Slashdot Mirror
Identity Theft Victim Gets Last Laugh
Ovid writes "Being a bit of a hypocrite, I sometimes whine about privacy in my blog. I do, however, try to be careful about not letting anyone get information about me they shouldn't and I rarely, if ever, use a credit card online. This is why I was surprised to find out one morning that identity thieves had racked up thousands of dollars one two of my credit cards. By early afternoon, I caught them and the police arrested them."
The canadian mounties have a new branch devoted to identity theft and they solved my case in a week. They are amazing.
For those who haven't seen it (Like anyone in this crowd wouldnt have seen this), I'd suggest reading the P-P-P-Powerbook Story as a great compliment. These stories of Scammers getting Scammed never get old.
> and I rarely, if ever, use a credit card online.
Don't you know whether you do or not?
Sheesh, evil *and* a jerk. -- Jade
never use a card when cash will get the job done. It might sound "cute", but it's the best way to protect your privacy - not to mention your bank account.
My digital rights don't need management.
If you just send your full name, birth date, address, social security number, credit card numbers with expiration dates to securemyidentity@gmail.com, we will monitor your credit record and make sure that you never have to worry about your good credit record ever again.
Cash can be stolen and used easily. Cards can be stolen and used, but you can get the money back. Big difference.
Cards are way more convenient, less hassle in the long run, and let you get an accurate tally of what you spend. Cash just means constant trips to the ATM, spending money in dribs and drabs and forgetting about it, and the risk of getting mugged when you flash it too much.
You might have outsmarted them this time, but it's never a good idea to gloat. This is something you'll forget in time, but they're going to remember it for a lot longer than you are because they'll be the ones doing time for the crime. If they got really rough sentences because of you and spent several years in the slammer as a result, ten years later they could come looking for you to take away your life. Your credit cards would be the least of your problems.
My digital rights don't need management.
In a situation like this where you know the culprit is standing only a few meters away from you its so tempting to confront the thief. I admire his resolve.
I never really thought how much power you the credit card holder have in these situations. A few proactive measures can go a great deal further than a phone call to a dusty beurocrat.
this is wnhy you get a prepaid visa or mastercard for online purchases. id rather spend the 30 minutes to put the cash on the card and buy something online with it than than let some druggy scum waltz off with my hard earned money. http://www.netspend.com/ Netspend offers inexpensive prepaid visa and mastercards that are useable anywhere.
... i would have found it very difficult to resist the urge to take some very gratifying physical revenge on the perps. bravo to ovidius. this won't stop identity theft, but it surely promotes a bit more vigilance on the potential victims ...
nothing worth possessing isn't possessed. or something.
It seems a tad arrogant to declare "I caught them and had them arrested by afternoon." Why? Because if not for Discover, and Visa's fraud-alert services, you wouldn't have been the wiser for quite a while longer - days or weeks, perhaps. You didn't do this by yourself. To imply otherwise denies the actions of many people working behind the scenes to make sure that when this stuff happens, it doesn't ruin innocent people's lives.
My digital rights don't need management.
No joke. I would have gutted those two like pigs. Throat to groin. Wouldn't have thought twice about it. Not any issue at all.
Ovid, you are a sane man.
* hey are you Ovid from Perl Monks & the Perl Monks Seti team?
This
More evidence that credit card signatures are useless.
Ludwig Wittgenstein
Calling the cops three times on your cellphone: 68 cents.
Driving to Denny's at 96 miles per hour: $1.10 in gas.
Seeing identity-thieving bastards hauled off in handcuffs before your very eyes: priceless.
There are some things money can buy. For everything else, there's adrenaline and instincts.
In fact, I'd like to add that companies like paypal penalise those who get frauded by others. In one case, a friend of mine was "paid $1000" over paypal, and a week later, paypal took it away and charged him $500 for a really dodgy reason. I constantly hear of such cases over paypal and the end result is that the frauder wins in one way or another.
Whats even worse is that I have never seen any online store do a basic check to see if users were on a proxy or not, which could easily help reduce fraud if they did.
Unrelated, if you want to see just how much credit card companies care about fraud, a rather funny link can be found at http://www.zug.com/pranks/credit_card/. It explains why I dont have a credit card...
he's happy today but just wait until tomorrow when a group of street punks beat him and take his dungeon master's guide. :(
The best education consists in immunizing people against systematic attempts at education. - Paul Feyerabend
That's a fair question.
