Stan Horwitz wrote:
>
> That really sucks. This goes to show you that small business owners who
> rely on employees to process credit card transactions have to watch them
> like a hawk.


I have a question about these schemes. What's the effect on the card
holder? The card holder gets a bill with incorrect charges on it. This
might be immediately after dining in a restaurant or months later as the
dishonest employee has waited that long. Cardholder notifies Company.
Company cannot immediately identify source of problem/error/theft. Now
what? Is Cardholder held responsible? What does Cardholder have to do
to prove theft is not theirs? I'm almost thinking that being the victim
in a big theft would be better. I'd have an easier time convincing
Company that I didn't order thousands of dollars in electronics than I
would convincing them that the $100 extra charge for housewares aren't mine.


--Lia

Julia Altshuler > wrote in message
. ..
[snip]
> I have a question about these schemes. What's the
> effect on the card holder? The card holder gets a bill
> with incorrect charges on it. This might be immediately
> after dining in a restaurant or months later as the dishonest
> employee has waited that long.
[snip]

Two things: 1) The crook doesn't wait months on racking up those
extra charges; you'll be lucky if it's hours. 2) You follow the
process of reporting the bogus transactions EXACTLY as they are
listed on your Policies and Procedures toss-away that is slipped
in with your monthly bill.

Both SWMBO and I have been hit with this. It was more low-tech
(SWMBO card was "rubbed") and mine had the carbon (remember
those?) removed.

It sucked but we did everything the card issuer required. It took
some time and multiple correspondences but it didn't affect our
credit adversely. Another friend didn't follow her card issuer's
procedures... Her experience was much more horrific and lasting.

ObFood: Schezwan beef with steamed rice for breakfast.

The Ranger
--
"If you can't be a good example, then you'll just have to be a
horrible warning."
-- Catherine Aird

The Ranger wrote:
>
> Two things: 1) The crook doesn't wait months on racking up those
> extra charges; you'll be lucky if it's hours. 2) You follow the
> process of reporting the bogus transactions EXACTLY as they are
> listed on your Policies and Procedures toss-away that is slipped
> in with your monthly bill.


Thanks. The part about the crook waiting months was taken from this
thread. Other than that mention of it, I'd know nothing about it. The
idea was that by waiting so long, the thief made it much harder for the
company to figure out what targeted cards had in common and much harder
for them to catch the thief. S/he was long gone from the restaurant.


I had some errors on a bill from years ago. I did follow the
instructions as you say, and it was cleared up shortly. I wonder if
that's the case today. You say the time it happened to you was back in
the days of carbons. It just seems to me that the card company could
decide that the cardholder is the thief. They could decide that the
card holder was questioning a purchase that the cardharder had really
made. It would be a my word against theirs sort of thing with the
cardholder holding, ahem, all the cards.


--Lia

Julia Altshuler > wrote in message
. ..
> The Ranger wrote:
>> Two things: 1) The crook doesn't wait months on racking
>> up those extra charges; you'll be lucky if it's hours. 2) You
>> follow the process of reporting the bogus transactions
>> EXACTLY as they are listed on your Policies and
>> Procedures toss-away that is slipped in with your monthly
>> bill.
>>
> Thanks. The part about the crook waiting months was
> taken from this thread. Other than that mention of it, I'd
> know nothing about it.

Understood... I hope you _never_ have to experience the horror of
credit card fraud.

Think about the timing from the crook's POV. It's a finite
resource with a severely limited time-date. That's one of the
reasons there are spikes in the use and what the credit card
issuers have set the alarm algorithm to...

The crook that stole SWMBO's card number used it on her break at
the store across from where we ate. I don't know why the clothing
store allowed it but US$375.00 later, that was one very happy
crook. In my case, they immediately hit a couple mail-order
businesses.

> The idea was that by waiting so long, the thief made it much
> harder for the company to figure out what targeted cards had
> in common and much harder for them to catch the thief.

The card issuers are not interested in catching the thieves.
They're strictly interested in limiting their exposure and losses.
That's not their care or worry. (i.e.: SWMBO's crook never had any
actions taken against her -- beyond being fired from the
restaurant...)

> S/he was long gone from the restaurant.

