Security breach at ft86speedfactory.com

[justatroll]

Quote:

Originally Posted by PandaSPUR

Using a debit card is actually a worse idea. Its harder to make fraud claims and get your money back..

Quote:

Originally Posted by Lonewolf

Why use a debit card when you can use a credit card with zero fraud liability and the chance to earn cash back, miles, or points?

At least for my bank account it is considered a debit card if it is only good for up to the balance on that account (checking #1)

My other accounts (checking #2, #3, etc) have credit cards attached and will automatically extend a line of credit if you overdraft (overdraft protection)

With the checking #1 card the only money that it is possible to steal is whatever measly amount I have in the account.
With the other accounts, they could withdraw thousands even if the account was empty.

Of course I dont need to worry about it either way because they are all protected. Even the "Debit card" is issued by MasterCard.

[Toyarzee]

LOL. I got the letter, and I did have a credit card compromised. I understand why you guys use alternatives and such, like paypal, but honestly I already have fraud protection with my Visa anyways. And yes, after I got the letter, I logged back in and bought some wheels from them. Go @ft86SpeedFactory ! (true story)

I had $60/day being charged by a senior couples meeting/dating site, another one for farmers and international students. New card next day, all purchases reversed, my day goes about unharmed.

P.S. the guys above are right about taking care with passwords, noticing the httpS, and not using your direct bank account for which you rely on like a cowboy his horse when making online purchases.

[x1UP]

Well, this is unfortunate.

[Jfheisenberg]

Thanks for the heads up, i bought from them on april 2015 and does not fall in that time frame, but still will have my chase credit card replace just in case.

[ScoobsMcGee]

Quote:

Originally Posted by justatroll

At least for my bank account it is considered a debit card if it is only good for up to the balance on that account (checking #1)

My other accounts (checking #2, #3, etc) have credit cards attached and will automatically extend a line of credit if you overdraft (overdraft protection)

With the checking #1 card the only money that it is possible to steal is whatever measly amount I have in the account.
With the other accounts, they could withdraw thousands even if the account was empty.

Of course I dont need to worry about it either way because they are all protected. Even the "Debit card" is issued by MasterCard.

What they're trying to say is that if you have a credit card with fraud protection, they won't get any money. The charges will be cancelled, and you won't be liable for anything. That and you don't need to worry about maintaining a separate account for online purchases. Just use a CC with fraud protection on it. That doesn't mean you shouldn't be smart about where you enter payment information, though.

[justatroll]

Quote:

Originally Posted by ScoobsMcGee

What they're trying to say is that if you have a credit card with fraud protection, they won't get any money. The charges will be cancelled, and you won't be liable for anything. That and you don't need to worry about maintaining a separate account for online purchases. Just use a CC with fraud protection on it. That doesn't mean you shouldn't be smart about where you enter payment information, though.

And what I'm trying to say is that I have fraud protection regardless of which card I use.


It is just there is more potential $$ for them to steal if they get the information for the CC than if I use the Debit card.
It is also less likely that they will steal ANY money if they can see that I have a near zero balance on the card that they just stole my information for....
So it is LESS risky for me to use the debit card.
We can question WHO is at risk, but I am confident that my financial institution appreciates me NOT using the cards that have overdraft protection for internet purchases.


And just because I have fraud protection does NOT mean that they will not get any money.
They will still get the $$ (at least the FIRST time they try it) the fraud protection just means I wont be responsible. It is still a loss for the financial institution.

[PandaSPUR]

Quote:

Originally Posted by justatroll

And what I'm trying to say is that I have fraud protection regardless of which card I use.


It is just there is more potential $$ for them to steal if they get the information for the CC than if I use the Debit card.
It is also less likely that they will steal ANY money if they can see that I have a near zero balance on the card that they just stole my information for....
So it is LESS risky for me to use the debit card.
We can question WHO is at risk, but I am confident that my financial institution appreciates me NOT using the cards that have overdraft protection for internet purchases.


And just because I have fraud protection does NOT mean that they will not get any money.
They will still get the $$ (at least the FIRST time they try it) the fraud protection just means I wont be responsible. It is still a loss for the financial institution.

Not sure about your bank, but my Citibank debit card will happily let itself get overdrawn even without any line of credit linked to it. Attackers also have no way to check your debit card balance without a pin, not that they can even tell its a debit card by just the card number anyway.

Benefit still goes to using a CC since I'm not actually down any money at any time. With my debit card, I could end up with 0 dollars for a while until its refunded, and then I might also need to deal with getting overdraft fees reversed.

My CCs (one from citi/mastercard and one from AMEX) have both caught and denied fraudulent charges multiple times though. I think its happened to me on 3 or 4 separate occasions so far, attackers never got any money out of it.

[DAEMANO]

1st they get tha moneee...

then they get tha poowaaa...

then they get the...

aw forget it.

[GeorgeJFrick]

This is strange to read because I hate PayPal. Why would I worry about putting in a CC, it's protected anyways. I trust my CC company over PayPal.

I'm not worried about the break in, smaller companies don't have the IT resources beyond some automated pen-testing. Please at least take some basic steps though.

[Tcoat]

As long as there has been money people figured out a way to steal it. The electronic age has not done away with this and never will. People can be as careful as they want and the thieves will just find a new work around. Use whatever methods make you feel better but remember no matter what you do somebody has or will find a way to take your cash.


If you found this post useful please insert your credit card number, expiry date and three didget security code here:____________________________

[PandaSPUR]

Quote:

Originally Posted by Tcoat

As long as there has been money people figured out a way to steal it. The electronic age has not done away with this and never will. People can be as careful as they want and the thieves will just find a new work around. Use whatever methods make you feel better but remember no matter what you do somebody has or will find a way to take your cash.


If you found this post useful please insert your credit card number, expiry date and three didget security code here:____________________________

+1

And that right there is what keeps me employed.

[Tcoat]

Quote:

Originally Posted by PandaSPUR

+1

And that right there is what keeps me employed.

Ummmmm on which side?

[ScoobsMcGee]

While I'm normally an advocate for thread derailment, preferably with gifs, let's keep this one on track.

If you received a letter from JB Autosports about the breach at FT86Speedfactory.com and Subispeed.com, do the following:

1. Check your card for any fraudulent charges and dispute them if so.
2. If your card company hasn't already contacted you with suspicious activity and issued a new card, contact them and request a new card.

If you purchased from either website outside of the time window in the letter, but are concerned that your card may have been compromised, you may also complete the above steps. It reads as though a formal investigation has been completed, and there was no cardholder database to be compromised, so you should be okay. A little extra diligence never hurt, though.

[justatroll]

Quote:

Originally Posted by Tcoat

As long as there has been money people figured out a way to steal it. The electronic age has not done away with this and never will. People can be as careful as they want and the thieves will just find a new work around. Use whatever methods make you feel better but remember no matter what you do somebody has or will find a way to take your cash.


If you found this post useful please insert your credit card number, expiry date and three didget security code here:____________________________

It is funny. I have been reading "The Ghost in the wires" the story of Kevin Mitnick.


It is absolutely amazing what he was able to convince people to do over the phone with "Social Engineering".
"Oh, you would like me to Tar, zip & FTP all of the source code for SunOs to an external account? - Sure I can do that for you".
"Oh - you would like to know who ordered the FBI wiretap to the phone # you just gave me - Sure...."


"Yes I can add the line '++' to my .rhosts file"