credit-card leeches attach slimy tentacles to my BB card

[orang37]

My Visa debit card on Bangkok Bank got hit tonight; I was alerted by two SMS message from the bank (or Visa ?).

My first reaction was: "this can't happen to me ... I ... pause for emphasis ... am a programmer" And, the two payments (that I have a record of) were made ... supposedly made ... to two web-based companies. And, that can't happen to me because I use several layers of virtual condom software around my little work-station, around my browser, and nobody except a quantum magician, a Guccifer, or a Snowden, could hack into said work-station.

After five seconds of swishing that around in my mind to assess the levels of tannin and top-notes of decaying durian ...

On the phone to BB's Visa service number ... and then ... yet another exhilarating adventure in Amazing T.

You already know what happened, if not the exact number of different operators I spoke to that put me on hold, and then disappeared, to be replaced by another operator ... so I'll spare you the all-too-typical rant.

Credit card is cancelled, already had a direct customer service rep chat with one on-line company that a payment was made to. Second on-line company notified by e-mail.

A friend here was hit by atm withdrawals about two months ago; he had no problem getting a refund back from BB.

There, I feel so much better; 'struth that suffering shared is suffering diluted.

cheers, ~o:37;

p.s. the next question is : how did I get on the mailing list for a dating web-site called ThaiFriendly (site is registered in Panama). answer to that is probably very simple: someone who has my e-mail had their address-book harvested.

[dcnx]

Emails are so easy to aquire, even from boards like this, if you know how to get them. Email lists are bought, sold, and traded among mailers (people who spam mail for a living).

Someone, a friend, could have also entered your email as a joke.

[Aussie69]

you gave your real email address to thaivisaforum?you uses windows?

-1-

This is likely an email/web related hack that could occur to any system.

-2-

Windows, at least one that is kept patched, is no less secure than OSX. You hear about Windows users being effected more because that platform drives 95% of the worlds computers, thus it is the worthwhile target.

[orang37]

And, the good news is: the first unauthorized payment has been quickly reversed by the web-company I had an on-line chat with.

As to the attempt to troll on the tired old theme of which OS is a more secure/insecure: all OS's are potentially insecure, and insecure is as insecure does.

The fact that both unauthorized payments were to on-line businesses (neither one in Thailand) does not absolutely rule out the card details being gathered via skimming at an ATM machine followed by web-research, but it does make that extremely improbable. If I used wi-fi at home, I would be looking at the possibility of someone tapping into that, but that would require physical proximity, and I don't use wi-fi outside the home. And, adding to exclusionary hypotheses, I have never created an account at such digital cesspools as FaceBook, Twitter, and LinkedIn.

The most likely hypothesis (using Occam's Razor) is that there has been a security breach at one of the several on-line services I make payments to with the card. Most often such breaches are a result of a lapse of secure server management by an employee, or a lack of security expertise in setting up an on-line payment system; more rarely, an employee of an on-line service colluding with hackers. However, as we often hear each month, hackers find some new vulnerability in hardware, and/or software.

Facebook just paid US $10k to a ten-year old who reported an unknown vulnerability in Instagram (another neurotoxic hazardous waste site).

https://www.washingtonpost.com/news/morning-mix/wp/2016/05/04/facebook-pays-10-year-old-finnish-boy-10000-for-exposing-flaw-in-instagram/

In any case, the compromise is serious.

May it never happen to you !

cheers, ~o:37;

Edited May 7, 2016 by orang37

[Rob13]

Why would you use the same address for internet forums and banking. Keep your banking email separate from everything else and only give out the address to the banks. And use a Linux USB when doing your banking instead of logging in from the Windows OS you use for forums and internet surfing.

Edited May 7, 2016 by Rob13

[Aussie69]

I wasn't attempting to troll

[Chicog]

Why would you use the same address for internet forums and banking. Keep your banking email separate from everything else and only give out the address to the banks. And use a Linux USB when doing your banking instead of logging in from the Windows OS you use for forums and internet surfing.

And none of that will protect you against:

The most likely hypothesis (using Occam's Razor) is that there has been a security breach at one of the several on-line services I make payments to with the card.

Edited May 7, 2016 by Chicog

[Rob13]

True that, you can't do much about the other guy, you can try to keep your own ass covered though.

Edited May 7, 2016 by Rob13

[orang37]

I wasn't attempting to troll

Sawasdee Khrup, Khun Aussie69,

My wriggle of a little finger towards a little troll was not aimed at you, Sir.

And, I'm happy to see the gratuitous personal insult was removed from the post I wriggled at, although its stench lingers on among the smoke from the poster's crystal ball that told him I use on-line banking, and everything else he mentioned

cheers, o:37;

[orang37]

Better, and better,

Both unauthorized payments have now been reversed; all this without going to a BB branch today..

Someone(s) is on the job besides moi.

