WizGidget

March 29, 2010

Throwaway Credit Card Numbers

Filed under: Belton Journal, Tips & Tricks — pmckinley @ 11:03 AM

The internet is a convenient way to purchase items, but it also presents a few challenges. Often the best price available on an item is from an online store you don’t recognize. Even if you did, internet vendors can be subject to cyber-breakins where their customer data is stolen, including credit card numbers.

The good news is that the credit card companies are adapting to the challenge. Some have put mechanisms in place to try to detect illicit charges. I’ve run into that on occasion when I travel for my consulting business and the bank notices airfare and hotel charges for Boston or San Francisco – and denies the charge. How embarrassing!

Another tool that some companies provide is virtual credit card numbers. These are credit card numbers that are good for one purchase or for a limited time or amount. The benefit to this is that even if your credit card information was stolen from a particular online store, the information would be useless because the number is only good for one transaction.

Not all credit card companies offer the virtual account numbers or “secure online account numbers” as they’re sometimes called. The ones that do require setting up an online account in advance. Once you’ve set up the online account, you can simply go to their website, login, and generate a virtual number to use. An added convenience to this is that the number can be copied and pasted into the online store rather than having to try to copy the number manually from your credit card.

Discover’s Secure Online Account Number tool is easy to find and use. Go to discovercard.com, you’ll find the link at the bottom of the page next to the “Contact Us” link on the left side of the page footer.

Citi card’s information is a bit harder to find. Go to citicards.com, pull down the “Benefits & Services” menu, and pick “Built-in Benefits”. The top item in the next page will be “Citi Identity Theft Solutions” – click on the “Learn more about Citi Identity Theft Solutions” link. Then scroll about halfway down the page to find a “Virtual Account Numbers” graphic.

Bank of America has a tool called “ShopSafe”. You can find out more about it by going to www.bankofamerica.com, then put “shopsafe” into the search box. The top link in the search results will take you to the ShopSafe page. If you already have an online account with Bank of America, you can sign in, otherwise you’ll have to either enroll or get a credit card from them and then enroll. Don’t mind the note about it not being available for BoA American Express accounts, spouse Ann used it just last week. The ShopSafe system allows setting a limit, and life in months for the virtual number or number of payments for recurring charges.

I found references to MNBA virtual numbers, but couldn’t find information on their website.
This article is available at wizgidget.com/virtualcard

March 10, 2010

Browser Pop-up Antivirus Scam

Filed under: Belton Journal, Danger! Danger! — pmckinley @ 1:34 PM

I’ve seen this several times — you go to a website, probably from a link that turns up from a google or whatever search, maybe even a popular site like The New York Times or Radio Times.  You get a pop-up dialog box that says your computer is infected with a virus and offers to scan it or prompts you to purchase virus software.  This is a scam, geared to get your credit card information!  This scam has several versions: Personal Antivirus, Virus Protector Analysis, Antivirus PC 2009, Desktop Security 2010, and others.

If you try to click the cancel button, nothing happens, and in fact I believe clicking the cancel button installs the malware just the same.  In one case, I was not able to kill the browser window through normal means.  According to malwarehelp.org, only 5% of antivirus packages detect this scam , although there are manual methods to detect and remove the virus.

My recommendation is this:

  1. DON’T click either the OK or the Cancel button — I suspect both buttons are crafted to install the malware so either way is bad.
  2. DON’T reboot your PC until you’ve verified that the virus has not installed.
  3. Unplug the computer from the network, at least until you’ve determined that the virus has not had a chance to install itself.
  4. Kill the browser through some other means besides clicking on the browser window.  For Windows users: open a taskmanager window and kill the browser from there.  To open a taskmanager, right-click in blank space in the taskbar (the taskbar is the bar, usually at the bottom of the screen, with the start menu and program icons), and pick taskmanager.  Then click the Processes tab, find your browser (firefox.exe, iexplore.exe or whatever), right click it, and click “end process”.
  5. At least for current Firefox users, on restart Firefox may give you the “This is embarrassing” dialog box — make sure you uncheck the site that produced the pop-up, or select “start a new session” otherwise as soon as you restart you’ll get the same issue again.
  6. If you happen to remember what site or link produced the pop-up, send us the link or how to navigate to it using the comment form at wizgidget.com and we’ll check it out.

Powered by WordPress

Bad Behavior has blocked 34 access attempts in the last 7 days.