What's new
Fantasy Football - Footballguys Forums

Welcome to Our Forums. Once you've registered and logged in, you're primed to talk football, among other topics, with the sharpest and most experienced fantasy players on the internet.

What's the angle on this scam? (1 Viewer)

playin4beer

Footballguy
The other day I got an email from Kohls.com saying my wife's shipping information had been changed.  I went in and took a look and it was her name, but an address in Alabama (we are in Michigan).. I know, I know.. "Start hiding money" ;)     There was about $600 worth of merchandise in her cart.  I removed everything, changed the address back, changed the password, etc.

Fast forward to last night, I got an email from ****'s Sporting Goods about my order being in processing.. I didn't order anything from ****'s, so I sign onto my account and take a look.  There is a $1400 drone helicopter order being processed.  It's being shipped to my name, but in San Antonio, TX.  The payment info wasn't mine.. the last 4 of the credit card wasn't any I own.  And the bill to address was Walnut Springs TX.

So if my payment information isn't being used and they aren't scamming me out of money, what's the angle of using my online shopping accounts?  Using other people's stolen cc info and "laundering" it through my accounts? :shrug:

 
Last edited by a moderator:
Not sure of the angle, but that's pretty disconcerting. Did both accounts have the same password?

 
Last edited by a moderator:
while the persons CC is on file, order yourself a buncha goodies and play dumb when confronted

Christmas just came early

 
The other day I got an email from Kohls.com saying my wife's shipping information had been changed.  I went in and took a look and it was her name, but an address in Alabama (we are in Michigan).. I know, I know.. "Start hiding money" ;)     There was about $600 worth of merchandise in her cart.  I removed everything, changed the address back, changed the password, etc.

Fast forward to last night, I got an email from ****'s Sporting Goods about my order being in processing.. I didn't order anything from ****'s, so I sign onto my account and take a look.  There is a $1400 drone helicopter order being processed.  It's being shipped to my name, but in San Antonio, TX.  The payment info wasn't mine.. the last 4 of the credit card wasn't any I own.  And the bill to address was Walnut Springs TX.

So if my payment information isn't being used and they aren't scamming me out of money, what's the angle of using my online shopping accounts?  Using other people's stolen cc info and "laundering" it through my accounts? :shrug:
Check your paypal account. I recently had my data breached via groupon. They then logged into any site they could find since I used that password for many. They set up a new credit card in paypal had actually added money to my paypal account from somebody else's paypal account and then were using the card they set up to make purchases at various retail locations. 

A shipping confirmation like the one you received is how I found out. 

 
Check your paypal account. I recently had my data breached via groupon. They then logged into any site they could find since I used that password for many. They set up a new credit card in paypal had actually added money to my paypal account from somebody else's paypal account and then were using the card they set up to make purchases at various retail locations. 

A shipping confirmation like the one you received is how I found out. 
Paypal account is unchanged.. no extra money, no foreign card info..  But I changed the password, just in case.

 
You need to stop using the same password different places.

I've gone through the effort of changing all my passwords everywhere I could think of. Only took an hour or so, less than you'll spend dealing with this stuff if someone does get stuff via your card. If you let your browser save passwords you should be able to pull up a list of where it's saved them, and even potentially see which you've used the same password for.

A free tool like Password Safe can also be helpful for keeping track of them. Just double click an entry to load the password into the clipboard. It will also generate random passwords for you.

 
Last edited by a moderator:
good example why I use different passwords
Honest question -

How do you keep track of all the passwords?  I've used the same password, or versions of it, for years...I STILL forget because every site has their own nuances.  Some require a capital letter, a symbol, a number, more than 8 characters, etc. 

 
Honest question -

How do you keep track of all the passwords?  I've used the same password, or versions of it, for years...I STILL forget because every site has their own nuances.  Some require a capital letter, a symbol, a number, more than 8 characters, etc. 
Not sure if this is the best or safest solution but this is what I do. Write out all passwords/usernames on a sheet of paper and then take a picture with a digital device. Load this pic into a digital picture frame along with some others. Lock in a pic of wife,gf,dog or whatever and set it near computer. If you need a password just unlock frame and scroll to pic. 

 
I would assume the credit card info they are using is also stolen.  When the owner of the card disputes the charges, they will suspect you first.  Then you have to prove your account was hacked (which is probably what everyone who uses stolen credit cards online says)

 
I would assume the credit card info they are using is also stolen.  When the owner of the card disputes the charges, they will suspect you first.  Then you have to prove your account was hacked (which is probably what everyone who uses stolen credit cards online says)
Just checked my credit score online, no new accounts, no new credit cards opened in my name.  Nothing out of place...