Come Monday will be able to determine to what extent I have been impersonated as well as hacked. Since no on-line service I use, and pay on-line, requires a passport id, and I haven't used my passport as id for years ... since I opened bank accounts here ... I regard the probability of that being used somehow as quite low; at the same time, that's a possibility I want to make sure is excluded, as I am sure you would.

I'd like to thank everyone who replied on this thread that did not suggest I strangle kittens

cheers, ~o:37;

[CharlieH]

TROLL and his posts removed.

[menzies233]

Why would you use the same address for internet forums and banking. Keep your banking email separate from everything else and only give out the address to the banks. And use a Linux USB when doing your banking instead of logging in from the Windows OS you use for forums and internet surfing.

Make sure you give all your correct internet and e mail information to immigration when you do your 90 days, then you can be assured of complete security!

[2008bangkok]

This is why best to,use a credit card rather than debit card online.

1. Because a credit card is there money not yours so better to get scamed with the banks money.

2. Much easier to file a charge back or dispute on credit card.

[gandalf12]

I would never use any card online unless I know it is a secure and reputable site

[Chicog]

I would never use any card online unless I know it is a secure and reputable site

I'm quite happy with PayPal tbh.

[obese cow]

"this can't happen to me ... I ... pause for emphasis ... am a programmer"

the level of knowledge displayed here would point you being a html web page coder

[dingdongrb]

I only use my Thai bankcard at ATMs.

I use the same 2 or 3 ATMs all the time.

The ATMs that I use are located right outside of my bank's branches.

I look for card skimmers every time I use the ATM.

I cover the keypad up with my left hand as my right hand is entering my PIN so that curious eyes (or cameras) cannot read the PIN I am entering.

I pay cash for all my purchases..... everything!

I use PayPal for all my online purchases, which is a rare occasion.

[ardokano]

This is why best to,use a credit card rather than debit card online.

1. Because a credit card is there money not yours so better to get scamed with the banks money.

2. Much easier to file a charge back or dispute on credit card.

You talk about what country?

Credit card have with out credit limit. And debit card have with credit limit.

Its only TYPE card.

Charge back not have any difference.

Only difference its when you pay yiur money its be lolded.

But if you charge back not accept. Even if its be not you money you mast pay back. Even its can be with bank fee for period.

[Rob13]

This is why best to,use a credit card rather than debit card online.

1. Because a credit card is there money not yours so better to get scamed with the banks money.

2. Much easier to file a charge back or dispute on credit card.

You talk about what country?

Credit card have with out credit limit. And debit card have with credit limit.

Its only TYPE card.

Charge back not have any difference.

Only difference its when you pay yiur money its be lolded.

But if you charge back not accept. Even if its be not you money you mast pay back. Even its can be with bank fee for period.

Debit card's limit is how much you have in your account, credit card would have a limit set by the bank. Never heard of a credit card with no limit. If you end up in a dispute you're better off having used a credit card . Banks can;t do much if you used a debit card as the money's already gone out of your account.

Edited May 11, 2016 by Rob13

[Chicog]

I don't know about other countries, but in the UK credit card purchases are covered by the Consumer Credit Act, which affords a lot more protection than simple Debit Card transactions.

But like a lot of people, I asked the bank to remove my Debit card from my savings account, so there is absolutely no chance they can try and blame me if one is used to withdraw money from it.

[ardokano]

This is why best to,use a credit card rather than debit card online.

1. Because a credit card is there money not yours so better to get scamed with the banks money.

2. Much easier to file a charge back or dispute on credit card.

You talk about what country?

Credit card have with out credit limit. And debit card have with credit limit.

Its only TYPE card.

Charge back not have any difference.

Only difference its when you pay yiur money its be lolded.

But if you charge back not accept. Even if its be not you money you mast pay back. Even its can be with bank fee for period.

Debit card's limit is how much you have in your account, credit card would have a limit set by the bank. Never heard of a credit card with no limit. If you end up in a dispute you're better off having used a credit card . Banks can;t do much if you used a debit card as the money's already gone out of your account.

Debit card its only type card for payment sistem.

Debit card bank can offered credit limits.

Abd also credit card can be only for used ammount from your card accaunt.

[ardokano]

I don't know about other countries, but in the UK credit card purchases are covered by the Consumer Credit Act, which affords a lot more protection than simple Debit Card transactions.

But like a lot of people, I asked the bank to remove my Debit card from my savings account, so there is absolutely no chance they can try and blame me if one is used to withdraw money from it.

In China as example its sumular.

I even know case when guys cheting bank.

Add few million to account.

Give copy card to friend.

And go to Europe . Afte his friend go Macau and spend money from card.

When he come back to China guy claine not used money.

So Bank mast give back money or give proof it guy used money.

Its happened in 3d time.

Bank get proof and guys arrested.