Hackers are brute-force guessing payment card numbers, and there's nothing you can do...

Sausagemeat

Posts: 1,207   +1,065
Hell, you can be denied housing and a job based on your credit score. It's highly illegal, but the people who get denied for those reasons aren't exactly in a position to hire attorneys.

You can fail a security check if you have a significant amount of certain types of debt as you can be deemed as a risk. In other words a competitor or someone who wishes to do the company harm can offer to pay off your debts in order to get you to help them, provide access etc. Its not illegal as technically you aren’t being hired for security reasons.
 

wiyosaya

Posts: 7,005   +5,518
You can fail a security check if you have a significant amount of certain types of debt as you can be deemed as a risk. In other words a competitor or someone who wishes to do the company harm can offer to pay off your debts in order to get you to help them, provide access etc. Its not illegal as technically you aren’t being hired for security reasons.
The legality of it depends on the job you are applying for. If you are applying in the US for a government or defense department job, then substantial debt could open someone to being tempted to sell defense department secrets and, thus, may not get that security clearance.
 

Sausagemeat

Posts: 1,207   +1,065
The legality of it depends on the job you are applying for. If you are applying in the US for a government or defense department job, then substantial debt could open someone to being tempted to sell defense department secrets and, thus, may not get that security clearance.
This includes most IT and telecommunications roles where you are given access to private corporate networks. Sure, McDonald’s don’t require a security check but in my previous life as a systems engineer every job out there had security checks going. I always had a headache as I have visited the Sudan on holidays to scuba dive. And if you’ve been in this country this flags you up as a potential terrorist so I usually had to do in person interviews with the security firm to confirm that I’m not likely to attack anyone in the name of Allah lol. Of course I’m white af, slightly posh, slightly chubby. Obviously a Middle Eastern radical..
 

StrikerRocket

Posts: 98   +62
A French guy proved more than 15 years ago that he could forge a fake credit card, and to prove his point, bought a number of underground tickets. A few dollars worth, just to prove to the banking system, which was a little over confident, that it was possible and that their card system was obsolete. He was prosecuted and jailed.
Now the REAL question: when is the banking system going to beef up its security measures by re-designing a credit card system that is adapted to modern practices and up-to-date fot the sheer power of available computers today instead of asking their customers to take the necessary steps and deal with all this BS when the sh... hits the fan? I.e, ask for refunds when fraudulent use of their cards is detected?
We have no control whatsoever its THEIR responsibility!
 

wiyosaya

Posts: 7,005   +5,518
This includes most IT and telecommunications roles where you are given access to private corporate networks. Sure, McDonald’s don’t require a security check but in my previous life as a systems engineer every job out there had security checks going. I always had a headache as I have visited the Sudan on holidays to scuba dive. And if you’ve been in this country this flags you up as a potential terrorist so I usually had to do in person interviews with the security firm to confirm that I’m not likely to attack anyone in the name of Allah lol. Of course I’m white af, slightly posh, slightly chubby. Obviously a Middle Eastern radical..
Well, maybe you had cosmetic surgery! 🤣
Or in some other way, you were radicalized. :rolleyes:
 

scavengerspc

Posts: 1,846   +1,884
TechSpot Elite
It depends on the bank that issues the card.

Its the same thing with "one-time use" card numbers or card numbers that you can give to a specific site. I know Capitol One supports these and allows you to enable/disable them through an app or web site. Vendor specific numbers are helpful because then you know where a breach originated. (I don't have Capitol One's card, but I investigated it and they made it a pain to get one since I have a block on getting my credit reports. They listed who they used, and I lifted the block on that provider, sent them a letter and said the block was lifted, but they still denied my application anyway to which I promptly lifted my middle finger. Many companies have automated letter readers and I suspect that what happened was that one of the automated letter readers read my letter and improperly handled it.)
Yeah, they call it Eno. Or they used to. Now all I see is "virtual cards."

Anyway, all you do is fill in a short form, and it gives you a permanent (until you delete it) virtual number, security code and exp. date. It's tied to the real Cap One cards, but only works at that retailer. It's been around for years now, and they claim a fraudulent charge has never gone through.
 

wiyosaya

Posts: 7,005   +5,518
A French guy proved more than 15 years ago that he could forge a fake credit card, and to prove his point, bought a number of underground tickets. A few dollars worth, just to prove to the banking system, which was a little over confident, that it was possible and that their card system was obsolete. He was prosecuted and jailed.
Now the REAL question: when is the banking system going to beef up its security measures by re-designing a credit card system that is adapted to modern practices and up-to-date fot the sheer power of available computers today instead of asking their customers to take the necessary steps and deal with all this BS when the sh... hits the fan? I.e, ask for refunds when fraudulent use of their cards is detected?
We have no control whatsoever its THEIR responsibility!
I've heard you can put PIN numbers on your cards. I think the trouble with that, though, is that the merchant has to ask for it.

