Advertising Disclosure
  1. Home
  2. Community
  3. Ask
  4. How Do Scammers Get Your Security Code?

How Do Scammers Get Your Security Code?

RJM
  |     |   499 posts since 2011

In my life, I have had I guess 5-6 instances of fake charges to various credit cards. Usually, they know before I do and they call & cancel & send a new card. In the last few weeks I caught 2 fake amazon charges which I disputed within a week. The fidelity card did not call because I guess they viewed it as normal?

Anyway, I'm trying to understand exactly how they can acquire my security code from the back of my card?

The card has never been out of my possession. The scammer opened a yahoo email address and a new amazon account and bought 2 digital I guess gift cards. $25 and $75. They used my actual address but a different first name.

Purchase Method:Manually Entered

I take that to mean someone entered both the card number and code. But where did they get the code?

Is that part of the equifax breach or did my computer have a virus and they somehow stole it that way?

Again, it's not a huge inconvenience, just have to re-enter that card at a few places online.

A credit freeze would not have prevented it.

And US bank or Elan or whoever does the Fidelity card did not even require me sending anything back. They just sent a letter confirming the fake charges. And I chatted with Amazon and had the fake account shut down.

Does Amazon eat the losses? How do they differentiate between real fake charges or fake ones? For example, If were to make a fake account and do that? (I never have but how do they know?)

  Post an answer
9


Answers
enduser
  |     |   711 posts since 2015
I have over 35 years network and computer security experience. I offer you some suggestions to help you stay more secure.

I suspect all the information they needed came from your computer while you entered it previously for something else. The none of the credit reporting firms store code info for any CC.

Call your CC company and have then issue you a new CC, and set up dual authentication using your cell phone to generate or receive a code when shopping online for amz. Amz uses goog-l app "code authenticator". Since I done that none of my CC's have been compromised at any site using dual authentication. Also remove any and all CC's stored online. When I use Amz I enter my CC every time, I do not allow them or any other place to keep it on file.

Not sure what flavor of operating system platform you use. If a PC download and run free Adwcleaner, also malwarebytes full version (free to use for 14 days), and CCleaner free to get rid of junkware, adware, malicious hidden programs and scripts.

Most people like the convenience of having their browsers keep all their info so that they do not have to type it in each time; big mistake since all that cached information can be accessed by malware using scrips remotely activated from websites, or hovering over a link even if you did not click on it. Set your browsers to clear all cache when browser is closed, and do not let the browser save any passwords or personal information by turning that feature off. I recommend Firefox since it is updated regularly and it is not designed to generate ad revenue nor track your activities for goog-l like chro-m does.

If using apple I can't help you since that platform lacks useful utilities and support from 3rd parties to keep that system safe. Contrary to the popular myth apple is not immune from malware attacks, and when malware is present it is harder to detect since there are very few 3rd party utilities that support apple products due to their proprietary nature, and those that do are not free.

One more thing you can do is change your router DNS server to the opendns FamilyShield free set it and forget it to keep your network safe.
Reply
5
me1004
  |     |   1,379 posts since 2010
Hmm, kind of odd. I made a post in this thread a day or two ago, and I even saw it posted up there. Now it is gone.

I'm not going to go to the trouble of writing it again.
Reply
3
RJM
  |     |   499 posts since 2011
Yes, and i appreciate it. I responded too and its missing too.

Not sure what happened?

Enduser above makes some good points but with SO many freaking passwords nowadays, It's just not worth it to me to disable or not use the password savers in my browser.

The cure is more of a burden than the status quo.

I think past issues have been over larger dollar amounts so maybe the scammers are forced to keep the transactions small now?
Reply
3


The financial institution, product, and APY (Annual Percentage Yield) data displayed on this website is gathered from various sources and may not reflect all of the offers available in your region. Although we strive to provide the most accurate data possible, we cannot guarantee its accuracy. The content displayed is for general information purposes only; always verify account details and availability with the financial institution before opening an account. Contact [email protected] to report inaccurate info or to request offers be included in this website. We are not affiliated with the financial institutions included in this website.