Slashdot Mirror
Identity Theft Victim Gets Last Laugh
Ovid writes "Being a bit of a hypocrite, I sometimes whine about privacy in my blog. I do, however, try to be careful about not letting anyone get information about me they shouldn't and I rarely, if ever, use a credit card online. This is why I was surprised to find out one morning that identity thieves had racked up thousands of dollars one two of my credit cards. By early afternoon, I caught them and the police arrested them."
The canadian mounties have a new branch devoted to identity theft and they solved my case in a week. They are amazing.
For those who haven't seen it (Like anyone in this crowd wouldnt have seen this), I'd suggest reading the P-P-P-Powerbook Story as a great compliment. These stories of Scammers getting Scammed never get old.
> and I rarely, if ever, use a credit card online.
Don't you know whether you do or not?
Sheesh, evil *and* a jerk. -- Jade
never use a card when cash will get the job done. It might sound "cute", but it's the best way to protect your privacy - not to mention your bank account.
My digital rights don't need management.
If you just send your full name, birth date, address, social security number, credit card numbers with expiration dates to securemyidentity@gmail.com, we will monitor your credit record and make sure that you never have to worry about your good credit record ever again.
Cash can be stolen and used easily. Cards can be stolen and used, but you can get the money back. Big difference.
Cards are way more convenient, less hassle in the long run, and let you get an accurate tally of what you spend. Cash just means constant trips to the ATM, spending money in dribs and drabs and forgetting about it, and the risk of getting mugged when you flash it too much.
You might have outsmarted them this time, but it's never a good idea to gloat. This is something you'll forget in time, but they're going to remember it for a lot longer than you are because they'll be the ones doing time for the crime. If they got really rough sentences because of you and spent several years in the slammer as a result, ten years later they could come looking for you to take away your life. Your credit cards would be the least of your problems.
My digital rights don't need management.
In a situation like this where you know the culprit is standing only a few meters away from you its so tempting to confront the thief. I admire his resolve.
I never really thought how much power you the credit card holder have in these situations. A few proactive measures can go a great deal further than a phone call to a dusty beurocrat.
this is wnhy you get a prepaid visa or mastercard for online purchases. id rather spend the 30 minutes to put the cash on the card and buy something online with it than than let some druggy scum waltz off with my hard earned money. http://www.netspend.com/ Netspend offers inexpensive prepaid visa and mastercards that are useable anywhere.
... i would have found it very difficult to resist the urge to take some very gratifying physical revenge on the perps. bravo to ovidius. this won't stop identity theft, but it surely promotes a bit more vigilance on the potential victims ...
nothing worth possessing isn't possessed. or something.
More evidence that credit card signatures are useless.
Ludwig Wittgenstein
Calling the cops three times on your cellphone: 68 cents.
Driving to Denny's at 96 miles per hour: $1.10 in gas.
Seeing identity-thieving bastards hauled off in handcuffs before your very eyes: priceless.
There are some things money can buy. For everything else, there's adrenaline and instincts.
Yup. I'm the same Ovid.
That's a fair question.
In this case, I happen to be "Curtis Poe", a grant manager for The Perl Foundation and in the small world of Perl, I'm moderately well-known. If I were caught making up stories like this, my reputation, and possibly my career, would be ruined.
Also, I hope to post the police report when I get it.
They closed that account and notified me immediately without authorizing any sales. I called the credit card company and found that in fact there had been three or four transactions on my card which I hadn't made. They weren't for a lot: there was one for a tank of gas, and the total was for less than a thousand dollars. The credit card company took care of the charges but seemed totally uninterested in pursuing the matter, even after I provided them contact information at Amazon. Amazon could not give me the information directly, but were anxious to provide it to the issuing bank. and urged me to contact my local law enforcement agencies.
Stupidly, I didn't contact local law, but kept badgering the issuing bank. Finally I gave up and cancelled the account. The original card had of course been cancelled immediately when I reported the problem, but I no longer had any confidence in the bank.
It's pretty bad when Amazon does a better job of tracking my credit card than the issuing bank does. Of course, I still do business with Amazon and I don't do business with that bank so maybe there's a moral there somewhere.
People sure have been jumping on this identity theft band wagon for about the last year. This isn't identity theft, it is Credit Card Fraud.
Identity theft would be if I opened up a credit card using your social or if I obtained a loan using your social.
