This is just a crazy, crazy coincidence, right?
November 18, 2013 8:47 PM   Subscribe

OK, this sounds insane and paranoid, and I feel fairly confident this is just a very weird coincidence, but is there some computer virus-y way that a Google search term can end up being reflected in credit card fraud?

Here's what happened:

Around 10 a.m. this morning I googled "Ken Burns toupee." At 2:13 this afternoon, I received an email from my credit card company asking me to contact them regarding possibly unauthorized activity on my card. I logged into my account and there was a charge and a charge-back for around $4.00. The charges were from a company called Tropicana Exotic something or other, for WIGS AND TOUPEES. The chargeback was the same Tropicana whatever, but for SPORTS EQUIPMENT.

Here's what was going on while I was googling:

On the network at work, using a MacPro that's about 5 months old, running OSX 10.8.5. All the software is up-to-date. I was signed into Google, using Firefox. I assume the network is crawling with viruses. At least once a week I get locked out of Google's search engine because of "unusual traffic from your computer network." IT is aware of the problem.

What's happened since then:

I called the fraud division at my credit card company, they told me about the two $4 charges that I'd already seen, as well as a $4500 charge from Macy's East that they'd held. They're sending me a new card, etc. That stuff is all fine. The email and call were definitely from the cc company, not a phishing expedition.

My question:

Is there any way my morning google search terms could be related to the words that were used in the fraud charges? On the one hand this just seems like Baader-Meinhof phenomenon; on the other, slipping small charges that are labelled with recently-used google search terms into a credit card bill seems like an ingenious way to have someone overlook a test charge before the big fraud. Googling (ha ha) hasn't turned up any info on a scam that looks like this, though possibly I am using the wrong search terms. I can't decide if I'm totally paranoid or taking terrible risks with my online security that I hadn't previously known about.
posted by looli to Technology (4 answers total) 4 users marked this as a favorite
Sounds clever and certainly possible. I would try google some really strange (well even stranger) stuff just to see what happens.
posted by H. Roark at 9:43 PM on November 18, 2013

That would get my back-of-the-neck hairs to stand at attention, yesirree. Can you do, say, an online virus scan (BitDefender is one that apparently supports the Mac). But I would also (since you're on a Mac, which doesn't make you immune but just less of a target) suspect some sort of man-in-the-middle trojan on the network. I mean, seriously. I can't understand why your IT department is merely "aware" of what should be a FIRE POLICE 911 HOMELAND SECURITY THREAT LEVEL ALPHA type of emergency. I would ask around the office if anyone else has experienced similar fraud (and suggest they check if they haven't).

As for keywords, this article might help. I couldn't find SEO poisoning in connection with credit card fraud, mainly with click fraud and other scams that actually operate online within the browser, but once you have a Trojan anything is possible.
posted by dhartung at 12:59 AM on November 19, 2013

I mean they didn't try to buy a DVD box set of "The Civil War"... think of all the random stuff we Google every day. Sure "toupee" is a strange word but most likely it's a coincidence. Usually thieves will run a small charge to test if a card is good. Maybe they tried to buy some scrunchies at a wig store. Also a toupee costs way more than $4, unless you find a box of them at Goodwill like I did one time in Rochester.

A wig store is pretty likely to be a mom and pop shop without security or a fraud department. I think that's a more likely explanation. Thieves would be smart enough not to try to lull you into a false sense of security by buying up your "favorite" product based on a single Google search, toupees! They'd know that would stick out... like a bad toupee (please forgive me).

Plus, you can't know for sure where or when these thieves got your card info. If they printed up a fake card and walked into a Macy's (not sure if this was online or what) it was probably weeks ago, pre-"Ken Burns Toupee."
posted by hamsterdam at 1:45 AM on November 19, 2013 [1 favorite]

Yeah I wasn't thinking so much someone stealing my number and looking over my shoulder while I googled as some kind of malware scraping info from my google account, which includes the email my cc bill goes to and my search history.
posted by looli at 9:47 AM on November 19, 2013

« Older Step right up! Oh wait, you're taller than I am...   |   Why do Rx pain meds make me so mellow and... Newer »
This thread is closed to new comments.