Are You Having A Technology Emergency?

True North Networks Blog

How hackers used little-known credit-card feature to defraud woman, $1.99 at a time

hacking-credit-card- Credit card hacking

Whoever stole Leslie Robison's credit card number could have bought a new computer, a flat-screen TV, or an expensive trip overseas.

Instead, the thief tried to scam her just two bucks at a time.

In January, Robison discovered more than a dozen charges at a $1.99 each from Google for hundreds of gigabytes of cloud storage she never ordered. She called her card issuer, Capital One, which refunded her and mailed a new card. But the charges returned each month through May, even as Google said it shut down the fraudulent account and Capital One sent more cards, Robison said.

In the end, she was billed 64 times totaling $127.36 on six cards over five months, according to credit card records. The charges didn't stop until she canceled her account.

Robison, 61, of Lansdale, Pa., is the victim of a trend in credit card fraud in which criminals buy cheap, recurring digital subscriptions that largely go unnoticed by banks and consumers. Meanwhile, major companies now automatically receive updated credit card details when a customer's card is lost or stolen, so recurring charges don't stop. Thieves seize on that service to continue their frauds even when consumers get new cards, cybersecurity experts said.

"It's exasperating and it feels invasive," Robison said. "It feels like someone is robbing your house and everyone knows who it is but you, and you can't stop it."

Making matters worse was Capital One's apparent inability to end the fraud. According to Robison, Capital One claimed only Visa could stop the charges because it offers merchants the account updater service. But Visa said it doesn't update an account without a request from the customer's issuing bank, suggesting Capital One was responsible.

In a statement, Capital One said it made an "administrative error."

"Our agents should have recognized the alternative process of getting the customer's consent to be removed from the updater program," said Capital One spokesperson Amanda Landers.

"Capital One has now resolved this for Ms. Robison and we recognized with her the inconvenience this caused, especially given the updater program typically is found to be very convenient for customers," Landers said in a separate email.

Read more here: 

IT By Design: Network Restored After Ransomware At...
SEC 'guts' RIA industry with a footnote, degrading...
Comment for this post has been locked by admin.


By accepting you will be accessing a service provided by a third-party external to