Skimming device found on gas pump

[poster formerly know as Silverbullet]

Another thing about cash that does not seem mentioned often is it is 100% not going to be replaced ( ok maybe they catch the thug) like in that sliding incident.

As far as discover goes there was a fraud case with a company that has been sued the AG in Delaware, New Jersey and I think PA. Well the guy who ran most of them was just featured on the News going to jail.

I will be darned if Discover would reverse that charge. I should have pursued it further, but I think discover broke more than a few guidelines. One I know is that no contract is valid in cases of fraud or deception. That was proven by various documents I sent and still.

Suffice to say people scammed by the same guy have seem to have much better results with visa/mc.

Lucky for me I was such a pain in the neck to the company that they gave me my money back.

[oldgraygeek]

Lucky for me I was such a pain in the neck to the company that they gave me my money back.

This is one of the most important responses to fraud.
Both scammers and "legitimate" companies know that many victims will not try very hard to get their money back. A single complaint usually gets no results, and then most people give up.

One credit card scammer recently charged millions of people 99 cents each. Less than half of the victims even noticed, and fewer complained.

[Lumspond]

Also you will have better luck with a credit union than a bank. I recently had a fraudulent charge of $1571 charged to my debit card. My money was returned, but as OGG mentioned, it took two weeks and was a pain in the @@@.

[Capnball]

Not necessarily an inside job, usually it isn't. (I make my living in card fraud detection) The skimmers target the weak locks on the pumps where they can easily attach the data miner (skimmer). In the past 5 years or so there has been a push to get the C-Stores to change the cheap cabinet style locks that are commonly used on the pumps to a more difficult to pick vending machine style lock. Some have made the change and some have not. Even the ones who have upgraded sometimes get hit. The largest issue today isn't the skimming as it was this case, but malware attacks. The malware is designed to scrape the memory at the time the card is swiped (merchants don't keep the full track information permanently, its only held in memory for a few seconds until the authorization process is completed) There is nothing physical attached to the actual terminal where you swiped your card it is happening at a virtual level. I'll say this... if you have used your card at a local national tool chain store located in University Plaza since (roughly) May through Mid July check your statements closely It is suspected that at least 280 of this chain's 400 stores nationwide may have been infected with this malware. I've seen the resulting fraud from this attack, but I have not yet seen any evidence that I confirm that the Delaware store had been breached This tool store chain isn't the only one to suffer this attack either. So far this year 3 Grocery Store chains in the mid-west and west have been hit with an earlier version of this malware. The compromised card count from just one store chain was 2.4 million. This happens everyday, you just don't know about it as it isn't widely reported. Some data breaches are large and some are not, but it happens everyday and in all honesty, there isn't much the consumer can do to prevent it. We do what we can to detect it and end it as quickly as we can but we can only do so much without interfering with your use of your card. You are protected from fraud by Regulation E but it is a pain to work with some banks when this happens. But I can tell you that is getting better because this happens now so frequently the banks are getting better at reimbursement procedures.

[groundgrid]

99% plus of all my spending is done with my AMEX card, even just buying a soda at WaWa. I seldom carry more than $20.00 in cash. Card has been physically stolen, numbers stolen & probably skimmed. Never more than 2 minutes on the phone to straighten it out. Just had a problem with some fraudulent PayPal charges this week. New card sent overnight with Saturday delivery. They have a 100% no fraud liability policy.

Amex needs to be paid in full every month so it doesn't increase my debt level. IMO much more convenient than needing to withdraw cash and much safer. Not having cash or valuables on your person is a complimentary safety policy to being armed. I will never be seen making a large bank withdrawal or with a wad just after payday.

Some say that they don't want to leave an electronic trail of their spending. In my case it proved to the IRS that I am constantly on the road for work.

[Cbmarine]

@groundgrid, you just reminded me of my favorite bumper sticker: "Fight Organized Crime - Abolish the IRS!".  Now is the time to follow Rahm Emmanuel's advice: Never let a good crisis go to waste.  Start with Lois Lerner. Oops, did I 'jack the thread? Mea culpa.

[seniorgeek]

--Do all your online banking/credit card management on a secure platform like a Mac, iPad, or iPhone. I fix PCs for a living, and I could type horror stories all day about compromised Windows machines leading to identity theft. Macs rarely catch malware; iPads almost NEVER do. PCs and Android phones/tablets are not secure, and they cannot be made secure.

All this is correct. I use Linux on all my computers which is even more secure than Macs, or any smart phone.

[Adrenolin]

I've lived and breathed various Unix OSs since the early/mid 80s and Linux since 92, though try and stay away from all that these days. Just to be clear.. Macs and Unix/Linux systems aren't necessarily any more secure then the MS OS, and most default Linux system installs can actually be compromised quite easily in a number of ways. Without a doubt the *nix systems can be secured much more tightly but few distributions default to such a secured level from install and most users (including so called professional Admins) really understand how to secure a system.

