I got a call this past Monday from the fraud department at Citizens Bank because my company card had some unusual charges. I only use the card for gas and business expenses, and had just used it at a Mobil station on Sunday afternoon. It turns out that there was over $7,000 charged to the card on Sunday. What red-flagged it was that there was $3,000 charged to Ethiopian Airlines and the rest was all charged in other countries. The guy from the bank said that scammers can get the infomation off your card by hacking into the card reader remotely if they are nearby, i.e. in the parking lot of the gas station or in the store/restaurant you're shopping at if it has wifi. I had no idea that this was even possible.

It's not. The guy has no clue what he's talking about.

Plus it's against pci security rules to have a cc terminal on the same connection as a public wireless node/wifi.

I didn't think it was possible either, but it is.

5 ways thieves steal your credit - financial privacy - MSN Money (http://money.msn.com/identity-theft/5-ways-thieves-steal-your-credit-bankrate.aspx?gt1=33034)

This is exactly the reason I never use my bank card anywhere but at my bank or in case of an emergency. I received a call from BoA a while back about some suspicious charges. I checked my BoA CC account and there was a $100 purchase at Foot Locker and $200 purchase at Target. I'm guessing they were both gift cards. The fraud agent told me that they buy the gift cards then sell them at a lessor dollar value for cash.

The call came in on a Friday night and I was leaving to go out of state for a week the next morning. Fortunately, it was on my credit card and not the bank card, else I'd not have had access to any cash on the trip.

Between processors getting hacked and this other crap, it's really starting to get ridiculous.

If your trying to tell me that you got phished at a mobile station I'm telling you that you are mistaken. No way. You don't swipe at mobile stations the card goes inside the machine for a swipe. The pump don't turn on until it's authorized via SATELLITE. Same with the cash register.

This fraud stuff is taken very seriously. Exxon/Mobil has people that work for it just doing this. The pci non-compliance brings huge fines and the possible loss of accepting credit cards.

I'm not saying you didn't get your number compromised but I'm saying it wasn't at a Mobil station.

The likely hood of being skimmed by any method in that article is pretty slim. I'd say most likely your card was one of thousands hacked online months or even years ago. TJX, Hannafords, etc all have had huge hacking problems.

There was a news broadcast on TV and the guy had all the technology right inside a briefcase and he was scanning peoples cards as they walked down the street and telling them their numbers.

So it can be done.... whether or not this happened @ the gas station is the question i suppose....

But Raven that's not being phished/hacked at a gas station as this guy told him.

That's rfid chips embedded in the cards. bad juju. Passports have them now too.

baaad juju

So lemme ask you this...how do you know this guy worked for your credit card company?

That's a BIG moneymaker where someone doesn't necessarily need all your numbers...they could steal the numbers off a cctv....not have the cvv number....did they ask you to verify numbers? Hope not...if you gave them any information you just got scammed...

Whenever someone calls like that I ask for a name, badge number and a telephone number. They will give it to you. Then you call the number on the back of your card and verify they work there. Then have them connect you.

I hate credit card thieve bs. I got effed hard a long time ago for $7k with this #^&#^&#^&#^&.

If your trying to tell me that you got phished at a mobile station I'm telling you that you are mistaken. No way. You don't swipe at mobile stations the card goes inside the machine for a swipe. The pump don't turn on until it's authorized via SATELLITE. Same with the cash register.

This fraud stuff is taken very seriously. Exxon/Mobil has people that work for it just doing this. The pci non-compliance brings huge fines and the possible loss of accepting credit cards.

I'm not saying you didn't get your number compromised but I'm saying it wasn't at a Mobil station.

The likely hood of being skimmed by any method in that article is pretty slim. I'd say most likely your card was one of thousands hacked online months or even years ago. TJX, Hannafords, etc all have had huge hacking problems.
Salty, there's a difference between phishing and the card scanners that get installed. Phishing is when you receive those emails where they pretend to be your bank or the IRS or something like that.

I don't think you are understanding what potentially happened. They aren't hacking the actual scanner of the gas pump. The scumbags are inserting their own equipment into the existing pump's card scanners. No hacking involved.

**Edit** Found a picture of a CC reader made for the iPhone that plugs into the headphone jack. With technology this small, it seems that it'd be pretty easy to hide a device that was piggybacked onto an existing scanner.
http://cdn2.digitaltrends.com/wp-content/uploads/2011/03/600-square.jpg

I fully understand what he's saying and I'm telling you this is NOT happening at a mobil station. No way your going to get access inside Pump to put another swipe head in there. I call bs on this guy telling fb that this what happened and is happening. He doesn't have a clue. Yea this swipe thing has happened but it's typically done on generic ATM terminals such as inside a subway or white hen Pantry etc and these guys have no control over someone elses equip.

Square still requires a processor.
Posted from my iPhone/Mobile device

Phone phishing occurs when one of these guys has a cc number of yours that is typically lifted from hacking databases. They might have a number and a name. Easy to find the exp date by phishing on the phone.

Hello mr fb this is cuz bank calling. We noticed some inaccurate charges on your account we wanted to gO over with you. I have your address as 123 pine way in nowhere, ma. Before we begin could you verify your date of birth and card expiration date.

BAM.

You been had. This happens every day. Much easier than installing a piggyback card reader. Harder to track too.
Posted from my iPhone/Mobile device

I fully understand what he's saying and I'm telling you this is NOT happening at a mobil station. No way your going to get access inside Pump to put another swipe head in there. I call bs on this guy telling fb that this what happened and is happening. He doesn't have a clue. Yea this swipe thing has happened but it's typically done on generic ATM terminals such as inside a subway or white hen Pantry etc and these guys have no control over someone elses equip.

Square still requires a processor.
Posted from my iPhone/Mobile device

I'll definitely take anything you post regarding technology under advisement, just as I defer to the fraud guy at Citizens Bank on all things regarding lure making.:uhuh: Because that's what they do for a living, I tend to take what they say as being at least partly right. I'm not saying that you're lying, I'm just saying that technology is evolving fast and there are things out there being used that you probably don't know about. These scammers are pretty sophisticated. Also, I know that the person I spoke with was from Citizens because I called the main number and went through the automated attendant and just went to the fraud dept. without asking for anyone specific.

No way your going to get access inside Pump to put another swipe head in there.
Posted from my iPhone/Mobile device

So no one has ever hacked a bank cash machine putting in their own swipe card reader?:confused: I would think that is more difficult than a gas pump.

So no one has ever hacked a bank cash machine putting in their own swipe card reader?:confused: I would think that is more difficult than a gas pump.
Exactly. The same person who can't get his printer to work is telling us it's impossible to piggyback a card scanner onto an installed one. No offense Salty but the technology has come much further and these scumbags are much more sophisticated than you give them credit for.

For instance:
http://consumerist.com/images/31/2009/04/041909-008-boa-atm-skimmer-front-2nd-angle.png

That's a Bank of America ATM machine, not some third-party machine in the local strip club. This device was used to steal the card information from people that used that ATM. It is also big enough to hold a small surface mount microprocessor, battery and bluetooth transmitter.

I believe this is called "Card Skimming". A quick google search shows how common and easy the practice is. Also shows how inconspicuous these dirtbags can make the skimmers look.

ok I defer to your knowledge.

I am not worthy