**Warning** Credit Card Fraud

[disneynutz]

I don't know if this is the best forum to post this so Mods please move.

Wanted to post a warning to my fellow Disers. During this last year, 2 of our 3 trips to WDW have been tainted with CC fraud. The first time we never left WDW so the card number was obtained on site. Today I noticed several fictitious charges on our new Disney Visa that we just got before our Christmas trip. We did have two charges off site this trip so I don't know where they snagged my number. The charges are all in Florida, mostly Wal-Marts.

The CC company told me that Disney is a popular place for CC fraud.

Be sure to check your CC statements carefully.

Bill

 

[Chuck S]

Interesting. Did you leave your CC number at the front desk and use room charging for everything onsite, or did you use your actual credit card all over WDW? I use room charge specifically for the safety aspect of not having my CC used at so many locations. Also, did you use it anywhere at the airport on your way to/from WDW?

In all the years we've been going to WDW, I've never had a fraudulent charge. But fraudulent charges seem to be on the increase nationwide,

Thanks for the reminder to be careful in protecting our info, especially on vacation. Even though it is Fl and Mickey Mouse, it is still part of the real world

 

[disneynutz]

Interesting. Did you leave your CC number at the front desk and use room charging for everything onsite, or did you use your actual credit card all over WDW? I use room charge specifically for the safety aspect of not having my CC used at so many locations. Also, did you use it anywhere at the airport on your way to/from WDW?

In all the years we've been going to WDW, I've never had a fraudulent charge.

Knock on wood Chuck.

Both times the cards were our room deposit. The first time this happened the only legal charge on the card was the room deposit at BWV. Disney security was interested in that one. This time it was used for our room deposit at BCV & SSR, also Hess, Dollar car rental & Publix. We have the card so the bad guys are capturing the number some how.

 

[JimMIA]

I don't have any recent stats, but for years, New York was #1 in the world for credit card fraud and Florida and London fought it out for #2, with California being #4. Virtually all of the credit card fraud in Florida is done in either the Orlando area or the Miami-Ft Lauderdale area.


The most common way to obtain credit card info today is "skimming," and the most common venue for skimming is restaurants and clubs. Waitstaff carry small battery-powered card readers that look like the part of a POS teminal you swipe your card through. They usually carry them in those stylish little aprons they wear.

They swipe the card, it reads the magnetic stripe, and copies all of the info on the stripe to a storage chip. At the end of the shift, they sell the skimmer to a credit card fraud person, who gives them a new skimmer for the next shift.

You still have the card, so you have no idea your card has been compromised until you get your bill (or if you carry a GOOD credit card, like Citibank, they call you to check some transactions).

The credit card fraudster downloads the info from the skimmer onto a laptop. Then, they take a pile of stolen credit cards (which are probably useless because the owner has already canceled them) and copy the skimmed info onto the mag stripe of the stolen cards. They essentially create an electronic twin of your credit card. Typically, they'll go to a gas station and try a $1 charge to be sure the card works. Then they sell the cards to "runners" who will actually use the cards.

The numbers embossed on the card won't match the info on the mag stripe, which is why many merchants enter the last four digits of the embossed number. It's a detection strategy against skimming.

Often, if you see numerous purchases at the same store -- or different stores in the same mall -- that's because an employee of the store bought the card and is the person actually purchasing with the card. In malls, the kids trade stolen cards like we used to trade baseball cards, each committing a little fraud in their own store or being allowed to commit fraud in a friend's store.

In other situations, there may be multiple copies of the same card, and/or multiple people using many cards for a big shopping spree. Sometimes the rings involve dozens of people.

How do you protect yourself? You can't. You just pay attention to your monthly statements and hope your issuing bank has good security in place.

 

[KoOlinaIsHome]

It sounds to me like someone at the front desk got a hold of your credit card number. I'm sure that is why Disney Security is quite interested.

 

[JimMIA]

Knock on wood Chuck.

Both times the cards were our room deposit. The first time this happened the only legal charge on the card was the room deposit at BWV. Disney security was interested in that one. This time it was used for our room deposit at BCV & SSR, also Hess, Dollar car rental & Publix. We have the card so the bad guys are capturing the number some how.

The problems would not have been at Hess or Publix, because your card is swiped directly into the POS terminal by you. I'd be looking at the bold italic locations above.

 

[Chuck S]

Knock on wood Chuck.

Both times the cards were our room deposit. The first time this happened the only legal charge on the card was the room deposit at BWV. Disney security was interested in that one. This time it was used for our room deposit at BCV & SSR, also Hess, Dollar car rental & Publix. We have the card so the bad guys are capturing the number some how.

I would hope thatDisney security was interested. My goodness, scammers will show up anywhere.

 

[CDNmouse]

Does Disney use the older (less secure) wireless WEP network to send data back to a credit card / billing department?

A hacker sitting in the lobby, or maybe in a car outside our hotel and may be able to audit the wireless network and grab credit card data. It would be hit or miss. If you were checking in at the time the hacker was in the area sniffing your CC info could be copied.

I would think that Disney has a secure network and is not still using WEP but I guess you never know. On a lap top a WEP network may seem secure, but there is software online that can sniff out the security password very easy.

Gary

 

[JimMIA]

Does Disney use the older (less secure) wireless WEP network to send data back to a credit card / billing department?

A hacker sitting in the lobby, or maybe in a car outside our hotel and may be able to audit the wireless network and grab credit card data. It would be hit or miss. If you were checking in at the time the hacker was in the area sniffing your CC info could be copied.

I would think that Disney has a secure network and is not still using WEP but I guess you never know. On a lap top a WEP network may seem secure, but there is software online that can sniff out the security password very easy.