I go to a Delta Sonic for Gas in the US, and they simply allow you to cancel the PIN input. I do not have a PIN on my card, though, so I don't know if the transaction would still work if I did have a PIN on my card. Also, if I did put one on, I don't want to enter it every time I use the card.
 

yiannisp

Posts: 8   +17
1. Have two accounts in the same bank one with Internet payments disabled and out with them enabled
2. The first account has your savings and the second has 0 balance
3. When u want to buy something on-line you transfer the exact amount from the first account to the second (without any commission as it is inside the same bank)
4. Buy stuff on-line with the second acount
5. Profit
 

wiyosaya

Posts: 7,005   +5,518
Yeah, they call it Eno. Or they used to. Now all I see is "virtual cards."

Anyway, all you do is fill in a short form, and it gives you a permanent (until you delete it) virtual number, security code and exp. date. It's tied to the real Cap One cards, but only works at that retailer. It's been around for years now, and they claim a fraudulent charge has never gone through.
I assume that you still have to notify them that a charge is fraudulent. How else would they know?

What that does, that I like, is prevent the problem of having to give every merchant that bills on that card, say Netflix and others every month, a new card number after a fraudulent use of the card. All one has to do is just kill that card for that merchant and give them another number - if needed.

I've gone through a few instances of having fraudulent use of my card and the bank always refunds the money. However, it's a pain having to give a new number to every merchant with which I do monthly billing.

One other thing that people may not know about is that a merchant can specifically say that they want a new number should the card number change. I found that out the hard way when some jack as$ used my card to pay for his monthly LA Fitness membership. LA Fitness (now esporta, apparently) specifically asks for new numbers if the card changes, and they, LA Fitness, are ba$tards about cancelling charges like that. I specifically had to tell my bank that LA Fitness was not authorized to use my card now and never again. That after having contacted LA Fitness on the telephone and telling them that their customer was in no way authorized to use my card. :facepalm:
 
Last edited:

wiyosaya

Posts: 7,005   +5,518
1. Have two accounts in the same bank one with Internet payments disabled and out with them enabled
2. The first account has your savings and the second has 0 balance
3. When u want to buy something on-line you transfer the exact amount from the first account to the second (without any commission as it is inside the same bank)
4. Buy stuff on-line with the second acount
5. Profit
My bank does not offer the option to exclude types of merchants. So, this depends on the bank that issues the card.
 

StrikerRocket

Posts: 98   +62
I've heard you can put PIN numbers on your cards. I think the trouble with that, though, is that the merchant has to ask for it.

I go to a Delta Sonic for Gas in the US, and they simply allow you to cancel the PIN input. I do not have a PIN on my card, though, so I don't know if the transaction would still work if I did have a PIN on my card. Also, if I did put one on, I don't want to enter it every time I use the card.
In France, we all have PINs on our cards, it's mandatory, but if you obtain the card number, expiration date and the 3 digit check code on the back, you can make purchases on the web. But it's more and more difficult, as a recent regulation makes 2 factor authentication mandatory for on-line purchases. I have to enter a code sent by SMS for almost all my shopping now.
 

Phaetos

Posts: 63   +54
Now as people are saying they can shut off their card, most bank apps will allow you to shut off the card completely, or as mine does just shutoff International transactions.

For even better security, there are services that allow you to create virtual cards for online purchasing with varying degrees of control. Privacy is one company that does this. Create a card for that trial website you want to look at that is for 60 days that you will forget about cancelling, set it for a one time purchase and set a limit of $1 after that purchase. Even if hackers got the information, it can't be used. Will this stop brute force hacking of actual debit card numbers, no, but it will help prevent other hacking issues. Unfortunately, not every bank supports Privacy's system. I wish they all did.
 

Rdmetz

Posts: 350   +169
The article completely ignores 2FA solutions like 3-D Secure (VISA) or SecureCode (Mastercard), mandated in many places, my country included.

So yes, you can do a whole lot about this, you only need to use your brain.

Of course, there'll always be r*tarded countries that consider these measures "anti-competitive" (???), like Australia.

Well you're obviously in Europe where I can't ever make purchases because the sites always want some 3d secure card and here in the usa we just don't have them.
 

Rdmetz

Posts: 350   +169
My Debit Card has been hit 3 times over the past 10 years. Each time it was a small amount charged, and each time my card was shut down, the money refunded and a new card issued.

Let's see these hackers try and brute for my Apple Card.

Brand New card numbers in how long?

The push of a button?

I don't worry about things like this I know that any card backed by any of the major card companies is fully protected against fraud and even if they empty out your account (which is unlikely) all it takes it's a quick phone call and a few questions and you'll likely have the money back in your account by the next day.

Not to mention most credit card companies offer VCC (virtual credit card) as options when shopping online combine with services like privacy (which allows me to generate new cards for any purchase I want and able to block and or cancel the said cards whenever I like) and then Google pay also always gives merchants a new different virtual card number when I shop in person.

I've never once had any of my accounts have money to missing I know lots who have but I'm just not the type to make it easy for someone to do that to me.

