Warning - credit card compromised after FerrariOwners.com Purchase

I'd be curious to know how that happens? Do they claim a secure credit card site? Those scammers are getting pretty sophisticated these days but I'd hate to think it's some weasel at Ferrari passing along CC info.

 

pm letsjet. i might be remembering wrong, but i think he had a problem too.

 

I did and I informed my CC company. I thought it was Ferrari Store also, but they didn't keep me involved in the investigation.

I would not use ferrari store again.

The card was used to purchase an airline ticket for multi leg travel through Itay. I even called the airline and informed them. They would not give me the name of the passenger even though it was my card. It is no wonder criminals get away with things when the laws work against you. Hopefully the CC company followed through but I doubt they did. They told me they would investigate but would not keep me in the loop. So I have no idea what happened.

Your hunch is probably correct and I hope your CC catches this guy.

I even tried contacting Ferrari Store. (Good luck with that) I think it's someone that works in the IT dept.

 

It happened to me from Buy.com. It was a guy from the IT dept selling the info.
CC company reversed my charges immediately and sent me a new card in 48 hours.

 

How did you find out who it was?

 

The guy at my CC company was really cool. I called him back about a month after the incident, and that is what he told me (in a whispering tone of voice).
He didn't tell me the name of the person unfortunately

 

Thanks for making us aware of this. Either (a) they have a guy on the inside selling the information, or (b) their purchasing/transaction server is fundamentally insecure or is otherwise compromised, with or without their knowledge, and the data is being stolen intentionally by someone who knows what to do with it.

Fortunately we're protected against things like this, but what a PITA none-the-less.

 

I bought a package of aspirin with a credit card at the airport in Narita, Japan (enroute to Bangkok), and a couple of weeks later I was informed that someone had purchased about 2000 dollars worth of furniture at a store in Toyko. Fortunately I didn't have to pay.

 

With that reply, I had to log off and call my banks. I only called two of the banks I use for Visa, M/C, & AE. I told the banks about this situation and what liability I would be under. Bank of America said that I would not be responsible for any fraudulent charges on my acct. Period. The moment I notify them, acct. would shut down, their security dept. along with law enforcement would act on it. If they couldn't find the individual or entity that committed the fraudulent act, the reversal of charges would still remain(I would imagine that the business that took my card # would have to answer-up or have their Visa privledges revolked). If they did find the individual that committed the fraud, I have the option to press charges against them with B of A representing me, along with whatever other repercusions that would be due them. Citibank said the same thing. I would not be held responsible for the charges. All they need is a notorized affadavit from me, and their security dept. along with law enforcement would go from there. Even if they don't recover funds, no loss for me. I asked them about pressing charges, their reply was that law enforcement would handle that(since I'm not losing anything anyway).
As a back-up plan, I use only one card just for internet and phone purchases only, with a low limit(what I might reasonably spend in 1 month); if high limits are neccessary, may I suggest muliple cards with low limits---It's for your protection in the unlikely event the banks would backfire on you.

 

I have to laugh at the part where the credit card company "investigates" and gets law enforcement involved.

The CC company could care less - they are not out one dime. They credit your account and chargeback the merchant - it's the merchant who is left holding the bag and who is out the cost of the product/service that was charged.

LMAO. CC company investigating. Ha!

I (as a merchant) get couple of chargebacks per month where someone paid for my products with either a stolen card or was not authorized to use the card (supposedly). I have the name and address where my product was delivered - yet have never once been asked for this information for any "investigation". They just suck the money back out of my account and everyone is happy (card holder and CC company) - except me, the merchant.

End of CC fraud rant.

 

I work for and manage the design of IT Security equipment and there is always the possibility of people "sniffing" transactions. Whether they can decipher the data is a different story.

There are many things that you can do to protect yourself from on-line fraud. Without going into the basics, such as "buy from a trusted source" (I would think that the Ferrari Store would be trusted by the way), make sure that whenever you input personal data that you're doing it on an SSL (Secure Sockets Layer) connection. If not, DON'T DO IT. You can tell that you're on an SSL connection by an "https://" in front of the web address in your address bar. A standard connection will not have the "s" (http://). If you're really worried use a service like Paypal, requesting that they do not pay without a confirmation from yourself. Note that I am not affiliated with Paypal. I did, by habit, even use them to pay for my F-Chat subscription even though F-Chat payments do use an SSL connection.

Not to create paranoia but I travel a lot and I can tell you that with simple tools on my laptop, in an airport I can see things that I shouldn't. It amazes me how many of these kiosks in the airport send basic credit card transactions over a wireless network with no encryption. Many of these "IT Professionals" are idiots. They think that accessing a secure line over an insecure wireless network is safe. More likely they're to ignorant to know how to set up the equipment. That said I never use CC's in an airport.

In the end there will always be fraud, ba$tard$. The good news is that it's all part of the CC company's balance sheet to take the hit for their customers (if I was less civilized though, l wouldn't mind emptying a clip into these $crews). Now if you are a merchant watch out, that's a differnt story.

 

I had this happen to me once, found out when I got the bill, called the company and they asked if I liked the $12,000 of computers they sent me. I told them no one in my company was allowed to make such a purchase but me and asked for names and del. addresses and they gave it to me! along with phone numbers! I called the police and post master general (federal crime if mail service is involed and they were very interested) and asked if they wanted to go have a talk with this clown or should I and that I can have very bad manners, they arrested them, two of them, c.c. company didn't help.

 

+1 For the buckets of money we merchants pay the processors, it's amazing how we're at the very bottom of the food chain when it comes to chargebacks and fraud.

Like Las Vegas, the house always wins -- and that house is CC processor only.

 

FWIW, You might consider enrolling in BoA's "Privacy Assist" program. Sure, all the data might be cheaper to get elsewhere but they do a thorough job and provide detailed monthly statesments of your entire credit situation.

I have found it to be worth the monthly (or annual, or whatever) price.

 

Doesnt PayPal have a not-so-good track record? I've used them for small things and had no problems (yet!), but have heard of complaints.

I wonder the % of successful transactions (Paypal or other "secured" websites) go through as compared to a % of fraudulent transactions.

James in Denver

 

So far I haven't had any problems, but that's just me. The benefit of using any service like this is that you're not sending your CC information over the net, only a Paypal code (in this example). If set up correctly these codes are good for only one transaction.