I'm assuming what you are.. they stole somebody else's cc info and are using my online accounts to shop.

 
Last edited by a moderator:
Not sure if this is the best or safest solution but this is what I do. Write out all passwords/usernames on a sheet of paper and then take a picture with a digital device. Load this pic into a digital picture frame along with some others. Lock in a pic of wife,gf,dog or whatever and set it near computer. If you need a password just unlock frame and scroll to pic. 
Holy crap!  That's involved...and impressive.

 
You need to stop using the same password different places.

I've gone through the effort of changing all my passwords everywhere I could think of. Only took an hour or so, less than you'll spend dealing with this stuff if someone does get stuff via your card. If you let your browser save passwords you should be able to pull up a list of where it's saved them, and even potentially see which you've used the same password for.

A free tool like Password Safe can also be helpful for keeping track of them. Just double click an entry to load the password into the clipboard. It will also generate random passwords for you.
This.

LastPass is the one I use.  I see Walking Boot mentioned it as well.  It's free, warns you of duplicate passwords, and will generate random ones based on any criteria you set.  They do charge $12/year I think for their mobile app, which I pay for so I always have access to my passwords even if I'm not on a computer.

 
not to hijack but my mom called me earlier to say "did you just call? i got a collect call from you.. it was your voice.. when i said i'd accept the call i was prompted to enter my credit card# to pay for the charges so i hung up"

wtf 

 
not to hijack but my mom called me earlier to say "did you just call? i got a collect call from you.. it was your voice.. when i said i'd accept the call i was prompted to enter my credit card# to pay for the charges so i hung up"

wtf 
To hijack even further.. my mom is literally the lady from the Geico commerical..  "Well, the squirrels are back in the attic"..   She calls at the WORST times...

 
not to hijack but my mom called me earlier to say "did you just call? i got a collect call from you.. it was your voice.. when i said i'd accept the call i was prompted to enter my credit card# to pay for the charges so i hung up"

wtf 
Might be a scam where prisoners call and steal info to transfer money and card info.

 
Not sure if this is the best or safest solution but this is what I do. Write out all passwords/usernames on a sheet of paper and then take a picture with a digital device. Load this pic into a digital picture frame along with some others. Lock in a pic of wife,gf,dog or whatever and set it near computer. If you need a password just unlock frame and scroll to pic. 
Thanks for the input, Agent 99.

 
Not sure if this is the best or safest solution but this is what I do. Write out all passwords/usernames on a sheet of paper and then take a picture with a digital device. Load this pic into a digital picture frame along with some others. Lock in a pic of wife,gf,dog or whatever and set it near computer. If you need a password just unlock frame and scroll to pic. 
How do you unlock your frame when the password is locked in the frame?

 
I used to use an algorithm based on each site's URL, plus a standard alpha-numberic add-on to meet the site requirements. For example, "First four letters shifted one key left on the keyboard (if there's room), then the characters A100%!". So for espn.com, my password would be: waobA100%!, for gmail it would be fnauA100%!, for footballguys.com it would be diirA100%!, etc.

Was pretty easy to remember which sites I'd have to drop the special characters if they weren't allowed.

But eventually I just switched over to LastPass, the free version. It read my browser memory and imported all my existing passwords, let me know which were on sites that had been compromised, and changed them for me. When I sign up for a new site, it makes a password for me in my browser with one click. Pretty painless.
Stephen F'n Hawking.  Just use 69696969 like everyone else.

 
This.

LastPass is the one I use.  I see Walking Boot mentioned it as well.  It's free, warns you of duplicate passwords, and will generate random ones based on any criteria you set.  They do charge $12/year I think for their mobile app, which I pay for so I always have access to my passwords even if I'm not on a computer.
LastPass just became FREE on all devices.

https://blog.lastpass.com/2016/11/get-lastpass-everywhere-multi-device-access-is-now-free.html/

 
So what website/app do I use if I want to store passwords in more of a text format?  If that makes sense

 
So what website/app do I use if I want to store passwords in more of a text format?  If that makes sense
If all you want is to store them in a text format of some sort, the typical fallback is a password-protected Microsoft Word/Excel doc or Google Doc/Sheet.  Something along those lines.

 
Ok.. adding all my sites to LastPass and using their generated passwords... My question is, after changing to a generated password, do I then click on the Chrome question asking me to update password?  Do I want it saved on Chrome?
You should get a LastPass question asking you to save your updated password, which you obviously want to say Yes to.  As far as Chrome saving passwords, you should say No and I think you can even say "Don't ask me again" or something like that.  You should also be able to go into your Chrome settings and delete any saved passwords in there, which I'd recommend once you start using the LastPass extension.

 

Users who are viewing this thread

Top