anyone ever get subscription bombed?

[Lathum]

Just got hundreds of emails for various subscriptions. A little research shows it is a bot signing up for things and hackers sometimes do this to hide a legit email regarding a purchase or something else.

It is a little disconcerting.

[Lathum]

welp-

Found an unauthorized purchase on one of my credit cards. It is one I rarely use so I am glad I checked it. Called the bank and cancelled the card, reported the fraud so we will see what happens.

Changed all my other important passwords. Hopefully just deleting the emails will be the last of the inconvenience.

[NobodyHere]

So wait a second. If I ever wanted to fudge a bank statement then all I have to do is claim the charge was fraudulent and then sign up for a bunch of spam in order to make it look like a hacker did it?

[Ksyrup]

Well, you can certainly hack into one of my fast food accounts, change the phone number, order a meal, have DoorDash deliver it, and get away with it, if you want. They don't seem to care.

[Lathum]

Quote:

Originally Posted by NobodyHere

So wait a second. If I ever wanted to fudge a bank statement then all I have to do is claim the charge was fraudulent and then sign up for a bunch of spam in order to make it look like a hacker did it?

it is ALOT of spam.

What is crazy is I found the email confirming the purchase. It is an address about an hour away from me.

I wonder if I call the police in that city if they can do anything

[Ksyrup]

Base on my and my parents experience, the answer is no.

On my Subway fraud, the DoorDash was in the process of driving to the location when I alerted them, and they didn't care.

My parents twice had their Sam's Club account hacked by the same person from Miami who SCHEDULED AN ORDER PICKUP both times, and the cops still didn't bother with it.

[RainMaker]

If it's just a fraudulent purchase, I would just cancel the credit card. Maybe change passwords at some places if you're concerned about that.

I don't think it can hurt to contact the police. Guessing whoever is running the scam is sophisticated enough to use forwarding (sometimes they use unsuspecting people to forward on packages to their country). But having a cop show up might scare some sense into whatever new "business opportunity" they signed up for. Although there is a good chance the police won't care.

[Lathum]

If anyone is curious it was an $850 pair of jeans!!

[Kodos]

Must have diamond studs in them.

[BishopMVP]

Quote:

Originally Posted by Lathum

If anyone is curious it was an $850 pair of jeans!!

I forget if over $500 was the point the cops might care, but if you have an address in a town it could be worth filing a police report with that department. I doubt you'd have any credit card refund issue anyways, but that much legwork should be enough if it ever came into question.

[Lathum]

Quote:

Originally Posted by BishopMVP

I forget if over $500 was the point the cops might care, but if you have an address in a town it could be worth filing a police report with that department. I doubt you'd have any credit card refund issue anyways, but that much legwork should be enough if it ever came into question.

Wait, when you say "issue" I am assuming you mean no problem getting the credit back?

[Lathum]

So is it safe to assume they hacked in to the card account and got the number and my email that way?

[Kodos]

Quote:

Originally Posted by Lathum

welp-

Found an unauthorized purchase on one of my credit cards. It is one I rarely use so I am glad I checked it. Called the bank and cancelled the card, reported the fraud so we will see what happens.

Changed all my other important passwords. Hopefully just deleting the emails will be the last of the inconvenience.

Good time to plug long, random passwords used in conjunction with a password manager.

[Lathum]

Quote:

Originally Posted by Kodos

Good time to plug long, random passwords used in conjunction with a password manager.

do you have one you can recommend?

[RainMaker]

Quote:

Originally Posted by Lathum

So is it safe to assume they hacked in to the card account and got the number and my email that way?

There are a million ways they could have gotten it. I would recommend changing passwords, using 2FA when you can, and never storing payment information unless you have to. No use stressing over something you could have never prevented.

The fact they did the subscription bomb makes me think it was an old store you had it stored at that was compromised. That's how they got your e-mail address tied to the card. There are so many little businesses we never think twice about clicking the "store card for future purchases".

[Kodos]

I use LastPass and have been very happy with it. Bitwarden is supposed to be very good too.

