Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

wbhambone

macrumors member
Original poster
Jan 26, 2005
65
0
Wales
Hope you guys can follow...I'm really stumped by this and am looking for a little insight.

On the evening of the 21st I placed an order for photos through iPhoto. I have one-click ordering turned on, so it was a quick process.

Then, on the 27th I received a phone call from a web hosting company. They called to ask if I had any questions regarding my recent hosting package purchase. Problem is - I never ordered a web hosting package from this company, or any company for that matter. This company had my name, address, phone number, credit card number...everything. My credit card was charged $119 for the web hosting package. Needless to say, I had the service rep kill the package purchase as fraudulent. I hung up with him and called the credit card company to cancel the account to prevent any other purchases.

So, what does this have to do with my mac. Well, I've not lost my credit card, it's never left my side, which means someone got my information through some online purchase. The only purchase I've made through any online system is through iPhoto. All the information that I have for my Apple ID account is the same that the guy had from the web hosting company.

So this means one of two things:
- iPhoto is not a secure method for ordering photos.
- I have some type of infection on my system (spyware, etc) that has captured my info. I find this to be highly unlikely but it's the only thing I can think of.

System specifics:
- OS X 10.4.2
- 15" PB (Rev. D)
- browser: Firefox 1.0.4
- SBC Yahoo DSL (2Wire DSL modem - firewall turned on)
- Linksys WRT54G wireless router (firewall turned on)

Any thoughts about how this could possibly happen. Are iPhoto purchases secure...should I be looking somewhere else for how my info was stolen.

I'm at a complete loss as to how this could happen.

Thanks.
B
 

grapes911

Moderator emeritus
Jul 28, 2003
6,995
10
Citizens Bank Park
This may or may not apply to you:

It is very rare for credit card info to get stolen over the net (unless you enter your info in a non secure site) Most times the info is stolen from human contact. ie) Sales clerk copies/remembers you number, fraudulent card reader placed over real card reader, and so on.

While your card may have been stolen over the net (and many signs point to iPhoto), I'd bet it was from something else.

Sorry I can't be more helpful.
 

wbhambone

macrumors member
Original poster
Jan 26, 2005
65
0
Wales
Thanks for the responses.

What makes this crazy is that when the web hosting company called they asked to speak with me over the phone by using my shortened middle name (Brad). This is what I go by. My credit card, though, has my first name. He had that name as well.

Whoever got my information knows that I go by Brad but have another name on my credit card.

Crazy.
 

rkristich

macrumors member
Jul 27, 2005
62
0
Punta Gorda, Florida
While iPhoto may be the culprit, it's more likely that someone working in a brick and mortar store/restaurant stole your number, as grapes911 said.

In my town a few years back, a waiter at Applebees was copying down all the info from customer's credit cards and putting fradulant purchases on the cards. It wasn't too hard for him to get addresses and phone numbers, he would just look up the person's name in the phone book.

Cancelling the account asap (as you did) is the best thing you can do after you've found out your number and info is in somebody else's hands. Hopefully there's a way for the credit card company or even the web hosting company to find out who used your credit card, but even if he/she is not caught, at least you didn't lose any money.

Edit: Just saw that you responded while I was replying to the post. That is very strange that the company knew what name to call you, and possibly points even more to someone locally who knows (or overheard) that you do not go by your first name.
 

pubwvj

macrumors 68000
Oct 1, 2004
1,901
208
Mountains of Vermont
grapes911 said:
It is very rare for credit card info to get stolen over the net (unless you enter your info in a non secure site)

It does happen though. It happened to me. I know because I mistakenly gave the wrong card exp date with an online purchase. I then realized the error and corrected it. Meanwhile, someone at the vendor tried to use my card to make a purchase at another online store. Fortunately my credit card company caught the strange purchase that was being made since it didn't match my buying patterns. The credit card security department called me to check to see if the fake purchase was valid. No it wasn't. They cancelled the now insecure card and sent me a new card by FedEx.
 

alex_ant

macrumors 68020
Feb 5, 2002
2,473
0
All up in your bidness
Corporations pretty much know everything about you. There's no way to avoid it. If a particular corp only has partial information, they will acquire the rest from a vast network of other corps and cross-reference to get the rest. Anything in their database will stay there forever. If you have a social security #, you are owned. The only thing to do is live with it and use what power you do have to make sure that information is not abused (i.e. calling the credit card company when you notice fraudulent activity).
 

pdpfilms

macrumors 68020
Jun 29, 2004
2,382
1
Vermontana
Thanks for the responses.

