My credit card got hacked.

A credit card issuer e-mailed me to warn of potentially fraudulent activity. My immediate thought was that the company had simply forgotten that I was traveling, even though I’d notified them.

Nope. Somebody had gotten hold of my number and used it twice. Guess where.

Yep. Wal-Mart. In Ft. Myers, Fla.

You’d think people would want to do something cooler than that. Designer clothing, maybe, or at least some of those M&Ms with your photograph on them.

But no: Wal-Mart it was, for $90 each time. The odd thing is that the transactions were physical transactions, according to the card fraud department, so whoever got my number must also have one of those card-making machines.

Initially I wondered if the e-mail were one of those phishing scams, particularly since the number given did not match the one on my card. I was later told that there are numerous offices for that particular branch of customer service. Credit-card fraud is a growth industry.

What made it look even more suspicious was the fact that when I clicked on the link provided, the first thing I was asked to do was enter my credit card number and my Social Security number.

Not going to happen, especially since I was using a WiFi connection. There are just way too many phishing scams out there.

Long-distance rigamarole

Thus I decided to use the card phone numbers, which turned into a half-hour project. First I tried calling collect  – three times at two different numbers – but none of the calls were accepted. So I went through the considerable rigamarole of using a hostel pay phone with a prepaid calling card; this required dialing a bunch of numbers, speaking with the international operator, and then dialing all the numbers again.

When the call went through, a recorded greeting said, “Yes, operator, this number accepts collect calls.” Well, rats: I was paying 17 cents a minute for a call that should have been free. But by then I did not want to hang up and redial/redial. It was getting uncomfortably close to the hour I needed to start walking to the theater.

The customer service agent confirmed that there had been fraudulent charges on the card. She asked me a few questions and then told me the card would be canceled immediately and a fraud report sent for me to fill out.

I wish I’d remembered to ask her why a customer would be expected to provide credit-card and Social Security numbers via return e-mail. Even though this was a legitimate case, asking for such info electronically just sounds wrong.

Luckily, I had backup

Once more, with feeling: You need more than one payment method while traveling.

This could have been a huge problem had that been the only card I own. It isn’t. I packed two credit cards and my debit card, and I still have about half the British currency I’d brought along.

Had I been relying on one credit (or debit) card, I’d be up the creek and paddle-free right about now. Maybe reduced to busking for change in the Underground (“down in the tunnels trying to make it pay,” as Dire Straits would have it). People might pay me to stop singing but I doubt it would be enough to fund the last 10 days of the journey, no matter how cheaply I eat.

If you have a chance to go somewhere, even just a weekend away, make sure you have more than one way to pay your way. Consider programming customer-service numbers (but not the credit card numbers!) into your cell phone as well.

And hey, all you cash-only purists: Stash your money in more than one wallet or pocket, in the event you’re robbed. I keep seeing “Pickpockets are known to work in this area” signs all over London, even in a KFC restaurant. How are you going to pay for your biscuits-and-extra-crispy if your only cash or your debit card get lifted?

Keep your payment methods close – and keep them multiple.


24 Comments

  1. And if you have multiple cards, know how to use them. This idiot went overseas forgetting that she didn’t recall the PINs for most of her debit cards because she never used them. Scale of 1-10, how stupid do you think I felt at the ATM trying to draw out money in front of my colleagues doing the dance of which card belongs with which PIN and guessing wrong every time?

    Really really sorry for your loss, Donna, ’cause dealing with it at home is pain enough. Dealing with it abroad is triply painful!

    I’m glad they contacted you, though.

  2. P.S. If they already knew you were traveling, and where, why did they even let the transactions go through, I wonder?

    My dad is an authorized user on my account but when I was traveling (in-state) they wouldn’t let HIM use the auth’ed card and then declined my transactions just because I was way more southerly than usual and hadn’t told them, so they suspected oddities.

  3. I suppose your experience has one more lesson–know exactly how to get the numbers that accept collect calls. Maybe I would even put those numbers in my cell phone for the trip. That way, the numbers would be quickly available. I have read that buying a cell phone in another country or getting your US phone set for overseas use is inexpensive. I hope nothing else occurs to blemish your experiences. What, exactly, cost $90 even at Walmart? To satisfy my inordinate curiosity, please ask the credit card company…lol.

  4. You have such an interestin life, Donna. Even the bad stuff is fascinating. Maybe I am just prejudiced. Hope the rest of the trip is more fun, with no more of this type of excitement. HA!

  5. I wonder if they stole your credit card number using an RFID device.

    http://www.wreg.com/wreg-electronic-pickpocketing-story,0,6289527.story

  6. When I was first traveling back and forth from the US to the UK, I came for a three month block where I notified my credit card companies that I would be in the UK would be using my card there. Imagine my surprise when one card notified me through email of a frozen card due to a fraud alert. It seems someone made two separate transactions for $2,000 each, that’s $4,000 at a drug store and when they tried to use it again for another larger purchase, my card company finally thought, ” Hmmm, maybe something’s not right here,” and contacted me. It turns out the card was being used in rural south Georgia, hundreds of miles from where it normally was in Atlanta and in a place I had never been. I’m surprised they let them use it twice before stopping it since I had said I would be in the UK. It was a total pain to talk to them from the UK. Glad you have another card and I’m with you, I would never travel without several.

  7. Ugh. That happened to me. Someone tried to charge $700 worth of goods at Wilson’s Leather. I have NEVER shopped there in my life… not even window shopped. Lol. I still remember what a hassle it was to get it all straightened out… and I wasn’t overseas.