> I had some errors on a bill from years ago. I did follow the
> instructions as you say, and it was cleared up shortly. I
> wonder if that's the case today. You say the time it happened
> to you was back in the days of carbons. It just seems to me
> that the card company could decide that the cardholder is the
> thief.

The card companies have a byzantine process on purpose; they are
going to limit their exposure and loss through any legal means
possible. Attrition of the customer base (where the customer
finally gives up and says, "I'll pay it already!") is an
acceptable business decision. It sucks to be in that position but
a letter on stationary from your lawyer helps smooth the process
somewhat.

> They could decide that the card holder was questioning
> a purchase that the cardharder had really made. It would
> be a my word against theirs sort of thing with the cardholder
> holding, ahem, all the cards.

The signatures are often what are compared. The business that took
the transaction in question usually has ?X? # of days to respond
before the credit is removed from their bank account. If they can
provide proof of the transaction, then the cardholder might be
liable for the transaction.

ObFood: Lucky Charms and a croissant for Spawn's breakfast.

The Ranger

Steve Pope wrote:
> George > wrote:
>
>> Steve Pope wrote:
>
>>> Dan Abel > wrote:
>
>>>> All US credit cards have a PIN. However, it's printed on the back, so
>>>> it isn't at all secure.
>
>>> Okay, that I hadn't heard.
>
>> Its called a "CSV". It is supposed to be used as an additional check.
>> Some cheepo merchants (like tjmax) were actually storing the CSV with
>> the CC number and other information in an unencrypted database. The CSV
>> is only supposed to be used for the transaction and never saved.
>
> If they saved the CSV's, then used them in later transactions,
> that would probably be a violation of the merchant agreements.
> The banks charge marginally less for the transaction if
> the CSV is provided by the customer.
>
> Steve

From what I understand they are just a cheepo outfit who cluelessly
collected and unsecurely stored the data.

On Mon, 10 Dec 2007 16:58:31 -0600, Lou Decruss >
wrote:

>On Mon, 10 Dec 2007 14:00:52 -0500, T >
>wrote:
>
>>> >I also don't accept Paypal on my ebay auctions.
>>>
>>> Why don't you accept paypal?
>>>
>>> Lou
>>>
>>>
>>
>>Been burned a few times using that method.
>>
>>Now it's MO or Cashiers check only.
>
>
>We've had different experiences I guess. CC's and MO's aren't even
>fool proof anymore. We've just starting requiring a postal MO for
>those that don't use PP. It's too much of a pita to try to see when a
>check has cleared before we ship. We're at the PO 3-4 times a week so
>we just cash them there. We ship 30-40 things a month and 99% is
>paypal. I'm curious how you got burned? Some time ago we sold
>something for about $170.00. The second highest bidder was just a few
>dollars behind. Someone contacted them and said the highest bidder
>had backed out, gave them new paypal info, and told them they could
>have it when they paid. Luckily for them they contacted us and asked
>how quick we could ship. We told them the item had been paid for and
>shipped, and they were being scammed. There's some real assholes out
>there and nothing seems to be perfect.
>
>Lou
>

lou, are these just e-bay items or do you have a business?

your pal,
blake

On Tue, 11 Dec 2007 02:26:35 -0800 (PST), Gregory Morrow
> wrote:
>
>Russians and Arabs (and Muslims) are TOTALLY dishonest, they'll always
>try to cheat or take advantage or whatever...they've a thieving
>mindset. You have to realise that graft, cheating, corruption, are
>ingrained in their cultures...that's why those places are such
>********s to live in.

yeah and queers are all disease-ridden. grow the **** up.

your pal,
blake

The Ranger wrote:

