My VISA card was just shut down by my bank as of 11PM last night. Apparently a $2 charge came through that their computer spat out as possible fraud. I did not make any $2 charges last night to an unknown company. Apparently the fraudsters probe your card with a small charge before scalping you. Anyway, this comes about 5 days after putting in a sizable order with Sportsman's Guide. I remember reading here or elsewhere that this was an ongoing problem with them. Apparently a bad actor working in their call center. If I'm mistaken, SMG has my apologies. At any rate, I thought I'd put the word out to beware. If you make a sudden large purchase, check your accounts. Edited: If you make sudden large purchases ANYWHERE, check your accounts. This can happen anywhere. I hate the idea of punishing one company. But I mention them because of the timing and things I've previously read.
Well, here we very rarely use CC to pay for anything...Personally, only time I use CC is on the ATM machine to take out cash, and I pay for all in cash....This past year I started to see increased use of payment with CC's here...Basically, our people don't like and use CC's...Almost none of the "mom-pop" shops here have CC readers...cash only!
bnmb, kinda hard to pay cash for an online transaction. I think this was the thread you were thinking about: http://www.survivalmonkey.com/forum/general-discussion/15375-sportsmansguide-com.html I've made many purchases with SG and never had a problem.
Never had a problem with SG either. On initial purchase a long time ago, they even called me and I had a nice talk with one of their support reps. There could be a number of reasons why you got that phony charge. Browser phishing and tracking cookies, key loggers, you name it.
I had a CC fraud problem last year - got charged $173 for some luggage from some company I never heard of in NYC - I am a cheap SOB - I'd never pay that for a bag...... I check my CC account often, and found it quickly - put in a Fraud alert to the CC company and had the account locked. Ended up getting a new card and account number. Got my money back too - but was without CC for a week. Not a big deal, but I do use it for gas and travel.
Doubtful. Those are harder to implement than it is for some insider to query the order database and hand off a list of #s in exchange for a C-note.
Online transaction? WHAT online transaction?... We do that very rarely, and if we do, this is HOW we do it... We go to our bank, we take electronic payment card, specially for online purchases, we put money on the card maximum 5 euros over the thing we are paying for online, and we're done! Cheaters and crooks can kiss our bu..s! Next time I want to buy something else, I do the same thing.. ECC is ALWAYS empty except for 1-2 hours until I make the purchase!
no, it's them. I had mine tapped after an order from them as well. I keep telling them their security is ****. they won't listen.
From an IT perspective, this is dang simple. Encrypt credit card info from the minute it is received. All encryption is within compiled "black box" objects with source code under lock and key. CC Merchant modules are handled in the same way. THAT'S IT. Oh - also - disallow pen and paper / iphones, etc. from call center drones. Sad, but necessary. It's a shame if it is them because they always have outrageous deals - and deer season is on it's way. Because of the size of the purchase, I basically had to join their buyer's club - saved more than it cost me. I was looking forward to using the membership more than once. I rarely worry about these things because VISA always finds in my favor - never had a problem. But MAN - the inconvenience!
I don't know, dude. Call them and talk with them. If SG has a rat working for them, then telling them about it is one way to make their services even better. Nobody is perfect, and there are a lot of snakes in the world.
I'll rattle off a friendly letter to the prez Nothing offensive. I'm not pissed. These things happen. But going straight to the CEO generally gets more attention.
I'm a C# ASP.NET developer and have done my share of E-Commerce sites. I had quite the back and forth with them via the BBB not too long ago. Don't get me wrong, they are a freaking awesome company to get gear/goods from, I just think that their system is a security risk for privacy issues and mis-use of accounts. To further expound on my "I think their security is ****" comment, there is no doubt in my mind that there is a rat inside their company. I don't think this is a web-site security hole. My honest developers opinion is that there is a person on the inside taking numbers because I was informed that their process is two tiered. Order comes in and goes into their system ,which is then sent down to order processing. They have a rat.. I'd bet money on it.
VB ASP.net here. Agreed. Not a hole in the sense that it allows sniffers or someone on the outside in. That's really not a difficult issue to deal with at any rate. But someone on the inside and that is an issue with general data security within the company. There is no excuse for having CC info floating around in clear text, but a lot of companies do it.
Agreed, 1 Billion %. If you lodge a BBB complaint with them, let me know the record number or link to the complaint so I can add my 2c worth. They still haven't fixed their membership system. It STILL allows someone to checkout with a last name and phone number to get the membership discounts. To me, that enables theft of my member privileges. They need a properly tokenized membership system and you and I both know that it's balls easy to use the default membership provider or roll their own. I e-mailed them about this and I got a bs reply from them. The last hole allowed any joe schmoe to access your recent order history with just your last name and phone number. My BBB complaint lit a fire under their ass to fix that one. curious. what did they purchase on your account? The perps in my case decided to buy Jeans from Hollister Co. and some other stuff that I forget.