Gary

OR...a front desk CM could just hide a skimmer in their pocket (they're smaller than a pack of cigarettes) and not have to worry about "hit or miss."

"One swipe for the Mouse, one swipe for me!"

 

[CDNmouse]

OR...a front desk CM could just hide a skimmer in their pocket (they're smaller than a pack of cigarettes) and not have to worry about "hit or miss."

"One swipe for the Mouse, one swipe for me!"

Sure, that is possible too but it wouldn't take security too long to figure out who did it and the empolyee would be gone. I am sure that even Disney has employeed a few bad apples. Chances are probably pretty good that if they are going to the dark side they will get caught.

Auditing a wireless network is much harder to figure out who the bad guy (or girl) is. They remain anonymous, passing off the credit card info to a few other people before the fake CC is sold. The person using the fraudelent card may get caught but all there knowledge of how the credit card info was obatined will be very limited.

Gary

 

[JimMIA]

I'm telling you how it is done...not how it could be done.

 

[MiaSRN62]

Wow.......thanks Bill for the head's up.......and to Jim for all the detailed info.
We have so far, only been at high risk for fraud. It made the news. It had to do with Marshall stores. Our bank was on the ball. They cancelled our cards so fast that they didn't even have time to notify us. When I called because my card was denied at a Hess gas station (this was all here in PA), they told me they were on to it so fast and just shut everyone's card down who had been to a Marshalls (which I had been). They said they became aware of a scam and were issuing all new cards to their customers. Made me feel good to know our bank acted so quickly.
But this can happen anywhere and to anyone......these skimmer things Jim mentioned are scary. There was a story in the last several months about them showing up at ATM machines. Every time a customer would attempt to get money out of their account at an ATM, these skimmers would record the information off the card. The person would get their money and be off.....totally unaware of what had happened. Apparently they were attaching these devices to the actual ATM. Local Philly cops were on TV showing how they can be detected and to report them or anything that was deemed suspicious.
Thanks again for bringint this to our attention.

 

[CDNmouse]

I'm telling you how it is done...not how it could be done.

Yes, that is one of the ways to clone a credit card.

You are also right when you say there isn't much you can do except keep good records and check your statement carefully. I recommend going one step further by checking your credit card statement online so that you can discover strange purchases even sooner.

Gary

 

[AKV707]

It sounds to me like someone at the front desk got a hold of your credit card number. I'm sure that is why Disney Security is quite interested.

First, welcome to the Dis! It does sound that way. I guess that the only things we can do is to check our statements, particularly on the web, and keep an eye on the front desk people when they have our card.

 

[simzac]

Threads like this one is why I check my bank account and CC's daily online. I've had instances in the past where someone got hold of my number and charged something illegaly, thus the reason I check daily.

 

[dvc at last !]

wow

 

[keishashadow]

We've had 3 different cards compromised since 12/05

#1 was a zero balance card that was used to check into WL and then for dining @ Rainforest Cafe DTD.

Next day; moved onto DCL & used @ checkin

Following day in Nassau tried to purchase a bag of coffee, was declined. Called CC company...the day we sailed 2 purchases were attempted

*needle & thread $1+
*$13,000+ worth of jewelry in Isabella, Spain

This was on a Providian/WaMu card, they offered to have replacement in next port; we declined...just glad we brought back up plastic.

#2 was less than a week before departing to Disney less than a year later. I had just called MS & added the DP. DS decided he needed new sneakers so we went to Dicks; card declined. Apparently, i had just purchased a year of AOL and an Eccho snowboard in Colorado.

both times, no hassle from the CC company; just inconvenient.

#3 was discovered via a call from issuer re online fraud/activity; not related to travel/disney in any way

I do think our info was compromised by the server @ Rainforest Cafe (the one we niavely told we'd be heading off on a cruise the next day as we chatted as to our vacation ) as opposed to WL desk. It's just too easy to trace it back to disney, don't think the employees would be that dim.

fyi, i now call the CC issuers before travel & alert them to where we will be & when jik

 

[jejojual]

We also had our cc number stolen. We were @ Disney in late-Nov '07. The only charges on our cc in Florida were at the front desks @ OKW & SSR, the ticket booth @ SeaWorld, the Lego store @ DTD, and two pay-at-the-pump gas charges at the Hess station outside the MK. Everything seemed fine until I got a call from my cc on 1/13/08 about 3 charges on my card earlier that day at gas stations between Orlando & Tampa. We still had our cc and had no reason to believe anything was wrong. The cc was suspicious of charges on the same day in both PA & FL and called to verify. This "skimming" scam is scary and can happen to anyone. I agree with the OP re: regularly checking your cc account online to make sure all is well! I will be a bit more observant of these kinds of scams in the future . . .

 

[disneymom8589]

I had a similiar experience last summer. My CC company called and reported what they suspected were fradulant charges made in California (where I hadn't been recently). They were either at dollar stores or gas stations and the amounts were for even, strange amounts, like $2.00, $3.00, etc. The CC company cancelled my card immediately and gave us new ones.

It's certainly eye-opening to read what posters are saying is happening at restaurants, ATM machines, etc.

 

[AKV707]

I had a similiar experience last summer. My CC company called and reported what they suspected were fradulant charges made in California (where I hadn't been recently). They were either at dollar stores or gas stations and the amounts were for even, strange amounts, like $2.00, $3.00, etc. The CC company cancelled my card immediately and gave us new ones.

It's certainly eye-opening to read what posters are saying is happening at restaurants, ATM machines, etc.

Thanks to this thread, I went to the Chase site to check my Disney Visa. Well,
there it was, a $4.95 charge to some e-book company site that I have never heard of and never been to. I googled the site and this is a common fraud. I have no idea where they got my number. I have contacted Chase and it is being handled.

Watch those online statements!