Until recently, we probably knew as much as the next person about credit card fraud, the Dark Web and its ‘crypto markets’ where identities can be bought and sold.
That changed when one of our credit cards was suddenly used to buy thousands of dollars worth of goods in California, USA.
In barely two weeks, someone used our names and card details to charge up goods at a car dealership (twice), motels, pizza shops and petrol stations.
The purchases had apparently started with small amounts, but our card quickly got to within $600 of its limit.
Only one transaction
However, the really interesting point was that the credit card in question – a 28 Degree MasterCard – was not one we used regularly.
In fact, we had made only a single transaction – buying tickets directly from the website of a major airline – in almost three years.
Because we rarely used the card and because it never left our possession, we had fallen into the habit of checking its activity only when the monthly statement arrived.
When it comes to our personal computers and tablets, we have always been as security conscious as possible – and have never had problems with buying online.
In fact, when the credit card company alerted us to this particular issue, we initially refused to talk to its staff – because they contacted us by telephone.
So, we asked, how had this happened to us?
The credit card company investigated the incident and we now have a new card.
A learning process
In the process, we learned how computer-savvy criminals can insert malicious software on genuine business websites to harvest credit card numbers, names and other personal information. These websites usually have inadequate security – with predictable and weak passwords.
And, that may well be how our information was stolen.
It’s apparently well known on the streets that harvested credit card numbers are traded on marketplaces in the so-called Dark Web, a murky part of the Internet unknown to most people.
The Dark Web cannot be reached using Google, Safari or the other general web browsers.
It requires a browser called TOR – which can be downloaded free of charge – and virtual networks that allow users to surf the web anonymously by scrambling IP addresses and masking physical locations.
There, computer geeks apparently rub shoulders with all types of organised crime, political activists and even spies.
Apparently the computer geeks who harvest the passwords in the first place often sell them for little money. However, that’s when the heavy crime begins.
Without getting into the question of whether this is merely a victimless crime (despite the fact that it pushes up credit card fees for all and can put a card effectively out of operation) there is a clear moral to the story: if you are using cards online, then check your balances regularly – possibly daily – for irregular activity.
Don’t wait for the statement to arrive.
Let us know if you’ve had any similar experiences.
Main photo courtesy Pexels