What makes this crazy is that when the web hosting company called they asked to speak with me over the phone by using my shortened middle name (Brad). This is what I go by. My credit card, though, has my first name. He had that name as well.

Whoever got my information knows that I go by Brad but have another name on my credit card.

Crazy.

What's strange to me about this is the fact that they knew your name, and for the following reasons.
Firstly, why would someone committing identity theft bother to find out the commonly used name of their victim? Secondly, why would they bother to use it? One could easily do the job by using legal names... an online store is more likely to have issues with the transaction if the name doesn't match up with the legal name.

This is very odd to me... Makes me think it was either an amateur theft or someone who may be relatively close to you.

On the other hand, were you able to get any information from this web hosintg company? Domain name, IP addresses... anything?
 

wbhambone

macrumors member
Original poster
Jan 26, 2005
65
0
Wales
I was able to get the registered domain name from the hosting company. The only bogus thing given when buying the hosting package was the email address the theif gave (some aol address).

I plan to call them back on Sunday (the hosting company) to see if I can get anything else out of them.
 

Chip NoVaMac

macrumors G3
Dec 25, 2003
8,888
31
Northern Virginia
There was a report today on the radio that credit card companies are having security issues with the off-shore support centers they are using.

Add to that my own tail of woe. Some of you all may have followed the saga of the split of my ex and I, of 12+ years.

Long story, short (hopefully), is that my ex had been between jobs and had health issues that in the end ran deeper than what I thought or was told.

On April 15th I told him that he needed to find a new place to live. He had indicated that he saw it coming, and decided to move to Florida. It was about a week and a half later that he was ready to make the trip to Florida. I was truly concerned about a long distance trip, since I had been paying the bills for the household for awhile. He told me not to worry, for he was resourceful.

Add to that I had started my move to a new place and selling of my TH. Fast forward a bit to about two weeks ago. I was finally forwarded by the USPS my May XXXXXXXX VISA statement. There were charges that I did not make.

Sad to say, those charges were for food and items that I questioned at the time on how he was able to afford them.

In talking with the Fraud Department, I found out that some were done by key entry - but many of them were done by the actual Credit Card. This is an issue in that only two cards were ever sent by the Credit Card company. One that expired, and the other I held in my hands as I was talking with the Credit Card company.

Some here may remember how distraught I was over "news" that my ex and our dog Chewey were homeless for a week and half. The concern I and the rest of you had was missed place. My ex was never homeless. He was in motels across the south on my credit card!

Some of you may wonder how this is possible. Evidently there is a process of credit card cloning. And that is what he did.

Not to worry, I had fraud protection. And the Credit Card company and I will pursue any avenues needed.

I share this tale for everyone to realize that they can be subject to credit or indenty theft. Even from those that they had trusted. For in my case after 12+ years, I would have never expected my ex to stoop so low.

Another thing I learned was that the credit laws protect the credit card companies, not the consumer. Between all of the above, I was denied credit because he had placed me as an "authorized user" on one of his credit cards - all without my knowledge or authorization! I had to do battle do battle with the GM Master Card because of their failure to protect the consumer!

IMO it is all about the money. Credit companies are not truly concerned about the average consumer. Not unless we sign up for their "credit protection" plans. Debt that is no longer collectable by state or federal law is bought and sold on a regular basis. Many are forced to pay a debt that legally they no longer owe.

New federal laws allow the consumer over the next year or so to get annual reports on their credit activity. i would suggest spending the money to make sure you are safe - until the politicians can get their hand out of the credit companies deep pockets.
 

MUCKYFINGERS

macrumors 6502a
Jun 7, 2005
769
15
CA
This crap happened to my mom before. I think a girl at a local supermarket or a restaurant made about $1,400 or more in fraudulent purchases that were to be shipped to Mexico. The good thing about credit card companies, though, is that they pretty much trust you when you tell them that your account has been hacked and someone is making fradulent purchases.
 

