let them know before posting this?

[WilliamLavel]

I must say I am very disappointed that people are so quick to spout conjecture about legitimate merchants with no proof whatsoever. I have used this company on a number of occasions with no problem at all. When are people going to learn that the Internet is one of the safest places to use a credit card (providing that the site has a valid security certificate etc.). Details are far more likely to be obtained when buying something over the phone as you call them out (Not encrypted) or someone with a camera phone in a shop or the shop assistant(also not encrypted).

PS - the flowers arrived fine so maybe the flower company aren't even aware of the fact that someone is snooping on them.......

. Is it not far more likely that the details could have been "snooped" by a program on the users computer or maybe even over a trusted WiFi connection than by someone hacking into a web server reverse engineering a security certificate. I think that the poster should have considered these things before making people wary of shopping online. After all it does give us all a competitive market place and gives the little guy just as much chance as the big boys.

[loganberry]

I strongly disagree with the remark of the internet being a safer place to use your credit cards. The additional comment about the so-called "Security Certificates" is a complete misguided joke fooling consumers. Regardless of your encryption depths (128 bit +), any communication line can still be broken into by any person knowing well enough what to do. It is the reason that us security professionals get paid so well... because if not we would be tempted to use our own tricks to do exact what we are supposed to be preventing. I security certificate CAN be beneficial, but security certificates usually only test you communication lines once every 24 hours... and if it passes then you are issued an OK. Outside of that, anybody could have entered and manipulate the line within that 24 hours and left without the software knowing it. Only a true human professional could see the traits and they don't use them.

As for the establishments you use your card at, only their Human Resource efforts will ever make a difference in credit card fraud. It eventually all comes down to the type of people working there and hopefully you don't have a behind the scenes criminal working the counter. You could be at the Shangri-La Hotel and still be ripped off... and I have done simulations to witness how easy it can be.

On top of that, some people talk about the RFID chips and info. storage chips held in some cards nowadays. They do not work in Thailand and have no such effect as they intented. The RFID still has a long way to go in terms of privacy protection. There is really no concrete way to protect yourself from fraud unless you just start using cash and walking into the bank for withdrawals. The banks WOULD make it right but the fact is that it is cheaper for them to keep it as it is and absorb the costs instead of investing another 1 billion dollars into making it full-proof... for at least another few years.

Edited November 9, 2008 by consultingasia