> Julia Altshuler > wrote in message
> . ..
>
>>The Ranger wrote:
>>
>>>Two things: 1) The crook doesn't wait months on racking
>>>up those extra charges; you'll be lucky if it's hours. 2) You
>>>follow the process of reporting the bogus transactions
>>>EXACTLY as they are listed on your Policies and
>>>Procedures toss-away that is slipped in with your monthly
>>>bill.
>>>
>>
>>Thanks. The part about the crook waiting months was
>>taken from this thread. Other than that mention of it, I'd
>>know nothing about it.
>
>
> Understood... I hope you _never_ have to experience the horror of
> credit card fraud.
>
> Think about the timing from the crook's POV. It's a finite
> resource with a severely limited time-date. That's one of the
> reasons there are spikes in the use and what the credit card
> issuers have set the alarm algorithm to...
>
> The crook that stole SWMBO's card number used it on her break at
> the store across from where we ate. I don't know why the clothing
> store allowed it but US$375.00 later, that was one very happy
> crook. In my case, they immediately hit a couple mail-order
> businesses.
>
>
>>The idea was that by waiting so long, the thief made it much
>>harder for the company to figure out what targeted cards had
>>in common and much harder for them to catch the thief.
>
>
> The card issuers are not interested in catching the thieves.
> They're strictly interested in limiting their exposure and losses.
> That's not their care or worry. (i.e.: SWMBO's crook never had any
> actions taken against her -- beyond being fired from the
> restaurant...)
>
>
>>S/he was long gone from the restaurant.
>
>
>>I had some errors on a bill from years ago. I did follow the
>>instructions as you say, and it was cleared up shortly. I
>>wonder if that's the case today. You say the time it happened
>>to you was back in the days of carbons. It just seems to me
>>that the card company could decide that the cardholder is the
>>thief.
>
>
> The card companies have a byzantine process on purpose; they are
> going to limit their exposure and loss through any legal means
> possible. Attrition of the customer base (where the customer
> finally gives up and says, "I'll pay it already!") is an
> acceptable business decision. It sucks to be in that position but
> a letter on stationary from your lawyer helps smooth the process
> somewhat.
>
>
>>They could decide that the card holder was questioning
>>a purchase that the cardharder had really made. It would
>>be a my word against theirs sort of thing with the cardholder
>>holding, ahem, all the cards.
>
>
> The signatures are often what are compared. The business that took
> the transaction in question usually has ?X? # of days to respond
> before the credit is removed from their bank account. If they can
> provide proof of the transaction, then the cardholder might be
> liable for the transaction.
>
> ObFood: Lucky Charms and a croissant for Spawn's breakfast.

We recently had some weird charges show up on our primary credit card.
Piddly shit. $9.99 for "The Joy of Scrapbooking". There were several
others, all in the same amount, all on topics I have absolutely no
interest in. My husband asked me about them and I asked him when the
last time he saw me do any scrapbooking might have been.

It happened shortly after I'd purchased a used copy of a book no longer
available in the US. The transaction was processed through Amazon's
website and I think the timing of the subsequent bogus charges was less
than coincidental.

We called the credit card company, they cancelled the compromised card
and reversed the erroneous charges. It was still a major PITA because
that card had been set up to autopay co-pay balances for our healthcare
providers and various utilities and vendors and all of those had to be
switched.

Last January I traveled to Spain and Morocco. Before I left I made sure
to call my credit company and give them a heads up so i wouldn't find
myself stuck because Mastercard had put a security freeze on my card
because of suspicious transactions. The girl I spoke to wanted to know
the specific nature of the transactions I anticipated and I told her I
couldn't possibly know that at this point, but if they occurred between
thus and such dates it was probably me and I would review my account
online as soon as I got home.

Kathleen > wrote:

>Last January I traveled to Spain and Morocco. Before I left I made sure
>to call my credit company and give them a heads up so i wouldn't find
>myself stuck because Mastercard had put a security freeze on my card
>because of suspicious transactions. The girl I spoke to wanted to know
>the specific nature of the transactions I anticipated and I told her I
>couldn't possibly know that at this point, but if they occurred between
>thus and such dates it was probably me and I would review my account
>online as soon as I got home.

I always call the card companies before traveling to Europe,
but last time they put a freeze on I had simply travelled to
Montreal.

As if their computers shouldn't be able to tell them I
constantly travel around North America and this is normal.

Steve

"Kathleen" > wrote

> We called the credit card company, they cancelled the compromised card and
> reversed the erroneous charges. It was still a major PITA because that
> card had been set up to autopay co-pay balances for our healthcare
> providers and various utilities and vendors and all of those had to be
> switched.

That's very annoying, I agree. My Mastercard changed my number on
me again, no particular reason as far as I can tell, thanks for nothing.
Now I have to notify the newspapers, etc.