Credit Card Fraud is stealing your credit card information and using it.
Too bad the media just keeps misleading people to believe the two are one and the same.
Looks like this guy caught his own criminal. Unlike the rest of you lazy slobs.
Sigs are like bumper stickers.
And all I can say is ... "SHRED THOSE CHECKS, DUMMY!". I have a discover card and get those all the time. I *Do NOT* toss them out. They get shredded in about 1 million little pieces.
I shred just about anything that might have any information about me, my family, or my bills or creditors/debtors. This guy coulda saved himself some grief. The kid prolly saw him check his mail from a PO box and then shake his head and toss the checks in the trash, where he retrieved them.
In fact, it bugs me Discover sends me those checks all the time. I never use them, probably never will, and wish they wouldn't send them so frequently.
FLR
I spend a lot of time on the road, so she audits the hell out of my cards. Turns out there were a couple charges at a local hotel - weird, because it was not anything I would book! Weirder yet when she realized it was her card. My wife's credit card info got swiped at Target.
Anyhow, the way the scam worked is they booked the room with hotels.com using my bride's card info. They checked in, tried to pay with a card that was expired (or did not work - they were not clear on that). When the hotel attempted to charge for the room service and the time they were there, it defaults to the card used to make the reservation. Card canceled, new one issued, no cost to us - but dang, you really have to watch your statements.
+++ UGUCAUCGUAUUUCU
Come on, now.
Using a credit card online is much safer than using it at any restaurant in which someone takes it out of your sight, using it at a store at which an imprint is taken, or giving its number to someone on the telephone.
I do all of these, and like the vast majority of everyone else, I've never had a problem.
Many, if not most, online merchants, don't ever store your credit card number. The exceptions would be those who have a recurring charge capability and those who explicitly have the capability to store it.
Being aware of the security of your information is fine, but rejecting convenience without adquately weighing the relative risk is damned silly.
This isn't to say that the original poster doesn't have good practices when it comes to using his credit card at restaurants as well. However, nearly everyone I know who won't use a credit card online will pony it up at a restaurant without a second thought.
now go upstairs and help your mom with the dishes.
As a former scammer and hacker turned security consultant... I have to say that it is surprisingly FREAKING EASY!!! to get someones CC numbers... from social engineering tactics, dumpster diving, or just slight of hand / eye tricks... its possible to get almost anyones card number these days.
Maybe not a single person as a target mind you, but valid card numbers none the less.
Once you get the card numbers youll also find that it is stupidly simple to make large purchases with them. Online buys can be made to drop houses for obscurity... and in person purchases can be made with a $300 3M card writer and a good inkjet printer and a bit of photoshop to create a physical card...
People NEVER verify the card holders name to the ID these days so having the actual card stolen from someone is just about as safe. (When they did attempt to ID me I would claim that I didnt bring my wallet, just the card and they would let me make a $599 purchase at best buy).
I commend him quick thinking and 'dumb luck' in your of your credit attackers... I have to say that if some people had been as vigilant I may have had their fate.
On the flip side of the coin, While I once had a stack of 50 valid and working credit cards obtained from one method or another... I now manage and secure online companies from attack and fraud using counter techniques which I used to skirt in MY efforts. I now have access to between 75 and 100K customer's information which Is locked down tighter than Fort Knocks if I do say so myself... not that this makes up for any of my past exploits, but to me, its a way of atoning.
The Code Ninja is swift with his tool, precise in his delivery, and deadly accurate in his execution.
That some kid stole a couple thousand dollars from Discover Card and some Visa merchant - so what? This guy acts like they were stealing the money from him.
Don't you get it? This isn't play money. It's real money that the merchants, banks, and card processors have to cough up. Where do you think it comes from? Higher merchandise prices (or, eroded retail margins, and fewer mom-and-pop retailers as a result), higher bank fees, and higher transaction fees. All of that, all of it, trickles down to the paying consumer in one way or the other.
Thieves like this are taking it from all of us, however indirectly. They're parasites. I completely tip my hat to someone who busted a couple of these punks while their greasy (stolen) Denny's breakfast was still impacting their short-term blood pressure. Truly delightful.
Don't disappoint your bird dog. Go to the range.
