I hate Cyber thiefs

Tyek · Post by **Tyek** » October 31, 2005, 7:27 pm

I got home from work and I get two emails, The first is someone tried unsuccessfully to use my paypal account. The second email was this one...

We had some difficulty with our website and in particular your order. When the order came through, as a security precaution, it eliminated the credit card information. When we realized what was happening, we asked our service to retrieve the missing info. When they did, they apparently left out a number. The number we have is: Amex: 3, exp. Would you please email me with the correct number – we apologize for the inconvenience. Thank You. Nancy K

The number they had was all correct except 2 numbers were reversed. I called and cancelled the account immediately and have a new number on the way. I am checking with paypal next, but is there anything else I can do. I still have the email, is there a way to track this person. I would love to give them a little surprise. Thanks for any help.

Tenuvil · Post by **Tenuvil** » October 31, 2005, 8:03 pm

I smell a pretty blatant phishing attempt on the part of "Nancy".

kyoukan · Post by **kyoukan** » October 31, 2005, 10:31 pm

No customer service rep at ANY business would EVER ask you to email them your CC#

Call the police or talk to your credit card's fraud dept and give them the email they expect you to reply too. I know a guy that works in a fraud for Visa and a a lot of times they will send the person the correct credit card number (after giving you a new one) and track what kind of purchases they make and where they get sent too. It's probably your best option if you want to get them back.

Canelek · Post by **Canelek** » October 31, 2005, 11:13 pm

Tenuvil wrote:I smell a pretty blatant phishing attempt on the part of "Nancy".

Yup, that is right out of the training courses that we have at Merrill Lynch. They get a ton of folks with this, which is a shame.

kyoukan · Post by **kyoukan** » November 1, 2005, 12:32 am

haha the way you put that made it sound like merrill lynch trains people to defraud credit card owners on the internet.

then it hit me that it is merrill lynch and that it might be true.

Canelek · Post by **Canelek** » November 1, 2005, 1:31 am

You are right!

Ain't been around for over 100 years for nothing!

Tenuvil · Post by **Tenuvil** » November 1, 2005, 2:09 am

Canelek wrote:
Tenuvil wrote:I smell a pretty blatant phishing attempt on the part of "Nancy".
Yup, that is right out of the training courses that we have at Merrill Lynch. They get a ton of folks with this, which is a shame.

I

being a security consultant

Vaemas · Post by **Vaemas** » November 1, 2005, 9:19 am

There's also the matter of the structure of the email. Any true email from an organization would use professional business language and wouldn't shorten words like information to info. That plus the "email me your credit card number" is pretty blatent.

Tyek · Post by **Tyek** » November 1, 2005, 1:30 pm

trust me the as soon as I saw the email I was on the phone canceling the card. On the email they had the numbers so close it was scary. It looks like the email was sent at 1:02 and then someone tried to get into paypal at 1:49 with that information. The number was right, they had a 4 and a 6 reversed, otherwise they had me.I have forwarded the information on to American Express, canceled the card and have a new number being sent to me.

Must be scam week for me, I got my first 419 email from Nigeria this week as well. Considered screwing with the guy, but I do not have the time.

Llaffer · Post by **Llaffer** » November 3, 2005, 1:36 am

Sounds like the training we have to do at my job. How do you teach people to watch out for Money Laundering, by showing them how to do it.

Hesten · Post by **Hesten** » November 3, 2005, 6:48 pm

Hehe, concerning cybertheft and social engineering like this, i was attending a seminar yesterday, where they had actually had the luck to catch a danish successfull attempt at cheating a secretary out of her login and password.
They had taped a few 100 phonecalls for some course material internally at the company, and when reviewing them noticed that the guy posing as a help desk tech didnt have anything to do with the company.
Quite interesting to actually hear it happen here in DK too, and not just in the US.
And the most sad of it. I did the same 22 times today while working from home with only a cellphone when i had to get some info for correcting a lot of paperwork that we were missing

People are so gullible that its scary.

Hesten · Post by **Hesten** » November 3, 2005, 6:49 pm

Hesten wrote:Hehe, concerning cybertheft and social engineering like this, i was attending a seminar yesterday, where they had actually had the luck to catch a danish successfull attempt at cheating a secretary out of her login and password.
They had taped a few 100 phonecalls for some course material internally at the company, and when reviewing them noticed that the guy posing as a help desk tech didnt have anything to do with the company.
Quite interesting to actually hear it happen here in DK too, and not just in the US.
And the most sad of it. I did the same 22 times today while working from home (and yes, WAS info i am allowed to get from my own work, but a guy with only a name of a IT person in the company, and an outside cellphone should NOT be able to get that info really.) with only a cellphone when i had to get some info for correcting a lot of paperwork that we were missing People are so gullible that its scary.

miir · Post by **miir** » November 3, 2005, 6:56 pm

Hesten wrote:Hehe, concerning cybertheft and social engineering like this, i was attending a seminar yesterday, where they had actually had the luck to catch a danish successfull attempt at cheating a secretary out of her login and password.
They had taped a few 100 phonecalls for some course material internally at the company, and when reviewing them noticed that the guy posing as a help desk tech didnt have anything to do with the company.
Quite interesting to actually hear it happen here in DK too, and not just in the US.
And the most sad of it. I did the same 22 times today while working from home with only a cellphone when i had to get some info for correcting a lot of paperwork that we were missing People are so gullible that its scary.

Hesten · Post by **Hesten** » November 4, 2005, 6:23 am

Blah, need new glasses, Edit are NOT quote

miir · Post by **miir** » November 4, 2005, 12:16 pm

Hesten wrote:Blah, need new glasses, Edit are NOT quote

Noob

Drolgin Steingrinder · November 4, 2005, 12:25 pm

someone stolen ur cybr?!

Canelek · Post by **Canelek** » November 4, 2005, 12:28 pm

pazzled?

Ennia · Post by **Ennia** » November 4, 2005, 1:53 pm

I'm wondering how would someone get your card number but with 2 numbers switched, why the mistake? could be someone who overheard you saying it and wrote it wrong?

Xanupox · Post by **Xanupox** » November 4, 2005, 7:40 pm

Ennia wrote:I'm wondering how would someone get your card number but with 2 numbers switched, why the mistake? could be someone who overheard you saying it and wrote it wrong?

Ever go out for dinner in todays "plastic society"?

How credible is that waitress you are handing your credit card to, as she walks off with it into some back room, comes back 5 minutes later and plops it back down on your table.

People are just too careless with thier personal information and credit cards nowdays.