Chip NoVaMac

macrumors G3
Dec 25, 2003
8,888
31
Northern Virginia
MUCKYFINGERS said:
This crap happened to my mom before. I think a girl at a local supermarket or a restaurant made about $1,400 or more in fraudulent purchases that were to be shipped to Mexico. The good thing about credit card companies, though, is that they pretty much trust you when you tell them that your account has been hacked and someone is making fradulent purchases.

In my case my ex got away with $2400 in fraud charges. To add insult to injury, he stopped using the card when it was maxed out. And began using it again when I made a major payoff.The card issuer so far has been great in getting it corrected.

Still hurts though.....
 

MUCKYFINGERS

macrumors 6502a
Jun 7, 2005
769
15
CA
Chip NoVaMac said:
In my case my ex got away with $2400 in fraud charges. To add insult to injury, he stopped using the card when it was maxed out. And began using it again when I made a major payoff.The card issuer so far has been great in getting it corrected.

Still hurts though.....

At least things worked out though :)
 

Mechcozmo

macrumors 603
Jul 17, 2004
5,215
2
Chip NoVaMac said:
Another thing I learned was that the credit laws protect the credit card companies, not the consumer. Between all of the above, I was denied credit because he had placed me as an "authorized user" on one of his credit cards - all without my knowledge or authorization! I had to do battle do battle with the GM Master Card because of their failure to protect the consumer!

IMO it is all about the money. Credit companies are not truly concerned about the average consumer. Not unless we sign up for their "credit protection" plans. Debt that is no longer collectable by state or federal law is bought and sold on a regular basis. Many are forced to pay a debt that legally they no longer owe.

Sucks to hear about your ex and everything. Hope it all works out in the best for you and your ex should find a new source of blood to suck. Good news is that he's now a criminal, if that makes you feel any better. Which probably doesn't, seeing as you helped him out for a bit.

Anywhoo.
Companies don't give a crap about who gets them their money, they just care that they get it. That's the bottom line...

This line is the bottom one in my post however. ;) :rolleyes:
 

Chip NoVaMac

macrumors G3
Dec 25, 2003
8,888
31
Northern Virginia
Mechcozmo said:
Sucks to hear about your ex and everything. Hope it all works out in the best for you and your ex should find a new source of blood to suck. Good news is that he's now a criminal, if that makes you feel any better. Which probably doesn't, seeing as you helped him out for a bit.

Anywhoo.
Companies don't give a crap about who gets them their money, they just care that they get it. That's the bottom line...

This line is the bottom one in my post however. ;) :rolleyes:

After 12+ years I have been through the emotions so far. Pity that he felt the need to go this low, anger that he treated me this way in the end, vengeance wanting to see his ass nailed to a cross. compassion that his life had entered into such a low point that this was his only way out.

This does not yet to begin to tap the depth of emotions in the preceding year and all that we had gone through. Betrayal is another word that comes to mind.

Believe it or not, I still have deep concern for his well being at this point too. There are times that I wonder who truly needs help, me or him.

But in the end do not worry about me. Last week's trip to SF was what I needed. 1000 pictures taken (I am a photographer) and no real party going on (too old for that I guess at 47 now).

If there is anything that bothers me most, is wondering how our dog Chewey is doing at this point in time. And I might et call the Vet that he took Chewey to while they were "homeless".

For I now realize that Chewey loved me unconditionally. Did not matter whether there were good times or bad. All that mattered was the time we had together.

As to my ex, it hard to look at each charge and try to make sense of it. The week before he left for Florida it was a case of of seeming "normal". While he was on the road, it was a need for "survival". After he came back, there was no rhyme or reason.

The breakdown of the charges prior to his departure was for "fast" food and the such. While he was on his way to Florida it was a mixture of food, lodging,and medical care for Chewey. Once he got back to the DC area things got strange. Movie tickets for two. About $200 in one day to Giant Food, in 5 to 6 separate charges.

One point that I did not mention, is that in my last conversation with is Mom - he his terminally ill according to her. And in no small way, I am trying find excuses for all that has happened.
 

Mechcozmo

macrumors 603
Jul 17, 2004
5,215
2
Chip NoVaMac said:
But in the end do not worry about me. Last week's trip to SF was what I needed. 1000 pictures taken (I am a photographer) and no real party going on (too old for that I guess at 47 now).

One point that I did not mention, is that in my last conversation with is Mom - he his terminally ill according to her. And in no small way, I am trying find excuses for all that has happened.