> Last January I traveled to Spain and Morocco. Before I left I made sure
> to call my credit company and give them a heads up so i wouldn't find
> myself stuck because Mastercard had put a security freeze on my card
> because of suspicious transactions. The girl I spoke to wanted to know
> the specific nature of the transactions I anticipated and I told her I
> couldn't possibly know that at this point, but if they occurred between
> thus and such dates it was probably me and I would review my account
> online as soon as I got home.

Once I had ordered a camera, then backed out the deal and rebought
it, this made my mastercard issuer think something funny was going on.
I told them it was legitimate, but that I was going away for a week and
do not think about declining my charges while I was in Florida. Like you
said, she wanted details. I don't know, lady, I'll be on vacation, I could
buy anything. Just know I'll be charging in Florida.

nancy

The Ranger wrote:
> I hope you _never_ have to experience the horror of
> credit card fraud.


As a general rule, I budget the way I did in college. I put weekly
budget in cash in my wallet. When it's gone, I stop spending. I have
credit cards and a bank card (debit) on hand for large (planned)
purchases and emergencies. So my cards don't get used much, and I pay
off the balance each month. The companies hate dead beats like me.


Still, fraud is never far from mind. I get offers twice a month to
write "checks" on my credit card account. The checks show up in my
mail. Easy as all hell to steal.


> The card issuers are not interested in catching the thieves.
> They're strictly interested in limiting their exposure and losses.
> That's not their care or worry.


I hear you loud and clear on this one. That's why the subject concerns
me. It seems to me that the card company could steal from its
cardholders as easily, more easily, than any restaurant employee thief
could. The cardholder wouldn't even have the protection of local police.



> The card companies have a byzantine process on purpose; they are
> going to limit their exposure and loss through any legal means
> possible. Attrition of the customer base (where the customer
> finally gives up and says, "I'll pay it already!") is an
> acceptable business decision. It sucks to be in that position but
> a letter on stationery from your lawyer helps smooth the process
> somewhat.


Yeah, I keep some lawyer stationery around for just that purpose.


--Lia

On Tue, 11 Dec 2007 19:29:02 GMT, blake murphy >
wrote:

>On Mon, 10 Dec 2007 16:58:31 -0600, Lou Decruss >
>wrote:
>>
>>We've had different experiences I guess. CC's and MO's aren't even
>>fool proof anymore. We've just starting requiring a postal MO for
>>those that don't use PP. It's too much of a pita to try to see when a
>>check has cleared before we ship. We're at the PO 3-4 times a week so
>>we just cash them there. We ship 30-40 things a month and 99% is
>>paypal. I'm curious how you got burned? Some time ago we sold
>>something for about $170.00. The second highest bidder was just a few
>>dollars behind. Someone contacted them and said the highest bidder
>>had backed out, gave them new paypal info, and told them they could
>>have it when they paid. Luckily for them they contacted us and asked
>>how quick we could ship. We told them the item had been paid for and
>>shipped, and they were being scammed. There's some real assholes out
>>there and nothing seems to be perfect.
>>
>>Lou
>>
>
>lou, are these just e-bay items or do you have a business?

All eBay.

Lou

Steve Pope > wrote:

> It seemed to be universal in the UK and Italy last time I
> was there. Not sure about elsewhere.

Not in Germany, anyway, not even with the UK-issued recent cards. A PIN
is needed with debit cards only here.

Victor

In article >,
T > wrote:

> In article <dabel-F489AB.13125710122007@c-61-68-245-
> 199.per.connect.net.au>, says...

> > All US credit cards have a PIN. However, it's printed on the back, so
> > it isn't at all secure.
> >
> >
>
> No, that number printed on the back of the card is the verification
> number.

My point was, there's a number. It could be a POS (piece of shit)
number, or a WAN (weird ass number). If a PIN isn't a verification
number, then what is the point?

--
Dan Abel
Petaluma, California USA

In article >,
Julia Altshuler > wrote:

> Stan Horwitz wrote:
> >
> > That really sucks. This goes to show you that small business owners who
> > rely on employees to process credit card transactions have to watch them
> > like a hawk.
>
>
> I have a question about these schemes. What's the effect on the card
> holder? The card holder gets a bill with incorrect charges on it. This
> might be immediately after dining in a restaurant or months later as the
> dishonest employee has waited that long. Cardholder notifies Company.
> Company cannot immediately identify source of problem/error/theft. Now
> what? Is Cardholder held responsible? What does Cardholder have to do
> to prove theft is not theirs? I'm almost thinking that being the victim
> in a big theft would be better. I'd have an easier time convincing
> Company that I didn't order thousands of dollars in electronics than I
> would convincing them that the $100 extra charge for housewares aren't mine.