In this case, I happen to be "Curtis Poe", a grant manager for The Perl Foundation and in the small world of Perl, I'm moderately well-known. If I were caught making up stories like this, my reputation, and possibly my career, would be ruined.
Also, I hope to post the police report when I get it.
They closed that account and notified me immediately without authorizing any sales. I called the credit card company and found that in fact there had been three or four transactions on my card which I hadn't made. They weren't for a lot: there was one for a tank of gas, and the total was for less than a thousand dollars. The credit card company took care of the charges but seemed totally uninterested in pursuing the matter, even after I provided them contact information at Amazon. Amazon could not give me the information directly, but were anxious to provide it to the issuing bank. and urged me to contact my local law enforcement agencies.
Stupidly, I didn't contact local law, but kept badgering the issuing bank. Finally I gave up and cancelled the account. The original card had of course been cancelled immediately when I reported the problem, but I no longer had any confidence in the bank.
It's pretty bad when Amazon does a better job of tracking my credit card than the issuing bank does. Of course, I still do business with Amazon and I don't do business with that bank so maybe there's a moral there somewhere.
On a bet, I stole an English muffin from the kid's to-go bag. I can vouch.
There are no karma whores, only moderation johns
"I do, however, try to be careful about not letting anyone get information about me they shouldn't and I rarely, if ever, use a credit card online."
If you go to any store or use your credit card just about anywhere, it's on the Internet regardless of if you actually go to a Website to buy something.
When you swipe your card to get groceries, where is that data sent? How does it get there? Through the Internet. It stays on a company database like anywhere else.
I don't use my credit card on "shady" Websites, but I do realize when I use my card just about anywhere, that data is sent over the Internet and into a database somewhere where someone savvy enough could get access to it.
It's for this reason I try and not use my debit card often as if someone takes my credit info and buys things, I'm not responsible for it. they haven't taken any money form me. However, if I use a debit and they take money, then that is money I have lost and it is much harder to get back.
"If you are a dreamer, a wisher, a liar, A hope-er, a pray-er, a magic bean buyer
People sure have been jumping on this identity theft band wagon for about the last year. This isn't identity theft, it is Credit Card Fraud.
Identity theft would be if I opened up a credit card using your social or if I obtained a loan using your social.
Credit Card Fraud is stealing your credit card information and using it.
Too bad the media just keeps misleading people to believe the two are one and the same.
Looks like this guy caught his own criminal. Unlike the rest of you lazy slobs.
Sigs are like bumper stickers.
And all I can say is ... "SHRED THOSE CHECKS, DUMMY!". I have a discover card and get those all the time. I *Do NOT* toss them out. They get shredded in about 1 million little pieces.
I shred just about anything that might have any information about me, my family, or my bills or creditors/debtors. This guy coulda saved himself some grief. The kid prolly saw him check his mail from a PO box and then shake his head and toss the checks in the trash, where he retrieved them.
In fact, it bugs me Discover sends me those checks all the time. I never use them, probably never will, and wish they wouldn't send them so frequently.
FLR
I spend a lot of time on the road, so she audits the hell out of my cards. Turns out there were a couple charges at a local hotel - weird, because it was not anything I would book! Weirder yet when she realized it was her card. My wife's credit card info got swiped at Target.
Anyhow, the way the scam worked is they booked the room with hotels.com using my bride's card info. They checked in, tried to pay with a card that was expired (or did not work - they were not clear on that). When the hotel attempted to charge for the room service and the time they were there, it defaults to the card used to make the reservation. Card canceled, new one issued, no cost to us - but dang, you really have to watch your statements.
+++ UGUCAUCGUAUUUCU
Come on, now.
Using a credit card online is much safer than using it at any restaurant in which someone takes it out of your sight, using it at a store at which an imprint is taken, or giving its number to someone on the telephone.
I do all of these, and like the vast majority of everyone else, I've never had a problem.
Many, if not most, online merchants, don't ever store your credit card number. The exceptions would be those who have a recurring charge capability and those who explicitly have the capability to store it.
Being aware of the security of your information is fine, but rejecting convenience without adquately weighing the relative risk is damned silly.