Last year Wells Fargo calls me. It seems some doofus used my Wells Fargo Mastercard to buy, among other things, $1000 in Victoria's Secret gift certificates from the VS Website. The expriation date was wrong, and the transaction flagged. Wells Fargo did NOT authorize the purchase, and I wasn't billed. (Other smaller purchases, under $50, had been authorized earlier in the day, but they were now being charged back since I said I didn't make them.) Bravo to Wells Fargo for being diligent about this.
Of course, I want to catch these shitheats. Victoria's Secret has their shipping address, so I think it should be pretty easy to get that address, call the police, and have justice done.
WRONGO!!
I call Victorias Secret. They say they can only give the shipping address out to a police officer/detective conducting an investigation, or at the request of the Credit Card company (Wells Fargo.). OK. Fine. They don't want vigilantes.
I call local PD. They say that since I didn't lose any money (WF blocked or refunded all charges) there was no crime for them to persue. If anyone lost money, Wells Fargo did. Call them and have them call police.
I call Wells Fargo. They say THEY didn't lose any money; they cancelled or blocked the charges. If anyone lost anything of value, it is Victorias Secret for (apparently) shipping out the gift certificates immediately without a valid payment now, or a valid expiration date eariler. They would need to call the Police to start an investigation.
"But I just called them! They don't care about who did this. They sent me to the local PD, and they sent me to you," I say. "I just want to know who did this. They have an address, but they'll only issue it to you or the PD."
The conversation took TWO more laps around these three parties before I gave up.
The story linked to in this post gives basically the same story in the sense that the local PD didn't give a shit about this crime in terms of investing ANY investigational effort. It was up to the poor victim to do all the legwork, and even THEN, the police seem like they take their sweet time getting there to catch the jerk-off criminals.
I bet the local DA pleads them down to nothing without a trial too.
In short, it seems that only determined application of stupidity on the part of credit card theives, along with an angry, lucky, motivated victom working hard at finding the theif, is the ONLY way these shitheads will ever get caught.
I don't even know why I work for a living...
Well done man, but the syringe portion gave me a chill. The syringe part is more than just evidence...what the cop did was both illegal and insanely dangerous. "Sharps" are considered hazardous medical waste and in every state MUST be disposed of in a proper labeled container (NOT a Coke bottle.) They must be given to a company licensed to dispose of hazardous or medical waste and destroyed, usually in these massive incinerators. (I was a med student once...)
.45. Never had to fire a shot, but I was absolutely ready to drop all three of them and they knew it. The other time I just opened my vest to a knife wielding mugger, we both smiled and he ran off like Carl Lewis doing the 100. Protect yourself!
Ironic as this sounds, what the cop did with those sharps (syringes) was more dangerous than your identity theft. Most likely, the manager chucked the bottle in the trash, and those needles are possibly now being reused by some dumpster diving junkie. Who knows what viruses, bacteria, whatnot those kids had lurking in their blood.
I'm insanely proud of your victory but I gently suggest calling the Red Lion, and TELL them that 'dirty needles' are somewhere in their trash. Two asshole identity theives in jail is small change compared to a trash collector or Red Lion employee getting Lyme, AIDS or septicemia, and spreading it to his family.
Also, those guys know who you are, are obvious heavy druggies and probably don't like you very much right now. They'll be out one day. Consider a pistol permit. I ALWAYS carry, and that's saved my life twice. Get some professional training , and practice every week, too. My close scrapes: Three guys went at me with crowbars (carjacking attempt in a parking lot...liked my M3) and their eyes got as large as frisbees when in under half a second they saw the business end of my Les Baer
"The pie shall be cut in half and each man shall receive.....death. I'll eat the pie."
Geez. Call Discover (or almost any other credit card company) and they will never send them again.
I mean, whatever, how much food does Denny's throw away every day anyway?
Well, that's just stupid. Tell that to the waitress who served them and didn't get a dime when she could have gotten a real tip from non-criminals. Probably an overworked old lady who needed the money, too.
One thing that people should realize is that when an anonymous big corporation gets hurt, it's not really a corporation that's getting hurt. It's the stockholders. It's everyone that has a 401(k) or a mutual fund or any other diversified investment. These aren't rich day-traders, these are old people living off this money, or young people trying to save a few bucks for when they can't work any more.
What this guy did was every bit as noble as if he tackled a purse-snatcher. No, it's not his money, but it's someone's money, and that's a real, normal person just like you. He won't get a direct benefit, but he contributed to society.