But even still if it did happen I wouldn't stress working in US banking for a number of years I knew we basically always had to give the customer back their money asap when they reported fraud. It's a requirement to carry the visa / Mastercard / etc label on our cards.
 

Rdmetz

Posts: 350   +169
It depends on the bank that issues the card.

Its the same thing with "one-time use" card numbers or card numbers that you can give to a specific site. I know Capitol One supports these and allows you to enable/disable them through an app or web site. Vendor specific numbers are helpful because then you know where a breach originated. (I don't have Capitol One's card, but I investigated it and they made it a pain to get one since I have a block on getting my credit reports. They listed who they used, and I lifted the block on that provider, sent them a letter and said the block was lifted, but they still denied my application anyway to which I promptly lifted my middle finger. Many companies have automated letter readers and I suspect that what happened was that one of the automated letter readers read my letter and improperly handled it.)
Just use privacy.com same type of service and doesn't require you to apply for a credit card.

I have a capital one credit card as well as privacy and they both pretty much offer the same benefit.
 

BadThad

Posts: 827   +968
I only ever use one credit card on for the web. It's had the number stolen 3 times over 20+ years and I was never out a dime.

IMO, using a debit card for any thing except an ATM is crazy. I've had a few friends with cleaned out checking accounts over the years.
 

wiyosaya

Posts: 7,005   +5,518
I use PayPal for everything and when a cc is required, I just generate one via privacy.com with a set limit or for sole use and never had an issue with any cc fraud.
Just use privacy.com same type of service and doesn't require you to apply for a credit card.

I have a capital one credit card as well as privacy and they both pretty much offer the same benefit.
Thanks for the tips about privacy.com. I will have to check it out.
 

wiyosaya

Posts: 7,005   +5,518
I only ever use one credit card on for the web. It's had the number stolen 3 times over 20+ years and I was never out a dime.

IMO, using a debit card for any thing except an ATM is crazy. I've had a few friends with cleaned out checking accounts over the years.
Yeah, I had a debit card stolen once, but never lost anything and talked to one of the merchants about who placed the order, they let me check the order status online, then I reported the JA to the Secret Service.

Coincidentally, I had let my checking account go so low that the charges were denied and the odd thing is that I had never let my account balance get so low before that - so I did not lose anything because the charges were denied. 🤣 Sometimes, the Universe works for one's favor. ;)
 

hwertz

Posts: 109   +58
And this comment shows the disconnect between financial classes. While I'm lucky enough to have good credit and several cards, something as simple as outstanding medical debt will outright deny you a credit card. Sometimes your only option is a debit card and that's if the American banking system allows you to have a bank account. It's pretty difficult to work your way out of poverty when you don't even make enough money to update your address nonetheless buy a car to get that better job.

Hell, you can be denied housing and a job based on your credit score. It's highly illegal, but the people who get denied for those reasons aren't exactly in a position to hire attorneys.
And I haven't been outright denied a card, but the offers I've had were a scam (I haven't pursued it recently but...) -- like 20% interest, starting from the second the purchase is made (you can pay off at the end of the month and they're still charging interest.) No thanks. Luckily my debit card is with a local bank that does provide me with proper protections.
 

wiyosaya

Posts: 7,005   +5,518
I did some research on Privacy.com and their reputation is less than stellar, and it not something that I would subscribe to.

For one, you trade true credit card fraud protection for the, extremely questionable, security of a virtual credit card number. Except that the "card" they give you is really a debit card that is backed by a bank account that you provide, and if that number is compromised in any fashion, you are likely out the money.

There are people out there with horror stories about privacy.com, and perhaps all those recommending it have not yet experienced this, but if you ever have one of their card numbers stolen and used for unauthorized purchases, it sounds like you will be lucky to get your money back. See the comments at this link - https://dyernews.com/privacy-com-review/
And see the reviews here https://privacy-com.pissedconsumer.com/review.html
As I see it, I would be better off going with CapitalOne's "Eno" feature.

Privacy.com sounds far too risky for me.
 

sickb0y

Posts: 18   +21
I did some research on Privacy.com and their reputation is less than stellar, and it not something that I would subscribe to.

For one, you trade true credit card fraud protection for the, extremely questionable, security of a virtual credit card number. Except that the "card" they give you is really a debit card that is backed by a bank account that you provide, and if that number is compromised in any fashion, you are likely out the money.

There are people out there with horror stories about privacy.com, and perhaps all those recommending it have not yet experienced this, but if you ever have one of their card numbers stolen and used for unauthorized purchases, it sounds like you will be lucky to get your money back. See the comments at this link - https://dyernews.com/privacy-com-review/
And see the reviews here https://privacy-com.pissedconsumer.com/review.html
As I see it, I would be better off going with CapitalOne's "Eno" feature.

Privacy.com sounds far too risky for me.
You set the card for a single use and limit amount, what exactly are they going to steal if the card gets compromised? They can't charge anything to it as the card is no longer valid and had an amount of 10 dollar limit for a single use.