    You were very smart to have a back-up card with you! It could have been really bad!

    Enjoy the rest of your trip without worries… you’ll be able to fix it all when you’re home.

  8. That’s awful that someone stole your credit card number; it’s a good thing that you were notified before they tried to steal more money from you. Someone did try to hack into my account once, but fortunately my bank figured out it wasn’t me and the hacker didn’t get to make any purchases. The bank immediately issued me a new card with a new number. But it is scary to think that someone could do something like that; it’s even scarier to know that it happens to so many people.

  9. Trixie

    You are only liable for $50, and that will probably be waived since it’s been reported.

  10. Oh Donna, I’m so sorry you have to deal with this while you are abroad! Glad you had more than one payment method, as I wouldn’t want you to have to beg for money in the underground…:)! Hope the rest of your trip is financially uneventful!

  11. What a pain. So sorry you have to go through that. I hope it doesn’t put too much of a damper on your trip! Also..I had NO idea that making a duplicate card is even something people do these days!! wow.

  12. Amen to more than one form of payment while traveling! I actually work as a fraud analyst for a credit card company and it is my job to call out to people and determine if the charges in question are fraud. It never ceases to amaze me when people tell me they are traveling and our card is the only one they have. And now I have to shut it down because there is fraud occurring. Always have a back up. And not just because fraud might happen. Sometimes we block valid charges because we are concerned enough that it might be fraud that we need to confirm it with you first. Having a back up means you can call us after you checkout instead of having to try and get a hold of us while standing in line.

    On a related note, make sure your credit card company has your cell number. I can’t help you if I can’t reach you.

  13. I had the same thing happen a couple of years ago! One of the fraudulent charge attempts was at a Walmart as well. But not for a measly $90. Oh no, my fraudster attempted to charge $1,200 at Walmart. Since I never shop Walmart much less charge $1,2o0 there (or anywhere in one shopping trip…), it tripped off the fraud dept.

  14. Someone got DH’s ATM info when he was in London. It took a long time for Wells Fargo to fix that. They made a bunch of little amazon purchases.

    Glad you sorted everything out, even if it was a hassle!

  15. Donna Freedman

    @Practical Parsimony: The really frustrating thing? I was calling numbers that were ON the credit card! Grrr.
    I had the numbers written down on a card tucked in a zipped-shut coat pocket, too, in case I were actually robbed. The cell phone is a good idea, though. Unless, of course, you’re robbed of your cell phone along with your wallet. :-(

  16. I’m so sorry that this happened while you were on your trip. There always has to be something but at least you will always have something to write about.
    And many, many years ago I had my numbers stolen. They were being used in Europe so way more exciting than Walmart. My sister had her card numbers stolen. They used a physical card at McDonalds so you beat her with a Walmart!

  17. Isn’t that annoying!

    Had a similar thing happen: someone started racking up charges at gas stations in Florida. Too many of these folks seem to have no imagination! If I had the chutzpah to use stolen credit card numbers, you can be sure the first thing I’d charge is a one-way ticket to Rio.

  18. Yeah! My credit card number got stolen last month, too! I also blogged about it. It was charged at a Bed Bath & Beyond in New Jersey for $25. I had the exact same reaction as you. I thought they’d be more creative. But I guess the way these people try to avoid getting caught is to use it for something “normal.” Good thing it still showed up as an unusual activity and the card company issued me a new card.

    • Donna Freedman

      @Savvy Young Money: Several years ago someone tried to use my card to buy $18,000 worth of fire extinguishers in Great Britain. I am not making that up. I couldn’t make that up. Luckily, my card issuer thought that was a bit odd.
      A friend of mine in Alaska just had her card used in Poland and Illinois. What a combo. That theft and others were traced to a specific restaurant in Anchorage. Apparently an employee decided he deserved more money than he was earning.
      As it gets easier to do “electronic pickpocketing,” I wonder if card companies will come up with more creative ways to encrypt the info — or just pass the increased fraud on to us in the form of higher rates?

      • Lisa P. in California

        Interesting. My card just got hacked and BB&B #551 in New Jersey was three of them. My favourites are the dental place for $660 and the NJ liquor store for over $1,800.

        I sure hope this can be traced to a single source who will pay dearly. These hacks really mess things up for the rest of us.

        Of course the credit card company said maybe a vendor I shopped at had a security breach and did not report it publicly. I just checked the AG office for online security breaches, the credit card company is on the list…

  19. Wow…that’s…ridiculous! Probably the most outrageous story cc fraud story I’ve heard so far.
    Actually, since you’re in the UK, what’s your experience with the chip-and-PIN system? I’ve heard instances of cc from the US getting turned down because most of our cards don’t have this. It’s supposed to be much more secure since it’s near impossible (for now) to replicate the chip. If only we can get card companies to start doing this in the States…

    • Donna Freedman

      @Savvy: I’ve used my cards only a couple of times and they’ve worked thus far. Here’s hoping.

  20. Your fire extinguisher story made me laugh. It reminded me of the time that someone purchased 50 stethoscopes in Buffalo, NY using my number. When I called to report it, they asked if I was sure I didn’t order them. I replied that I wouldn’t know what to do with ONE, let alone fifty! I also happen to live in CA. I always hoped that the perp had used them for the benefit of an impoverished country, but it was more likely a med student trying to make a few bucks to support their student loan habit.

  21. Heather

    Your not the only one. Me and 3 others I know had this problem on or around the same date.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>