This isn't to say that the original poster doesn't have good practices when it comes to using his credit card at restaurants as well. However, nearly everyone I know who won't use a credit card online will pony it up at a restaurant without a second thought.
now go upstairs and help your mom with the dishes.
As a former scammer and hacker turned security consultant... I have to say that it is surprisingly FREAKING EASY!!! to get someones CC numbers... from social engineering tactics, dumpster diving, or just slight of hand / eye tricks... its possible to get almost anyones card number these days.
Maybe not a single person as a target mind you, but valid card numbers none the less.
Once you get the card numbers youll also find that it is stupidly simple to make large purchases with them. Online buys can be made to drop houses for obscurity... and in person purchases can be made with a $300 3M card writer and a good inkjet printer and a bit of photoshop to create a physical card...
People NEVER verify the card holders name to the ID these days so having the actual card stolen from someone is just about as safe. (When they did attempt to ID me I would claim that I didnt bring my wallet, just the card and they would let me make a $599 purchase at best buy).
I commend him quick thinking and 'dumb luck' in your of your credit attackers... I have to say that if some people had been as vigilant I may have had their fate.
On the flip side of the coin, While I once had a stack of 50 valid and working credit cards obtained from one method or another... I now manage and secure online companies from attack and fraud using counter techniques which I used to skirt in MY efforts. I now have access to between 75 and 100K customer's information which Is locked down tighter than Fort Knocks if I do say so myself... not that this makes up for any of my past exploits, but to me, its a way of atoning.
The Code Ninja is swift with his tool, precise in his delivery, and deadly accurate in his execution.
That some kid stole a couple thousand dollars from Discover Card and some Visa merchant - so what? This guy acts like they were stealing the money from him.
Don't you get it? This isn't play money. It's real money that the merchants, banks, and card processors have to cough up. Where do you think it comes from? Higher merchandise prices (or, eroded retail margins, and fewer mom-and-pop retailers as a result), higher bank fees, and higher transaction fees. All of that, all of it, trickles down to the paying consumer in one way or the other.
Thieves like this are taking it from all of us, however indirectly. They're parasites. I completely tip my hat to someone who busted a couple of these punks while their greasy (stolen) Denny's breakfast was still impacting their short-term blood pressure. Truly delightful.
Don't disappoint your bird dog. Go to the range.
Last year Wells Fargo calls me. It seems some doofus used my Wells Fargo Mastercard to buy, among other things, $1000 in Victoria's Secret gift certificates from the VS Website. The expriation date was wrong, and the transaction flagged. Wells Fargo did NOT authorize the purchase, and I wasn't billed. (Other smaller purchases, under $50, had been authorized earlier in the day, but they were now being charged back since I said I didn't make them.) Bravo to Wells Fargo for being diligent about this.
Of course, I want to catch these shitheats. Victoria's Secret has their shipping address, so I think it should be pretty easy to get that address, call the police, and have justice done.
WRONGO!!
I call Victorias Secret. They say they can only give the shipping address out to a police officer/detective conducting an investigation, or at the request of the Credit Card company (Wells Fargo.). OK. Fine. They don't want vigilantes.
I call local PD. They say that since I didn't lose any money (WF blocked or refunded all charges) there was no crime for them to persue. If anyone lost money, Wells Fargo did. Call them and have them call police.
I call Wells Fargo. They say THEY didn't lose any money; they cancelled or blocked the charges. If anyone lost anything of value, it is Victorias Secret for (apparently) shipping out the gift certificates immediately without a valid payment now, or a valid expiration date eariler. They would need to call the Police to start an investigation.
"But I just called them! They don't care about who did this. They sent me to the local PD, and they sent me to you," I say. "I just want to know who did this. They have an address, but they'll only issue it to you or the PD."
The conversation took TWO more laps around these three parties before I gave up.
The story linked to in this post gives basically the same story in the sense that the local PD didn't give a shit about this crime in terms of investing ANY investigational effort. It was up to the poor victim to do all the legwork, and even THEN, the police seem like they take their sweet time getting there to catch the jerk-off criminals.
I bet the local DA pleads them down to nothing without a trial too.