If the card holder follows the credit card's official policy to report
any unauthorized transactions, they should be removed, but chances are,
the credit card issuer will require the card holder to sign an affidavit
that explains what happens. If the transactions are for very small
amounts, they may go unnoticed, which means they would not be reported
as fraud and be paid by the card holder.

I had an Exxon gas card more than ten years ago that was lost and I
didn't realize it until the next bill arrived. There were unauthorized
transactions on it that caught my eye right away. There was a charge for
gas that was for more than my car's tank can hold, in a town I never
heard of a few hundred miles away in a different state at exactly the
same time I was on board a cross country flight and I could prove it. I
followed the card's procedure to report it stolen several months in a
row, but each time, there were more unauthorized charges. I finally just
sent a letter via certified mail to have the account closed, and I
called, and that fixed it. My total cost, other than a few minutes of
time and some postage stamps, was nil.

Stan Horwitz wrote:


> If the card holder follows the credit card's official policy to
> report any unauthorized transactions, they should be removed, but
> chances are, the credit card issuer will require the card holder to
> sign an affidavit that explains what happens.

Every time I've had a problem (and there have been very few) they
started an official investigation based on a phone call.




Brian

--
If televison's a babysitter, the Internet is a drunk librarian who
won't shut up.
-- Dorothy Gambrell (http://catandgirl.com)

Victor Sack > wrote:

>Steve Pope > wrote:

>> It seemed to be universal in the UK and Italy last time I
>> was there. Not sure about elsewhere.

> Not in Germany, anyway, not even with the UK-issued recent cards.
> A PIN is needed with debit cards only here.

Thanks for the info.

Steve

On Tue, 11 Dec 2007 16:15:28 -0600, Lou Decruss >
wrote:

>On Tue, 11 Dec 2007 19:29:02 GMT, blake murphy >
>wrote:
>
>>On Mon, 10 Dec 2007 16:58:31 -0600, Lou Decruss >
>>wrote:
>>>
>>>We've had different experiences I guess. CC's and MO's aren't even
>>>fool proof anymore. We've just starting requiring a postal MO for
>>>those that don't use PP. It's too much of a pita to try to see when a
>>>check has cleared before we ship. We're at the PO 3-4 times a week so
>>>we just cash them there. We ship 30-40 things a month and 99% is
>>>paypal. I'm curious how you got burned? Some time ago we sold
>>>something for about $170.00. The second highest bidder was just a few
>>>dollars behind. Someone contacted them and said the highest bidder
>>>had backed out, gave them new paypal info, and told them they could
>>>have it when they paid. Luckily for them they contacted us and asked
>>>how quick we could ship. We told them the item had been paid for and
>>>shipped, and they were being scammed. There's some real assholes out
>>>there and nothing seems to be perfect.
>>>
>>>Lou
>>>
>>
>>lou, are these just e-bay items or do you have a business?
>
>All eBay.
>
>Lou

you must have a lot of junk, er, collectibles.

your pal,
blake

On Wed, 12 Dec 2007 19:10:13 GMT, blake murphy >
wrote:

>>>lou, are these just e-bay items or do you have a business?
>>
>>All eBay.
>>
>>Lou
>
>you must have a lot of junk, er, collectibles.
>
>your pal,
>blake

Louise is addicted to eBay. We took that last half of the summer, and
the fall off. She/we went from place to place buying "junk." One bag
of ornaments we got for 5 bucks has made us about over $300.
Something else we bought for $18 brought in $360. The list could go
on and on. She has an eye for these things. I'm lucky she wants to
keep me or she'd try to sell me too.