Neat about the photography thing. I term my self a professional amateur. Love my PowerShot S2 IS for not being an SLR but doing amazing stuff.

Well... life is terminal. I guess. Some people can't see what is really happening, but it is sad that it is his mother.

Hmm.... I think this is a good time to say:
"This is a thread jacking. NOBODY MOVE! We will continue on our present course until the moderating police take us down. But don't worry... the thread jackers shall strike again!
 

Chip NoVaMac

macrumors G3
Dec 25, 2003
8,888
31
Northern Virginia
Mechcozmo said:
Hmm.... I think this is a good time to say:
"This is a thread jacking. NOBODY MOVE! We will continue on our present course until the moderating police take us down. But don't worry... the thread jackers shall strike again!

Sorry, wasn't trying to thread jack. I thought I had tried to stay on course, but personal experiences sometimes get in the way.

For those of us that have had credit fraud committed upon, it is surprising how easy some of it is for the thiefs.
 

superbovine

macrumors 68030
Nov 7, 2003
2,872
0
order your credit report now, and order your credit report in 3 months. if they got you credit card, and know personal information stands to reason they know enough about you to open a line of credit.
 

Mechcozmo

macrumors 603
Jul 17, 2004
5,215
2
Chip NoVaMac said:
Sorry, wasn't trying to thread jack. I thought I had tried to stay on course, but personal experiences sometimes get in the way.

For those of us that have had credit fraud committed upon, it is surprising how easy some of it is for the thiefs.

I know you weren't trying to jack the thread. I helped too, if you notice. All in the fun of something or other.
 

GoCubsGo

macrumors Nehalem
Feb 19, 2005
35,741
153
The majority of the time ID Theft or Theft such as this is caused by a close friend or family member.

I can find the actual number for you, but you get my drift.

wbhambone said:
Thanks for the responses.

What makes this crazy is that when the web hosting company called they asked to speak with me over the phone by using my shortened middle name (Brad). This is what I go by. My credit card, though, has my first name. He had that name as well.

Whoever got my information knows that I go by Brad but have another name on my credit card.

Crazy.
 

Makosuke

macrumors 604
Aug 15, 2001
6,661
1,242
The Cool Part of CA, USA
I didn't see anybody in this thread mention the fact that several million credit card numbers and accompanying information were exposed recently, and that left a LOT of people who'd never even shopped online with fraudulent charges. I have a friend who had to cancel a JAPANESE Visa card because of that blunder, and though most people were informed, it's possible this incident was in some way connected.

On the other hand, the middle name thing sure sounds like an "inside job" to me--have any unruly kids or anything? The keylogger/spy seems unlikely (few exist for OSX); more likely would be your computer got used by someone else or hacked into directly, but the latter is unlikely, too.

One comment on online security: There are only three ways I know of that online cards actually get stolen: Unsecured wireless connections, sending the info in the open (certainly not the case with any decent e-shop), or the store gets hacked, and the third is BY FAR the most likely (it's happened to me at least once). In this case, that's not going to be it, or it'd probably be a bigger deal and more folks here would be having the same experience.
 

Abstract

macrumors Penryn
Dec 27, 2002
24,835
847
Location Location Location
superbovine said:
order your credit report now, and order your credit report in 3 months. if they got you credit card, and know personal information stands to reason they know enough about you to open a line of credit.

Oh true. I never thought of it that way. :mad:
 

mpw

Guest
Jun 18, 2004
6,363
1
Makosuke said:
...On the other hand, the middle name thing sure sounds like an "inside job" to me--have any unruly kids or anything? The keylogger/spy seems unlikely (few exist for OSX); more likely would be your computer got used by someone else or hacked into directly, but the latter is unlikely, too...

All you have to do is go to a post box and check the name on the post, you now have name and address. The white pages give you a tel. no. which you ring and it's "Hi, Brad's not home right now..." which gives you the name your victim goes by. Of course take someone garbage and you'll probably find a few old recipts with card numbers maybe even a statement with transactions etc. it's really not that hard.

I also know a good way of reading others web based email systems which I used once when I wasn't thinking but really need to contact someone. I 'hacked' into his mail account and checked his user profile from a coffee shop PC. It's not certain to work but that I could do didn't exactly make me feel safe.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.