The reason the MS systems have so many more issues is simply because the chances are 10,000 to 1 that a person has it installed on their PC over a Mac or *nix system. Hence almost all attackes and coded to work on the MS system. The shear numbers of Microsoft installs outweigh the others so much so that it simply makes sense to attack them.

I went 11 years without and flat out refusing to use MS systems before most people knew anything different from DOS and WinBlows (sorry.. Couldn't help myself).  Hands down best home solution is a pure Debian install IMO with virtual machines installed on it. Still miss my SCO Unix days...

[oldgraygeek]

I've lived and breathed various Unix OSs since the early/mid 80s and Linux since 92, though try and stay away from all that these days. Just to be clear.. Macs and Unix/Linux systems aren't necessarily any more secure then the MS OS, and most default Linux system installs can actually be compromised quite easily in a number of ways. Without a doubt the *nix systems can be secured much more tightly but few distributions default to such a secured level from install and most users (including so called professional Admins) really understand how to secure a system.

The reason the MS systems have so many more issues is simply because the chances are 10,000 to 1 that a person has it installed on their PC over a Mac or *nix system. Hence almost all attackes and coded to work on the MS system. The shear numbers of Microsoft installs outweigh the others so much so that it simply makes sense to attack them.

I went 11 years without and flat out refusing to use MS systems before most people knew anything different from DOS and WinBlows (sorry.. Couldn't help myself).  Hands down best home solution is a pure Debian install IMO with virtual machines installed on it. Still miss my SCO Unix days...

Agreed. The security in Macs is partly architecture, partly the much more homogeneous environment, and mostly the relative popularity of Windows. (The bad guys have adapted well to the Windows 6.x "User Account Control" by writing most malware to infect only the logged-on user, and this has been very effective).

All of my income is generated by Microsoft products. I remember worrying, when Vista came out, that I might need to find another line of work... but business is better than ever.

As for *nix, I think it's better in the same way it's better to put your own hand-assembled engine in your car. It would be an improvement, but 99.9% of owners can't or won't figure it out.

[seniorgeek]

@Adrenolin and @oldgreygeek, I retired from NASA (Feb. '11) as the IT security manager for the Advanced Engineering Technology division.
We averaged at least 2 to 10 legitimate attacks a day from multiple countries on our servers, routers, and firewalls. I my 7 years there we never had a successful break in or hack.
We used Linux servers for all our critical data such as launch control, rocket data, etc.
If you are a seasoned IT security veteran Linux is the only good answer,

I agree I like Debian releases and prefer Ubuntu for myself. I also find with some training most user can operat e and be very comfortable with Linux based systems if the correct windows manager is installed.

PS. I still do some IT security consulting on a contract bases.

[jack44]

Regarding lost or stolen ATM cards:

We recently had one of our ATM cards stolen and used for ~500.00. We had no trouble recovering it. We were told the law has changed to require banks to cover such charges. Here is a link to the FTC, which explains it.
http://www.consumer.ftc.gov/articles/0213-lost-or-stolen-credit-atm-and-debit-cards

[ESPMan]

I had my debit card skimmed, and found out they purchased two tickets to the London Olympics last year. Had to go through the motions, paperwork, proof, etc., but in the end, my money was returned. The best lesson to take from any of this is to keep a very close eye on your expenses, and if something looks even slightly suspicious, question it and run it to the ground. i check my bank account now at least once a day, and one thing I have noticed about technology is that the easier for us it is to check our finances, the less we do it, and that can be a bad habit to break.

[Adrenolin]

Regarding lost or stolen ATM cards:

We recently had one of our ATM cards stolen and used for ~500.00. We had no trouble recovering it. We were told the law has changed to require banks to cover such charges. Here is a link to the FTC, which explains it.
http://www.consumer.ftc.gov/articles/0213-lost-or-stolen-credit-atm-and-debit-cards

Great link and while things have improved its still the same.. They just extended the days for debit. The majority of the time the physical card will not be lost, its your account info and this leads to the electronic theft. So instead of just a few days, now (since last year) you loose only $50 if you notify the bank within 2 days. Between day 3 and 60 its $500 you're out at most and after 60 days you're simply SOL. While most people should check their accounts at least every 60 days I sure there are those who don't and honestly I have no sympathy at that point lol.

It is certainly better that it was just 2 years ago. Still, that $50 and especially the $500 hit would suck. With all the fraudulent charges I've seen or been notified about on my credit cards I'll stick with credit. I've never been held accountable for a single cent.

I remember a few years ago MC called my about a charge at Disney, CA. I said it wasn't me as I was in Canada on the east coast and provided 2 charges I'd made for gas and lunch that day. They issued a full refund on the spot, told me to continue using the card and they would overnight replacement cards to me. Being Friday afternoon, international shipping, etc it was the following Tuesday when I received the new cards. When I called to activate it I was told they had already been activated and about $4500 charged to it! So they cancelled the new cards and charges, told me to continue using the first one and I had another new set overnighted to me again which turned out to be fine. When activated the first card was automatically canceled and I was told the had canceled over $10k in transactions from CA. Never heard if they caught anyone or not.