Well, not exactly identity theft, but I picked up a phone call the other day that I was considering not taking. The caller ID didn’t supply a name of who was calling, which generally means “telemarketing junk call”, which I hate, particularly when I have to run to get the phone. However, for some intuitive reason I picked it up, and I was glad I did. It was our local credit union calling to check on a ‘possible’ fraudulent use of our debit/credit card.
I thought, “oh great”…….They were asking for my wife, as it was her card, but since I was on the account, I said to give me the information and perhaps I’d know if it were fraudulent. Since I’m generally not aware of all the ways our money is spent, I figured I wouldn’t know, since I was expecting something like $50 at a restaurant in a local town.
Turns out I did know—the caller, who sounded nice enough, asked if I could verify a $900 charge on the Visa for jewelry at some place I’d never heard of. Now it is unlikely in the extreme that my wife would spend $900 on jewelry, but it became even less likely than winning PowerBall when the nice lady on the phone told me the jewelry store was located in India. And, that there had been a second purchase for $400. “No, I haven’t traveled to the Asian subcontinent of India lately, and I’m sure I’d remember if I had. No, my wife was not there either.”
They’d stopped the second charge, but the first had gone through, although at this point it’s unclear whether they actually had paid the first one or not—seems it might have sent up a red flag or two. Regardless, the money was on hold for five business days, so we had to scramble to cover any automatic withdrawals.
It appears that what was somehow stolen was just our debit card number, not the PIN, so therefore the card (newly minted in India) had to be used as a credit card, so we aren’t out the money. That’s good news. I’ve heard that if someone swipes you money by using your debit card plus PIN, you are in for a long haul getting your money back, if you’re lucky, but that didn’t happen in this case.
However, I still wonder how they got that card number, whoever ‘they’ might be. If you want to know where someone bought the number, that’s easy—see my story on the deep Internet. We really don’t know how our card number became an item to be purchased, in bulk no doubt with plenty others. We didn’t buy anything at Target, and since then so many other chains have reported thefts that I can’t keep up. If there’s a moral to this story, I guess it’s to just note that the theft problem is getting worse fast, and that until the banks and vendors get together and microchip the cards, it will continue to be a growing problem. Probably we have at least a few more months until the micro-chipping starts…either the government has to step in and require it, or what will happen is that the cost of not fixing the problem (to the credit card companies) will exceed the cost of micro-chipping credit cards. At this point the U.S. is one of the few among developed countries not yet employing microchip technology, which makes our antique-type credit cards an identity thief's dream.
Sometimes you need a high level IT or Operational resource to handle a specific issue—project management, staff reorganizations, process reengineering, or outsourcing. Consider Jay as a contract CIO or operational consultant. He has the experience to handle your questions, and now has access, through The Amaral Group, to some of Boston’s top IT engineering talent. Please click here to see case studies of projects Jay has personally handled.
to contact Jay, or call him at 978-758-8516.
From Bloomberg Businessweek: Target had multiple warnings from new anti-hacking software, but ignored them
From Bloomberg Businessweek: Another day, another massive data breach--more credit cards stolen from a large beauty store chain
From Bloomberg Businessweek: Why our cards aren't yet microchipped