In short, it seems that only determined application of stupidity on the part of credit card theives, along with an angry, lucky, motivated victom working hard at finding the theif, is the ONLY way these shitheads will ever get caught.
I don't even know why I work for a living...
leave it to /. readers to get upset about credit card frauders getting caught.
Is what type of person steals 2 credit cards, racks up thousands of dollars in charges. Then proceeds to order breakfast from Denney's? Come on the meal is free live it up a little.
Actully, Visa and Mastercard cover the expenses lost to fraud to both customer AND the business that got frauded. One of the other two or maybe both, refuses to give compensation to the business, so they eat it out of their own pocket. That's one of the biggest reasons why Visa and Mastercard are ALWAYS accepted, Discover and American Express are less so.
Learn something new.
it's always good to hear someone tracking down their own criminals like this story. this is a prime case of "vigilante justice" being very appropriate - especially given that the police were reluctant to get involved _at_all_ until he had confirmed that both perps were in the building.
... i had a small online company try to defraud me last fall and tracked down the owner much the same. they wouldn't return phone calls or emails, so i took it into my own hands. through some dns whois queries, mapquest searches, reverse phone lookups and the like (all free, btw, because who wants to pay $40 just to have someone take all your fun :) and do it for you?) the short version is that i called his home phone number, then confirmed he was the owner of this particular business before railing on him for his poor service and demanding a full refund (which i received quickly thereafter). man, was this guy sure scared/surprised to get a call at his home number.
/.ers who have such an "opportunity."
on a tangent
moral of the story: i can relate the the ecstacy this guy must have felt when knowing you've had a hand in the takedown of someone who's done you wrong. i strongly recommend the experience to all
Well done man, but the syringe portion gave me a chill. The syringe part is more than just evidence...what the cop did was both illegal and insanely dangerous. "Sharps" are considered hazardous medical waste and in every state MUST be disposed of in a proper labeled container (NOT a Coke bottle.) They must be given to a company licensed to dispose of hazardous or medical waste and destroyed, usually in these massive incinerators. (I was a med student once...)
.45. Never had to fire a shot, but I was absolutely ready to drop all three of them and they knew it. The other time I just opened my vest to a knife wielding mugger, we both smiled and he ran off like Carl Lewis doing the 100. Protect yourself!
Ironic as this sounds, what the cop did with those sharps (syringes) was more dangerous than your identity theft. Most likely, the manager chucked the bottle in the trash, and those needles are possibly now being reused by some dumpster diving junkie. Who knows what viruses, bacteria, whatnot those kids had lurking in their blood.
I'm insanely proud of your victory but I gently suggest calling the Red Lion, and TELL them that 'dirty needles' are somewhere in their trash. Two asshole identity theives in jail is small change compared to a trash collector or Red Lion employee getting Lyme, AIDS or septicemia, and spreading it to his family.
Also, those guys know who you are, are obvious heavy druggies and probably don't like you very much right now. They'll be out one day. Consider a pistol permit. I ALWAYS carry, and that's saved my life twice. Get some professional training , and practice every week, too. My close scrapes: Three guys went at me with crowbars (carjacking attempt in a parking lot...liked my M3) and their eyes got as large as frisbees when in under half a second they saw the business end of my Les Baer
"The pie shall be cut in half and each man shall receive.....death. I'll eat the pie."
Geez. Call Discover (or almost any other credit card company) and they will never send them again.
I think you have "thief" confused with thief. They really stole his money. And why wouldn't the people at Denny's help him? He has his credit card and ID to prove that he is who he says he is. If someone else used the same card number they obviously weren't supposed to.
That some kid stole a couple thousand dollars from Discover Card and some Visa merchant - so what? This guy acts like they were stealing the money from him.If someone stole your car, would you say, "So what? They're only stealing from the insurance company."? A defrauded man, his credit card companies, restaurant & hotel employees, and the police come together to arrest two thieves and somehow this is a bad thing? This is the way things should work, people taking responsibility and looking after their own interests and those of others.
I mean, whatever, how much food does Denny's throw away every day anyway?
Well, that's just stupid. Tell that to the waitress who served them and didn't get a dime when she could have gotten a real tip from non-criminals. Probably an overworked old lady who needed the money, too.
