WARNING! Possible Mattel Ghost Trap Digital River CC Info Leak

Discussion in 'Replica Props' started by BlackMarketMagi, Oct 18, 2011.

  1. BlackMarketMagi

    BlackMarketMagi Well-Known Member

    Trophy Points:
    Hey guys I bought one of the Ghost Traps yesterday and used my credit card Today I went to check to see if it had been charged and when I did there was 2 other charges pending, one from wmvmatch.com and one from debityahoomail. Totaled around $60. Both unauthorized and scams.

    Since I very rarely use this card and the 3 digit security number on the back I assume my number got stole somehow on Matty or Digital River. I never hand this card to anyone so it had to be stolen online . You should all check to make sure as $60 could go by easily unnoticed. (One was $19.99, the other $39.99) My bank has cancelled them so I am ok but wanted to spread the word just in case someone there is swiping cc numbers.
  2. Wes R

    Wes R Legendary Member

    Trophy Points:
    Did you contact those companies as well? I've gotten into the habit of checking my account balance once a day or so. Never had issues but rather safe than sorry, glad to hear you caught this though.
  3. sycor

    sycor Sr Member RPF PREMIUM MEMBER

    Trophy Points:
  4. BlackMarketMagi

    BlackMarketMagi Well-Known Member

    Trophy Points:
    I looked the companies up and they are both known for this. If you call, they ask you for your credit card info and security number to verify. There is no reason to ask for the security number to see if there was a transaction. I called my bank they stopped them both and will investigate without giving out my info. Apparently some banks have these two companies flagged and will automatically reject any charges to them.

    Could be random cc generator, but the timing would be incredibly coincidental. And they also got the security number which seems improbable. Either way just looking out for my fellow RPF'ers and want to make sure no one else gets boned.
  5. Cenobyte

    Cenobyte Sr Member

    Trophy Points:
    I used my AMEX so I should be covered is this happens.

    Thank you for the heads up.
  6. Bootlegger137

    Bootlegger137 Sr Member RPF PREMIUM MEMBER

    Trophy Points:
  7. exoray

    exoray Master Member

    Trophy Points:
    The so called 'security' number on credit is only three (maybe 4) digits, hardly a security feature when it can be brute forced in a few minutes...

    Once a 'hacker' gets your credit card number and expiration date, all they need to do is brute force the three digit 'security' number using a few different sites with an automated brute force attack walking through all 999 possibilities in a matter of minutes until one is accepted... Heck even the expiration date can be brute forced easily as it's almost always only 1-3 year out, even at 3 years out that is only 36 possible expiration months...

    FYI there are programs designed to do just this and are fully automated so even the 10 year old script kiddie can manage the brute force attack...

    And on a second FYI most skimming operations don't exploit the skimmed numbers for a month or two after they were skimmed, as they like to exploit the source of the skim to it's fullest and to collect a large number of skimmed accounts before they tip off anyone to where they where skimmed, resulting in the banks and people canceling the accounts used at the location skimmed...

    There IMO a much larger chance you got skimmed a few weeks or months ago or you have a sniffer program on your computer...
  8. BlackMarketMagi

    BlackMarketMagi Well-Known Member

    Trophy Points:
    Well I use a mac so it is unlikely but not impossible I have a virus, trojan, or sniffer. Like I said I very rarely use this card I'd have to go look up when the last time I used it before this was.

    However I did update my card info on Matty a few days before so it was ready to go.

Share This Page