Lou

On Thu, 13 Dec 2007 17:01:53 GMT, Lou Decruss > wrote:

>On Wed, 12 Dec 2007 19:10:13 GMT, blake murphy >
>wrote:
>
>>>>lou, are these just e-bay items or do you have a business?
>>>
>>>All eBay.
>>>
>>>Lou
>>
>>you must have a lot of junk, er, collectibles.
>>
>>your pal,
>>blake
>
>Louise is addicted to eBay. We took that last half of the summer, and
>the fall off. She/we went from place to place buying "junk." One bag
>of ornaments we got for 5 bucks has made us about over $300.
>Something else we bought for $18 brought in $360. The list could go
>on and on. She has an eye for these things. I'm lucky she wants to
>keep me or she'd try to sell me too.
>
>Lou

i guess you'll have to watch you step, lou.

your pal,
blake

>
> There are a number of important exceptions where
> cardholders can continue to sign:
>
> cardholders who have an old style card that has yet to be upgraded
> cardholders from overseas who have an old style card that
> has yet to be upgraded
> disabled cardholders who have a chip and signature card
>
> Steve
Not strictly true. You DO NOT have to be disabvled to have Chip &
Signature Cards. I

If you feel safer signing than PINning.

You simply can't remember numbers you infrequently use, and refuse to
write them down.

You are numerically dyselexic etc

Then Signature Cards are for you.

Then of course there's the liability question.

Very interesting article just published on Card Cloning by Heise
Security:

http://www.heise-security.co.uk/articles/100187/0

Last 2 paragarphs.

In the UK, the Banking Code (PDF file) section 12.12 states "Unless we
can show that you have acted fraudulently or without reasonable care,
your liability for the misuse of your card will be limited..."
essentially to a maximum of 50 UK pounds. However, the code is
voluntary, and the onus is usually still on the customer to prove the
fraudulent nature of the transaction. The initial position of the UK
banks is generally to insist that customer has exhibited contributory
negligence.

In other jurisdictions, notably Germany, banks have so far covered all
the losses from skimming as a gesture of goodwill provided evidence
could be demonstrated that fraud had indeed occurred. There has
reportedly been no case in which a German bank has left a victim empty-
handed

In article >,
(Steve Pope) wrote:

> George > wrote:
>
> >Steve Pope wrote:
>
> >> Dan Abel > wrote:
>
> >>> All US credit cards have a PIN. However, it's printed on the back, so
> >>> it isn't at all secure.
>
> >> Okay, that I hadn't heard.
>
> >Its called a "CSV". It is supposed to be used as an additional check.
> >Some cheepo merchants (like tjmax) were actually storing the CSV with
> >the CC number and other information in an unencrypted database. The CSV
> >is only supposed to be used for the transaction and never saved.
>
> If they saved the CSV's, then used them in later transactions,
> that would probably be a violation of the merchant agreements.
> The banks charge marginally less for the transaction if
> the CSV is provided by the customer.

They charge less if there is a zip code. I was asked to provide this.
Well, I worked at a university. The students had a lot of addresses.
There's the local address, the permanent address, the graduation address
and the billing address. I think there were more. And then there are
the foreign students. Which one should I use?

--
Dan Abel
Petaluma, California USA

Dan Abel > wrote:

>They charge less if there is a zip code. I was asked to provide this.
>Well, I worked at a university. The students had a lot of addresses.
>There's the local address, the permanent address, the graduation address
>and the billing address. I think there were more. And then there are
>the foreign students. Which one should I use?

The zip code that the bill for that credit card is mailed to.

Cleverly, this is something the cardholder might know but a
skimmer/scammer might not.

I think it would also violate the merchant agreement to pull
the zipcode from a database rather than getting it from the
cardholder on each transaction.

Steve

In article >,
Stan Horwitz > wrote:


> I had an Exxon gas card more than ten years ago that was lost and I
> didn't realize it until the next bill arrived. There were unauthorized
> transactions on it that caught my eye right away. There was a charge for
> gas that was for more than my car's tank can hold, in a town I never
> heard of a few hundred miles away in a different state at exactly the
> same time I was on board a cross country flight and I could prove it. I
> followed the card's procedure to report it stolen several months in a
> row, but each time, there were more unauthorized charges. I finally just
> sent a letter via certified mail to have the account closed, and I
> called, and that fixed it. My total cost, other than a few minutes of
> time and some postage stamps, was nil.

Sounds kind of stupid to me. Remind me not to get an Exxon credit card.
Why did they think that it would stop? I had credit card fraud. After
we had a discussion of the charges, the next thing the person on the
phone suggested was that I cancel the card and they would give me a new
one.

--
Dan Abel
Petaluma, California USA