One thing that people should realize is that when an anonymous big corporation gets hurt, it's not really a corporation that's getting hurt. It's the stockholders. It's everyone that has a 401(k) or a mutual fund or any other diversified investment. These aren't rich day-traders, these are old people living off this money, or young people trying to save a few bucks for when they can't work any more.
What this guy did was every bit as noble as if he tackled a purse-snatcher. No, it's not his money, but it's someone's money, and that's a real, normal person just like you. He won't get a direct benefit, but he contributed to society.
Social scientists are inspired by theories; scientists are humbled by facts.
.... you USians never stop to amaze us.
In similar situations I just handed over my stuff.
Nobody was hurt, I was protected (insured) so I did not lose anything. One of the thieves was later caught.
With all due respect I think you USian guys should consider what firearms are doing to your society.
IANAL but write like a drunk one.
It might be fun to think about, but in real life the situation is much more straightforward if there is only one set of criminals in the picture. Battery is a crime, and the story wouldn't be nearly as compelling if it ended with our protagonist going to jail instead of the thieves.
I don't care if it's 90,000 hectares. That lake was not my doing.
I'd rather not have an easy-to-get number [SSN] used as my very identification. It's too easy here; I don't know about where you are
According to this page, "unless an organization can demonstrate that your [Social Insurance Number]" (equivalent to the American SSN) "is required by law, or that no alternative identifier would suffice to complete the transaction, you cannot be denied a product or service on the grounds of your refusal to provide your SIN."
I've had no problems withholding the number from landlords and banks.
Wrong answer. Thank you for playing. We have wonderful consolation prizes for you (or not.)
For what it's worth, and as I noted earlier in this thread, I'm actually fairly well-known in the Perl community. I'm a grant manager for the Perl Foundation, a scheduled speaker at the next OSCON, and an occasional technical book reviewer for O'Reilly. If I dared to create a lie this huge, my reputation would be ruined. I generally get job offers because of who I am. That would go away. Regardless of what you may think of my story, I'm not so stupid as to make this up.
They did have a photocopy of ID of one of the thieves. However, the registration (made through hotels.com) was still billed to me. And as for your info about the credit card companies, I know nothing about your experience, but it is vastly different from mine. If you have any credit cards, call and ask to speak to their fraud department (or, more likely, navigate through all of the damned menus they have.) I'm sure they'll be happy to set you straight.
1) I have stayed at that Red Lion in Portland.
;-)
2) I have eaten at that Denny's as well.
3) I have checked my email on the computer in the lobby.
4) A PuTTY icon on the desktop should have clued me in that I should not have checked my email there.
5) Over the next 3 days, my ISP account was used to spam strangers like crazy, before I finally changed my password.
6) This was almost 2 years ago.
Nice to see the Red Lion is still such a hotbed of criminal activity
"Love heals scars love left." -- Henry Rollins
>I've lost $0 in credit card theft, but dealing with the attempts has cost me quite a bit more in time: more than 100 times as much
So, you've lost $0 then?
You're absolutely correct. I'm a named, faced, mid-thirties guy trying to feel important :)
I really have no idea. The fact that one of them had a credit card check in his pocket suggests they went through my recycling and found something I forgot to tear up. However, maybe they found something some other way? I just don't know.
I'm looking forward to the police report. One of them (the guy who first walked into the lobby, not the blond kid) swore that he didn't do anything. The blond one seemed rather calm. The police separated them into different cruisers, perhaps so they couldn't get their stories straight. If one of them confesses, I'm sure that will be in the report and then I'll know. Of course, everyone will know, too, as I intend to post the reports as soon as I can.
Since losing a credit card number in an online purchase to a dbase hacker, I now use MBNA for all of my online shopping. It gives me a new credit card number everytime I use it, for which I can set an arbitrary $ amount before that number is consumed and also any expiration date for out to a year.
I generate new numbers using my browser, and even Safari works on OS X. I rest easy knowing that the particular number is set at just over the amount of my purchase, so even if the cc number was compromised it would have no more value attached.
--
$tar -xvf
1st time you saved your car
With great respect, I don't agree, I saved my life. One was sitting on my car's bumper. The other then two ran towards at me full speed with full length crowbars. You think a raised 4 foot crowbar in the hands of a running attacker just wants to gently ask for my keys?
