Debit Card Hacked

Our Walmart Debit Card has been locked because they noticed 3 fraudulent charges on the card made by Money Bookers.

Does anyone else know anything about this Money Bookers online payment service?

 

Never heard of them

 

They have attempted to run through a charge for $19-something, one for $29-something, and $16-something. I'm so glad Walmart caught it but now our only money is locked up until they straighten it out.

 

When similar things have happened to me, it was because a merchant's security was compromised and leaked my card data. The merchants who charged my card were victims just as I was.

In one case I was able to figure out which merchant's security was compromised by looking at my transaction history. I narrowed it down to four or five likely candidates, and each time I replaced my card I made it a point to use a couple of them but do nothing else with the new card. On the last iteration, I used the new card once, and within a day I had fraudulent charges against the new card. I contact that merchant and was told by their representative that their security was just fine and the problem must be on my end. I just forwarded the data and the email messages off to the card issuer and never patronized that merchant again. Whether or not the card company took action I don't know, and don't really care -- my problem was solved.

Monybookers (now Skrill) is a legit outfit based in and regulated by the UK. They're kind of like AuthorizeNet in the US.

 

Hmmm...I iused the card at the hair salon which I haven't done in 8 months. Other than that all the merchants are our same couple of regulars, used habitually.

 

It's not necessarily the hair salon -- it may well show up in the news this week or next month or whatever that some merchant you frequent got cracked. But if it's a small company who's lost on a few hundred cards it might not make the news.

If you're really interested in tracking it down, without access to the card issuer's database and the evidence it contains (like "cards charged by this merchant have an unusually high level of fraudulent charges for merchants in that sector") and don't mind spending a few extra bucks to do it, a handful of prepaid cards will get you there. If it's just a few merchants you suspect, grab that number of prepaid cards and use each at only one merchant, the same merchant each time, e.g. card number ending in 0001 is used only at the hair salon, card ending in 9998 is used only at Target, etc. The one that gets hit with a fraudulent charge will only have been used at one merchant so the correlation is proof.

I do silly things like that because information security is a big part of my job so I find it interesting enough to waste small sums of money on it. I keep hoping that some day some legislators will get around to making credit card security the credit card industry's problem, rather than allowing them to shove the liability off on consumers and merchants as they do now. I don't really expect to live that long, but I hope for it just the same.

 

Wow, that's interesting. Pretty smart thing to come up with.

 

Walmart Money Card is reversing the fraudulent charges made to our account, BUT it will take TWO WEEKS for our new Debit Cards to arrive. INCREDIBLE.

The charges were listed as "Money Broker" while they were pending and then Skrill.com after Walmart paid them. There was also a charge Walmart denied. They paid out $67 in fraudulent charges and denied another transaction for $37 more.

Asshole scammers picking on disabled and poor people.

Two Fucking Weeks from today, Wednesday, and it's already been locked since Sunday.

Thankfully, we has my hubby's sister letting us use one of her credit cards or we'd be starving right now.

 

why don't you use a reputable bank with a teller that will just issue a new card?

like in Canada .......are they paying interest during this time?.

 

We can't use a reputable bank. Our banking history sucks.

It's Walmart Visa Debit, pre-paid credit cards, or stuffing it under the mattress which sucks because you can't pay any bills on line.

 

I didn't mean to pry.....I shouldn't have asked.....

I joke that I could leave my i.d. at a identity thieves party and they wouldn't take on account no one wants to be me


except me

 

It's okay. You know me. I'm pretty open about what is.

 

Has anyone figured out how it got hacked?

 

No, they haven't.

Someone is using it online with that Skrill.com payment site.

 

Have you used it online?

 

Yes, we use it alot to pay utilities and buy from Amazon, and a few other places like the vape store and stuff. We haven't used it online for any new places - just the regulars.

I'm kind of thinking it had something to do with the hair salon. I haven't been in 8 months. This time she slid the card in a laptop and said that their credit card machine had suddenly stopped working a few weeks prior. I notice the charge came through with another salon name on it...probably a salon the owner had previously, under another name.

That's the only new and weird thing that happened with the card and it happened on the same day that the fraudulent charges started happening.

 

Scan your system, you could have a keylogger... Or that laptop did. Use Malwarebytes and SUPERAntiSpyware, both available free, and scan for viruses also.


Keyloggers are malware that look for things like card numbers, bank account numbers, passwords, etc. and then send them back "home" for the criminals to use.

 

Not using the "new paypal". One pita good enough for me

 

Get a new card number / new card. You can also tell the bank about it and ask them to block payment authorizations from the offending merchant.

 

yeah, ... it's scary to think about. pretty much anything could act as a keylogger, any program that listens for keyboard events is pretty much already a keylogger, the only thing that seperates an actual keylogger is the fact that keyloggers obviously log the events and have some type of mechanism to steal focus so they can pick up events from other clients. logging mouse events and cursor location is probably trivial too. the name for such a program described is a trojan horse, because it runs under the guise of a seemingly legit program, and possibly forks a malicious process disguised to look like a legitimate system daemon process.

i don't have a lot of faith in anti-malware programs. i will explain why. it seems like they can be pretty decent at finding sketchy things that they know about or have heard of, but what exactly would it look for to find a keylogger or something similar? this type of program really isn't very much different from an potentially legit program, the intentions are just different. Nortan 360 freaks out about some very simple programs that i've written when compiled and run in windows. It says it recommends removal, but i really think it says this mainly because it's never seen the program before and it's not in it's database. The previous may not apply to some other types of malware. Also, once a windows OS's (or any OS's for that matter) configuration is FUBAR'd anti-malware isn't going to do much good, cuz once the windows registry is trashed there's no way good to magically reconfigure everything to work 100% right again. ... and i wouldn't touch the Windows registry with a 10-foot pole.

Luckily malware is pretty much unheard of here, and most problems i have are exclusively my own doing ... but it's worth mentioning that "proper" trojan horses are designed to be undetectable, and need not use more than a tiny amount of memory or cause any type of performance hit that would be a sign of malware. "Good" malware is silent, it's purpose isn't to "fuck yo shit up", but to go undetected so you don't find it and wipe it out.