Your Credit Card and Online Accounts

  • 15 June 2016
  • 9 replies

Userlevel 7
Today I spent over an hour on the phone with a Vitamin Company trying to fix a glitch in their website. This is a website that I have been getting vitamins and other health related items for almost 10 years. I went to their website today to change my email address. After changing the address I logged out and then logged back in with the new address. I never save credit cards on any online account but I went to "Add Credit Card" link on the website. After I clicked the link and BINGO - I seen about 60 to 70 credit card numbers (last 4 digits) Names, Addresses, Expiry Dates. I could delete or edit any credit card. This all happened because I changed my email address. The Company thanked me for being honest and gave me a $ certificate on my next order and Free Shipping for Life. Good Lesson: Never Save Your Credit Card Number on Any Online Account.

9 replies

Userlevel 7
Badge +62
WOW that's crazy stuff! How could that happen? I am really leary about putting my credit card online. So I hear you about that now...don't do it at all! Ugh!

But that was really nice of them to give you something for your honesty and helping them. I bet they patched that up pretty quick eh? 


Awesome story...thanks for telling us! ;)


Hey you lead an exciting life! LOLs 
Userlevel 7
Badge +34
Fascinating story and great advice ?. I used to have my credit cards saved on several sites but the spate of security breaches last year and the fact that both cards expired towards the end of 2015, started me on a campaign to find  a better way.


I now only have my new cards saved on PayPal's  site and I reckon that if they can't keep their data safe, then we are all dead in the water! Annoyingly Amazon do not accept PP and do not let you pay without saving your card. I am determined not to save my new cards to their site and whilst I am sure that they are undoubtedly as secure as PP,  it has now become a matter of principle with me and so I haven't bought anything from them this year and manage to find alternative sources.


It is obvious though that small companies (like your vitamin company) rarely have the resources to ensure client data like the big guys and are always going to be vulnerable.


Userlevel 7
Badge +62
Yikes Nemo! I forgot about Amazon....they got me there with a credit card! I do have PayPal as well and hopefully that stays secured! Just don't fall for any PayPal email spams and what not! :@
Userlevel 7
Well done, Dave...for being an honest & concientious citizen in the circumstances...some would not have been as upright as you have been. 


As for saving credit cards online...there is another way. Have a credit card specifically for web-sourced purchases, which is locked down to a relatively low maximum spend limit. That way if the card details are somehow leaked/get into the wrong hands the potential level of abuse is limited by the cap.


One thing that I have found, certainly in the UK, is that the card companies do tend to monitor type of usage and eill either reject transaction that do not fit the 'usual profile of use' or contact you if they spot something suspicious.


Being able to save card details can be a boon especially if one frequents & purchases from a site often.


Just me thoughts. ;)
Userlevel 7
Badge +34
@ wrote:

Just don't fall for any PayPal email spams and what not! :@

I've not had any phishing emails purporting to come from PayPal or anyone else for quite sometime now. I can't believe that the bad guys have stopped sending them and therefore assume that my email providers are doing a good job at screening them out. :D
Userlevel 6
Last year I was shocked and horrified to learn that eBay had allowed via some method or other a scammer to use my credit info to create a bogus account.  After a lot of hooplah and sleepless nights, I managed to get it squared away. 


I was thoroughly amazed that someone could create a student account to piggy back on my actual account without my knowing about it until they decided to start doing all kinds of bogus charges.  I wasuit actually lucky enough to have someone call me from New York to let me know that they ahd been alerted that someone trying to charge at their location was using my identity/card so that I could get ahead of the mayhem.


My local police department was absolutely horrifying in their disinterest in my problem and if i had not gotten lucky and found an article on line about what to do if you were a victim of identity theft i wouldn't have opened up a report wtih the proper authorities so that I would have the right information so that the local police department could do something to help me.


Quite literally, i walked into the police department and they were only too happy to turn me away until I told them that i had contacted the proper authorities to establish a report and then i could use the local police department to get the final information to get the credit bureaus to put a fraud alert on my accounts for the next 7 years.  One of their undercover agents actually walked out to look at me as I offered the documentation to prove that I had done the right steps to get the process started to see me in person, apparently because they didn't have such a thing happen that often...


And obviously they wouldn't have been helpful in getting folks to that point so that they could be proactive and protected while getting things situated.


It's shameful and horrifying that our various authorities are disinterested in helping the innocent because it would seemingly interrupt their otherwise blithely smooth daily chores.


You can believe that I have been incredibly mindlful very single month since that time to make sure that everything is above board and there are no fraudulent or questionable charges on my account.


Word to the wise, always check your accounts for anything that might seem out of place or odd.  Chances are that will alert you to something that needs to be watched.



Userlevel 1
In 2011 I had an account with Ebay & PayPal & the card I used to make purchases on Ebay was compromised on Pay Pal. I was notified by a credit monitor & also the stores where the thieves tried to purchase stuff online & immediately the cards were blocked & cancelled & news ones issued. I had to go in to my bank & file a report for each of the purchases & ends up the thieves never got the items. I deleted both Ebay & pay Pal accounts & refuse to use either site.


I now check a couple of times a week & monitor to make sure no charges other than the ones I actually make. I also get a phone call if anyone tries to make purchases with my card.


Quick note the purchases the thieves tried to make were from UK & i'm in Texas.
Userlevel 7
gr8auntteffie wrote:

Word to the wise, always check your accounts for anything that might seem out of place or odd.  Chances are that will alert you to something that needs to be watched.




Excellent Advise gr8auntteffie. I have posted this before but I will post it again:


One of the first things I do every morning is check all my money accounts. The last thing I do before signing off the computer at night is check my money accounts. I do that twice a day, every day, sometimes 3 times a day (afternoon time). Some Banks will notify you of suspicious activity on your credit cards. Navy Federal Credit Union is good at monitoring your credit card activity. I had activity on my NFCU card a few years ago from China, NFCU stopped payment even before I detected it. Does it sound like I'm paranoid? Yes on all money accounts. I don't have millions of $$$$, but I worked hard for the little I'm getting. 😃
Userlevel 7
Badge +34
I wouldn't dream of calling you paranoid ? - but I would call you brave for posting the frequency of your checking! 😃 It's good to know that I'm not as paranoid as I thought I was! :D


I always get an email when I use PP and so I assume that I would get one if there was any unauthorised usage, which fortunately there hasn't been - yet.


One of my other accounts always emails me with the log on IP address and another requires extra security checks if I log on from other than my home IP. I think both are good security checks but were perhaps designed when the desktop ruled and may be a bit outdated in the mobile environment.