One hit on the head and bye bye droopus. The police caught the same theives days later after they had bludgeoned a woman into a coma, and stole her car.
Ok here are your choices: feel good about being PC and unarmed, and (God forbid) possibly end up a vegetable in a hospice or on a slab. Or learn to protect yourself, professionally, safely and effectively and live to a ripe old age.
Which do you want to bet your life on?
Do what you feel is right for YOU, all I ask is that you extend me the same courtesy. Unless you threaten me or my family with deadly force (and for NO other reason whatsoever) I wouldn't harm a fly. Fair?
I will admit, training is every bit as important as the decision. I have taken hundreds of hours of training, up to the SWAT level at Blackwater, and am probably better than 90% of AMericans who carry, including cops (many of whom are terrible shots.) Owning and carrying firearms is an awesome responsibility, I do not take it lightly, and unlike the NRA and most gun owners I SUPPORT yearly, tough, proficiency tests, which makes me rather unpopular in the gun world. But that's the way I see it.
It gets even tougher for criminals in my home where I keep my Winchester 1300 SWAT shotgun with 8 rounds of 00 Buck under the bed.
My 180 pound bloodhound, Flop, who can smell an unfamiliar person anywhere near my property and is gun trained is added protection.
NO ONE is going to fuck with my family. And yes, my line of work makes me have reasons to be this secure.
Murderers carry guns too.
Damn right they do. So, we should allow them to be the only ones who do?
If they carry one into my house they get carried out in a body bag, though.
"The pie shall be cut in half and each man shall receive.....death. I'll eat the pie."
Yea, right. I bet it will be difficult to find anyone on this thread that knows you personally to back you up on this. what? Next thing you'll tell me I'm supposed to see Ovid on Sunday...
There are private transactions where the government mandates that an individual provide a business with their SSN, primarily anything taxable, like hiring somebody, or opening a bank account that pays interest, and by now they mandate it for most bank accounts even if they don't pay interest, and they mandate it for any medical transaction involving Medicare or most other government-funded health care.
For transactions where the government does not mandate that a business collect an SSN, they almost never place any restrictions on the business's activities with it, and they don't say that the business can't refuse to deal with you if you don't provide it - you're on your own.
There are a very small number of cases where some government, mostly state, places limits on private use of SSNs, or otherwise insists on some kinds of privacy protection. But in practice, those are usually not effective.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I feel really sorry for him. What a waste of time.
/. at 1 AM and you say I waste time?
You're on
Tee hee.
"The pie shall be cut in half and each man shall receive.....death. I'll eat the pie."
Thanks Matt. Really, though, many in the /. crowd just want a chance to take someone down a peg. And while my story's true, you have to admit, it's pretty weird. I can understand a few people doubting me.
My 180 pound bloodhound, Flop, who can smell an unfamiliar person anywhere near my property and is gun trained is added protection. Wow, you Americans even train your dogs to use guns. ;-)
"You superiour intellect is no match for our puny weapons" - The Simpsons
All his web-sites have not come down.
www.bootsix.net informs the reader that he's busy on a video project. Most likely he gave persmission to distribute the story and then really didn't care to talk to random fanboys on the net about it.
It's like writting a fan mail to someone famous, getting a response out of them and then pretending they're dead because they won't continue responding to your letters.
I've done that many times as the reciever of e-mails from random people. I will typically respond to someone once if they contact me through my web-site's form. After that the chance of a response from me drop quickly to zero. Initial response, and then never heard from again. That's the typical MO of people when talking to people they don't know and don't care to know. He answer'd the ZUG guy's question and that's all be felt compelled to be obliged to.
The big mistake that Bobby Johnny made was registering the power book site (which is his own site BTW so another one that isn't shut down) under his own name and home address.
So if the guy wanted to fly across the ocean and whack him, he could. But most likely Bobby just didn't care to continue some long conversation with the ZUG guy and has better things to do as mentioned on his main site; the video project.
But I have to say, assuming he's dead leads to a more interesting ending.
I'd say he's just tired of the fanboys and has moved on with his life.
Work Safe Porn
And just to add a little more credit, I'm his roomate. Yes its true. You can check my rep if you like. Have fun.
Also the local news boys, KOIN Channel 6, just left. Ovid will be on the news at 11 tonite.