Moving to Bitwarden - Firewalls Don't Stop Dragons

[RainMaker]

Quote:

Originally Posted by Lathum

do you have one you can recommend?

LastPass has a mild learning curve but is one of the easier managers to use. It also works across multiple devices so it'll sync your laptop with your phone. They just started charging for it ($36/year), but I think it's worth it for the convenience. They also have a nice free trial to play around with.

[Lathum]

Went to fold laundry. 62 new spam subscription emails. Tomorrow morning should be fun

[Lathum]

Quote:

Originally Posted by Kodos

I use LastPass and have been very happy with it. Bitwarden is supposed to be very good too.

Moving to Bitwarden - Firewalls Don't Stop Dragons

Quote:

Originally Posted by RainMaker

LastPass has a mild learning curve but is one of the easier managers to use. It also works across multiple devices so it'll sync your laptop with your phone. They just started charging for it ($36/year), but I think it's worth it for the convenience. They also have a nice free trial to play around with.

Thanks boys

[Poli]

Taking notes

[Kodos]

Quote:

Originally Posted by RainMaker

There are a million ways they could have gotten it. I would recommend changing passwords, using 2FA when you can, and never storing payment information unless you have to. No use stressing over something you could have never prevented.

The fact they did the subscription bomb makes me think it was an old store you had it stored at that was compromised. That's how they got your e-mail address tied to the card. There are so many little businesses we never think twice about clicking the "store card for future purchases".

Using two-factor authentication anywhere it’s available is a great idea too. I use the Authy app for my 2FA where possible. It’s more secure than getting a text with the code (that could be intercepted), but if the text option is all that’s available, that’s still better than nothing. It’s all about making it hard enough that hackers go looking for easier victims.

[BishopMVP]

Quote:

Originally Posted by Lathum

Wait, when you say "issue" I am assuming you mean no problem getting the credit back?

Yes, the couple times I've had fraudulent purchases I've just contested them and Visa/USAA covered it. On one that was super expensive (a full weeklong car rental in a state I've never been to, which 100% had to be an inside job because you can't just rent cars without id's) USAA did ask me to fill out the paperwork and follow up some which I gladly did on the off chance someone had stolen my identity, plus I was pretty damn pissed off and hoped criminals that brazen would get caught. But even then the couple thousand dollar charge was immediately waived as they went through the process.

(So I guess technically it's either up to the bank/credit card issuer if they want to prosecute - I seem to recall there was a dollar limit it crossed that went into felony territory before they'd bother because of how hard it usually was to prosecute, but I could see if that varied state to state and definitely bank to company.)

Quote:

Originally Posted by Lathum

do you have one you can recommend?

A password? I don't think that's smart.

[JonInMiddleGA]

Quote:

Originally Posted by RainMaker

LastPass has a mild learning curve but is one of the easier managers to use. It also works across multiple devices so it'll sync your laptop with your phone. They just started charging for it ($36/year), but I think it's worth it for the convenience. They also have a nice free trial to play around with.

I've been using the free version for, like, years now.

[Kodos]

Another benefit of password managers is that if you end up on a spoofed site (like capita1one dot com), the password manager won't recognize the site and therefore won't offer to enter your credentials.

[SirFozzie]

I use 1password. I really like that one

[SlyBelle1]

I have recently had this happen within the last couple of months, getting a ton of these messages. But from what I can tell, although they are a huge annoyance, they haven't compromised any of my credit cards or anything. In fact, the email accounts that seemed to get compromised the most are not even associated with my credit cards. So I don't think in all cases they actually have credit card info, they just got the email from someplace and attempting to signup for stuff.

Since it has been happening awhile, the antispam filter on my online account and my antispam filter on my email software is starting to catch the majority of them so becoming less of an issue nowadays. Whatever you do, don't open them or make it look like you read them since when that happens, it's a trigger back to them it's a live email and you'll get more. I made that mistake early on and literally as I opened one, a bunch more immediately came at me.

[Lathum]

Just talked to my cousin who is a cop. He said not to bother wasting my time. No one is getting a warrant for a pair of jeans. Which is why they do it I suppose.