Loading...
> >

Secure Transactions?

ExpozuresExpozures Posts: 233
in The Commons

So, twice in as many months, my credit card and debit card have been compromised.  First time, there was a purchase on my Visa Debit card for Canadian Tire.  Cancelled that card, changed all my passwords everywhere, purged any card history from any sites that use them.  Then just the other day, I had a hit for some store in Tokyo on my credit card.

The only places I've used either my credit card or my debit card online to make purchases were through the Daz store, Renderosity, or Render-hub.  Everywhere else is exclusively with the credit card (all my subscriptions, etc).

So, my only thought is it's coming from one of these three places. :/  I've looked into privacy.com, and unfortunately it's only available in the US.  I'm in Canada.  Anyone else have any recommendations for using secure transactions for purchases?  One of these sites is compromised...

Comments

  • robertswwwrobertswww Posts: 793

    I also use all 3 of those sites, and have not had any incidents... knock-on-wood.  One thing I never do, is to have a site remember my credit card number, because if they get hacked (or have an unscrupulous employee), they will have my CC info.  I always type in my CC number manually... every single time.  Also, I do not allow my web browser to remember my credit card number, because if a security hole is discovered in the browser, your CC number could be compromised.

    Another thing I do is use PayPal with 2-factor authentication... PP will text me an authentication code.  I have only used Payapl on the sites that start with "R" and I have only used my credit card on Daz, so you should be able to rule out Daz (unless you store your CC number with them).  Hope you can narrow down the security leak you're experiencing.

  • mwokeemwokee Posts: 1,275

    It's not just the site, it's the connection. Were you using wifi at McDonald's, hotel, or airport. Scammers set up fake hotspots.

     

    If you buy fast food and they disappear with your credit card for five minutets, they may be taking pictures of the card with a cell phone. People install skimmers on gas station pumps, Google to see what a skimmer is.

     

    There are many ways to get compromised.

  • Richard HaseltineRichard Haseltine Posts: 102,218

    Also, of course, do some scans for malware on your system.

  • SevrinSevrin Posts: 6,309

    Cards can also be cloned using RFID scanners.  There's literally no way for the average person to know how this happens.  In addition to being careful online, RFID blocking wallets or gizmos can be handy.  The gizmos aren't without problems though.  After having one next to my credit card for a couple of years, I can no longer use my CC to tap-to-pay and have to key in my PIN for even small transactions.  I got it after having my CC compromised twice in one year, and based on the locations of the fraudulent purchases, I'm fairly certain that the card was compromised locally, in meatspace.

  • PerttiAPerttiA Posts: 10,024

    I use prepaid Master Cards, activating them just before using them and once they are used, the money on them is gone and nobody can link them to my accounts or even me.

  • ExpozuresExpozures Posts: 233

    Would be nice if credit cards had MFA for all purchases made online...  Allow certain billers (like registered subscription services) to validate, but for irregular puchases require authentication.

    I do keep a clean ship on my PC.  Don't save any of my cards anywhere it doesn't force me to, don't have my cards autocomplete.  I also have a password manager, and use a randomly generated secure password for every site.  I don't use unsecured wifi when I'm out and about.  I've got more than enough mobile data on my plan that it can handle using mobile data when I'm not at home.

    I did get hooked up with a couple of sites (for any other Canadians out there) called Wise and Koho that you can transfer funds into and use as virtual credit cards for sites.

    I'm fairly confident that it didn't come from some malware on my system, but rather from some compromised online store, and the only thing I can think of is the only stores I have used both my debit and credit cards on are the three 'big' asset sites...and maybe one ejuice site I've used regularly...and going forward wtih them I'll probably use e-transfer instead of credit.

  • SevrinSevrin Posts: 6,309

    Do you ever go out in public while carrying your credit cards in an unsecure wallet?  That's all it takes.

  • ExpozuresExpozures Posts: 233

    I do...yes...that I take for granted, but I live in an older farming community.

  • caravellecaravelle Posts: 2,484

    robertswww said:

    I also use all 3 of those sites, and have not had any incidents... knock-on-wood.  One thing I never do, is to have a site remember my credit card number, because if they get hacked (or have an unscrupulous employee), they will have my CC info.  I always type in my CC number manually... every single time.  Also, I do not allow my web browser to remember my credit card number, because if a security hole is discovered in the browser, your CC number could be compromised.

    Another thing I do is use PayPal with 2-factor authentication... PP will text me an authentication code.  I have only used Payapl on the sites that start with "R" and I have only used my credit card on Daz, so you should be able to rule out Daz (unless you store your CC number with them).  Hope you can narrow down the security leak you're experiencing.

    Very good advice. After my credit card was compromised once, I do almost exactly the same. My two basic rules for shops like Daz or the 'Rs': Pay by PayPal (although I hate PP), don't save a credit card number in the browser or anywhere else. So far - knock on wood - it has worked.

Sign In or Register to comment.