Social scientists are inspired by theories; scientists are humbled by facts.
I'd rather not have an easy-to-get number [SSN] used as my very identification. It's too easy here; I don't know about where you are
According to this page, "unless an organization can demonstrate that your [Social Insurance Number]" (equivalent to the American SSN) "is required by law, or that no alternative identifier would suffice to complete the transaction, you cannot be denied a product or service on the grounds of your refusal to provide your SIN."
I've had no problems withholding the number from landlords and banks.
Wrong answer. Thank you for playing. We have wonderful consolation prizes for you (or not.)
For what it's worth, and as I noted earlier in this thread, I'm actually fairly well-known in the Perl community. I'm a grant manager for the Perl Foundation, a scheduled speaker at the next OSCON, and an occasional technical book reviewer for O'Reilly. If I dared to create a lie this huge, my reputation would be ruined. I generally get job offers because of who I am. That would go away. Regardless of what you may think of my story, I'm not so stupid as to make this up.
They did have a photocopy of ID of one of the thieves. However, the registration (made through hotels.com) was still billed to me. And as for your info about the credit card companies, I know nothing about your experience, but it is vastly different from mine. If you have any credit cards, call and ask to speak to their fraud department (or, more likely, navigate through all of the damned menus they have.) I'm sure they'll be happy to set you straight.
1) I have stayed at that Red Lion in Portland.
;-)
2) I have eaten at that Denny's as well.
3) I have checked my email on the computer in the lobby.
4) A PuTTY icon on the desktop should have clued me in that I should not have checked my email there.
5) Over the next 3 days, my ISP account was used to spam strangers like crazy, before I finally changed my password.
6) This was almost 2 years ago.
Nice to see the Red Lion is still such a hotbed of criminal activity
"Love heals scars love left." -- Henry Rollins
>I've lost $0 in credit card theft, but dealing with the attempts has cost me quite a bit more in time: more than 100 times as much
So, you've lost $0 then?
1st time you saved your car
With great respect, I don't agree, I saved my life. One was sitting on my car's bumper. The other then two ran towards at me full speed with full length crowbars. You think a raised 4 foot crowbar in the hands of a running attacker just wants to gently ask for my keys?
One hit on the head and bye bye droopus. The police caught the same theives days later after they had bludgeoned a woman into a coma, and stole her car.
Ok here are your choices: feel good about being PC and unarmed, and (God forbid) possibly end up a vegetable in a hospice or on a slab. Or learn to protect yourself, professionally, safely and effectively and live to a ripe old age.
Which do you want to bet your life on?
Do what you feel is right for YOU, all I ask is that you extend me the same courtesy. Unless you threaten me or my family with deadly force (and for NO other reason whatsoever) I wouldn't harm a fly. Fair?
I will admit, training is every bit as important as the decision. I have taken hundreds of hours of training, up to the SWAT level at Blackwater, and am probably better than 90% of AMericans who carry, including cops (many of whom are terrible shots.) Owning and carrying firearms is an awesome responsibility, I do not take it lightly, and unlike the NRA and most gun owners I SUPPORT yearly, tough, proficiency tests, which makes me rather unpopular in the gun world. But that's the way I see it.
It gets even tougher for criminals in my home where I keep my Winchester 1300 SWAT shotgun with 8 rounds of 00 Buck under the bed.
My 180 pound bloodhound, Flop, who can smell an unfamiliar person anywhere near my property and is gun trained is added protection.
NO ONE is going to fuck with my family. And yes, my line of work makes me have reasons to be this secure.
Murderers carry guns too.
Damn right they do. So, we should allow them to be the only ones who do?
If they carry one into my house they get carried out in a body bag, though.
"The pie shall be cut in half and each man shall receive.....death. I'll eat the pie."
There are private transactions where the government mandates that an individual provide a business with their SSN, primarily anything taxable, like hiring somebody, or opening a bank account that pays interest, and by now they mandate it for most bank accounts even if they don't pay interest, and they mandate it for any medical transaction involving Medicare or most other government-funded health care.
For transactions where the government does not mandate that a business collect an SSN, they almost never place any restrictions on the business's activities with it, and they don't say that the business can't refuse to deal with you if you don't provide it - you're on your own.
There are a very small number of cases where some government, mostly state, places limits on private use of SSNs, or otherwise insists on some kinds of privacy protection. But in practice, those are usually not effective.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks