Debit cards compromised twice - what's the deal here?
May 5, 2013 2:48 PM   Subscribe

Today, my bank's fraud detection department gave me a call - apparently, somebody had attempted to use my debit card for a purchase in Colombia. I live in London, UK. This is an annoyance, but it's particularly worrying because something similar happened less than two months ago - they called me up and said that although my card hadn't been used, they had information that it may be compromised. The card that was used in Colombia today was the replacement, which I've had for only a few weeks. My money is safe and my card has been cancelled (again). But my main concern is HOW this has happened - keylogger? Dubious, but legit-seeming site? Compromised wifi? And how do I keep myself safe in future?

My first and foremost concern is that a piece of malware has installed a keystroke logger on my laptop. I'm generally quite safe with my browsing habits, but I know these things happen. So I'd like to scan just to be safe. I'm running Windows 7 64-bit, with Chrome as my default browser. I have no virus scanner or anti-malware except for Microsoft Security Essentials, which I've been reliably told is actually pretty good.

But this has got me shaken, so I'd like to be sure nothing has slipped through the net. What's the best way to go about this? Which software to use, and what procedure to follow?

My next concern is that my wireless connection has somehow been sniffed or snooped or whatever it is tech people call it. Our home wireless connection uses WEP - I understand this isn't the most secure either, but I don't really have access to the router to change it. I probably COULD get access, if it were strictly necessary, but it might be a bit of a ballache. Is it feasible that my information could have been skimmed this way - twice, weeks apart?

More generally, I'd like to know if there is anything I can do - any other steps I should be taking, or should take in the future, to prevent this from happening. Naturally I will soon be changing all my passwords - from a more-safe machine - as if it IS a keylogger, they've also got everything in my gmail etc. This isn't an option right now as I don't have access to any other computers.

I think that covers everything. I'd appreciate any help from people who understand malware, card fraud mechanisms, anything like that. Thanks in advance, and why not have a look at a picture of my kitten using the laptop in question?
posted by Ted Maul to Technology (14 answers total) 4 users marked this as a favorite
Response by poster: Incidentally, I should add: I haven't noticed any irregularities - popups, slowdown etc. - that would suggest malware. But surely a piece of malware dedicated to keystroke logging would attempt to be subtle...

Further, I've also considered the possibility that it could be an ATM I use frequently that has had a scanning/skimming device fitted. I live in a big city and I know this kind of thing happens a lot, which is why I wasn't too worried the first time around. But I'd like to be as safe as I possibly can.
posted by Ted Maul at 2:54 PM on May 5, 2013

Have you considered that criminals might be getting your information through the bank's back-end databases and not through your computer? That's something you can't fix with local security, and seems equally likely for two cards stolen in two months.
posted by immlass at 3:07 PM on May 5, 2013 [3 favorites]

Yeah, I was going to say, talk to your bank. The only time my card got "stolen" it was because the bank had a security error that compromised multiple accounts.

If that's not the case, then examine other options and get another card. You can google your card number or part of your card number and see if it comes up. I know my dad found his debit card listed online on like a Russian website with people's personal information.
posted by Crystalinne at 3:09 PM on May 5, 2013

The exact same thing happened to me, and it was because my local bank was being "robbed" - the Columbian crooks had installed a camera above the atm, but also were getting data from shops in the area.
Today, I use cash a lot, if I am shopping at smaller businesses. And I get my cash inside the banks
posted by mumimor at 3:15 PM on May 5, 2013

This is exactly why I use my credit card or cash for almost everything. I'm careful about my debit card info, practice good ATM hygiene, and don't keep banking info on my mobile or any public computers and I also kept getting these compromised debit card notices from my bank. A least with a credit card, I'm covered and refunds are much easier to coordinate with no loss of actual cash.
posted by quince at 3:24 PM on May 5, 2013 [1 favorite]

Response by poster: Thanks for the replies so far. Not to threadsit, but yeah, I'm sure there are many more potential fraud vectors than just my laptop. But I really, really want to carry out a deep malware scan just to be sure. If anybody can help me out with this particular thing, that'd be greatly appreciated as I'm not sure where to start.

More general advice and tips welcome too, of course.
posted by Ted Maul at 3:27 PM on May 5, 2013

I doubt it's malware. That said: when I dealt with identity theft (it turned out my educational institution leaked student loan debit card numbers) and was similarly paranoid, I researched security software and found that Kapersky Lab was the best. I have a mac and it has actually caught a couple things this year, which is pretty impressive.

I'd suggest either a security freeze or credit locking for now. There are somewhat expensive services that will do this for you. My credit union offered a discount on Lifelock which I put in place immediately after watching a semester of funds get drained away, to be returned after a long resolution process. It was overly complex and unnecessary long term. They do try to get to the bottom of identity theft incidents, though, and advocate on your behalf with merchants, banks, etc. They were really helpful with speeding up resolution of my situation even though I brought them on board days after my incident. It could be money well spent.
posted by sweltering at 3:27 PM on May 5, 2013 [1 favorite]

I agree it's probably not malware, but to actually answer your question...

If you're running Windows, then Deezil's profile will walk you through a deep scan.
posted by caek at 3:37 PM on May 5, 2013 [3 favorites]

You can download and install Malwarebytes Antimalware and run regular scans. In addition to Malwarebytes, I also use Spybot Search and Destroy, particularly for its immunization feature (be sure to run it as an administrator; note I don't like the "teatimer" and don't use that, just all the rest of Spybot.)

You can install the Web of Trust (WOT) addon for Chrome. You can also install https everywhere when it is available for Chrome (it's in beta now).
posted by gudrun at 3:43 PM on May 5, 2013

The most likely explanation is that some place of business that you regularly frequent has been compromised either by by the installation of a card skimmer or possibly by some employee surreptitiously skimming your card info when handed to him/her.

Typically such skimmers are often located in smaller mon-and-pop retail establishments - though not, by any means, always. Since you have a timeframe of several weeks in which you obtained a new card and in which it was compromised you could narrow down the list of suspect locations by going through your statements for the compromised card and itemizing every place that you used that particular card. You can then match that list with a list of purchases form the previous compromised card to further narrow the suspect locations.

(alternatively your kitten looks very suspicious. Keep an eye on him)
posted by Podkayne of Pasadena at 3:55 PM on May 5, 2013 [1 favorite]

Is there a grocery store or other local store you go to often? Everyone I know had to have all of their cards reissued recently after a large grocery chain in my city was found to have had its payment system compromised for a four-month period.
posted by limeonaire at 4:49 PM on May 5, 2013

Because you asked and I didn't see anyone address it yet, your wireless connection is probably not the vector of attack here, but I really would encourage you to move away from WEP as your wireless protocol.

If I were actively seeking the source of the fraud, I would do something similar to Podkanye's tactic of seeing where both compromised cards were used during a given time frame in order to narrow down the list of suspects. I'd also pay extra attention to places like restaurants where the card is out of your visible sight for a period of time.

On a somewhat related note, I have a credit card with a very low credit limit that I use if I get weird vibes from people/establishments. It's probably extreme paranoia, but I find it reassuring seeing as low-limit cards probably aren't worth much on the black market of card-trading and it limits my potential liability if the card issuer is not cooperative.
posted by antonymous at 5:20 PM on May 5, 2013

Maybe make a list of any websites that you shop at regularly that you've provided the new credit card information to? And then change the passwords on those sites?
posted by softlord at 5:42 PM on May 5, 2013

Yeah, I had the "your card may have been compromised" call once when they detected a skimming mechanism had been installed on an ATM for some unknown period of time over a couple of days, and I'd used that ATM during that window.
posted by Diag at 1:15 AM on May 6, 2013

« Older Help me help my yard   |   My wife doesn't want kids but I do -- is change of... Newer »
This thread is closed to new comments.