I got $5,000 Scammed Last Night - Problems with the Modern Banking System by Charlie Shrem

in steem •  2 years ago

EDIT: Total stolen was $7200. Foot Locker alone was $2400

Last night I'm out with family eating dinner and I go to charge my debit card. It got declined.

Like many of you, I work in Bitcoin and crypto currency. I get paid in Bitcoin as well for many projects. I keep the funds in various cold/hot wallets and I use a BitPay Debit Card for my day to day bills. My accountant actually prefers this because it makes calculating taxes easier.

So my card was declined and when I logged into my BitPay account, I saw someone spent $5,000 I had on the card

I'm in Pennsylvania, so my first reaction was that my card was skimmed along the way and created a clone card. I looked at the statement and looks like the scammer did a quick run at a shopping mall in San Francisco, CA.

I immediately called BitPay Card Services and they were closed. This really pissed me off because I could have potentially stopped the charges. When I spoke to a gentleman at Foot Locker, he said if I had called the day-of he could have voided the charges.

I said to him:

Hey, I don't mean to offend you, but if someone walks in and spends $1500 in your store in multiple transactions. Don't you think you should ask him for ID?

He hung up on me.

Someone just bought the whole city new shoes on my dime.

(Update- Total spent at Foot Locker was $2400, not $1500)

I spoke to card services today and they advised me to make a dispute. However they said I have to wait until the stores actually charge my card, since its in pre authorization.

Wait, I need to wait for the stores to actually charge me to dispute it? If its not charged yet, can you just cancel the charges?

No sir.

Awesome.

Take away:

  • I'm not blaming BitPay. I absolutely love this card and I plan on keep using it, but 24/7 customer service should be standard.
  • This is a non-chip card. I wish their issuing bank "Metropolitan Commercial Bank" would issue chip-pin cards like the rest of the world. If you are using a non-chip card, I recommend you get a new card every 30 days.
  • Set up a flag that if your card is used more than 3 times in 1 day, it should freeze the card.

Every time you use your card or a check, your payment information is on the card or the check, anyone can use those details to drain your account.

Bitcoin transactions are push transactions, everything else in the world is a pull transaction. When you swipe your card or write a check, the receiver has complete access to your funds.

Now, I am covered by Visa's "Zero Liability Policy" however I have to file a dispute and wait 60 days for my money back.

We need more merchants accepting Bitcoin and cryptocurrency.

Steem Dollars would be perfect. Transactions are instant and removes volatility.

Let's make it happen.

Charlie

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Someone just bought the whole city new shoes on my dime.

This plus the Screenshot made me laugh so hard - I feel bad now :(

Hope you get your money back and thank you for sharing the story!

·

I should get it back, but its just the hassle of waiting and the budgeting for the rest of the month. Thank you!

·
·

I have no idea how someone at footlocker could stand there and let the scammer walk away with dozens of shoes, like who needs dozens of fucking shoes?

·
·
·

That's what pissed me off. The human component could have prevented this

·
·
·
·

damn @charlieshrem - that sucks!
Scammers are everywhere!

·
·
·

Exactly my thoughts!! How insane!

·
·
·

"gifts"

This also happened to me at tax time last year, My bank account was drained in one day by someone in the UK. I know the source of the hack was from a Battery sales website. My Bank eventually flagged the charges after 700 dollar charges in the UK, I also had to wait 30 days for the money to be refunded and it was really disruptive in getting my bills paid that month.

·

I also had to wait 30 days for the money to be refunded and it was really disruptive in getting my bills paid that month.

Thats the worst part of it. The waiting and having to deal with this. I'd gladly pay $100 for some expedited service.

I know it can't help with a Bitcoin-linked card, but this is a big advantage of credit cards over debit or prepaid cards. With a credit card you can dispute and refuse to pay, meaning you still have your money. With a debit or prepaid type card you don't have "your" money until the bank feels like giving it back to you.

·

True story. A cool idea is a secured credit card, secured by Bitcoin or a credit card that its bills can be paid in Bitcoin.

·
·

The problem is this requires a bank to exercise credit powers. But it would be handy.

It would be cool if there was some way to invalidate crypto transactions using a premade revocation that generates after each transaction, that cancels the transaction and specifies a backup address.

Wow, very unfortunate, so sorry for you!
Crazy how stuff like this happens sometimes.
I hope you can get your money back as quick as possible, and that the scammer can be tracked down as well.
Plus, you were totally right when calling Footlocker - they should ask to see an ID if someone tries to buy so many shoes with a credit card!

Hope everything turns out well for you.

Damn dude.. I hope you get your money back. That's some low down thievery if I've seen it. :/

Who the F**K spends that much on shoes?

·

A thief who will probably sell them on ebay or craigslist. It is easier than standing infront of an ATM with a camera staring at your face.

·
·

Ahh.. TIL.

Now.. Just to get those shoe models and keep an eye out on craiglist and ebay for them. :D

·

someone with a thermal printer. He prints out a reciept to cash, then takes them back. you have to think like a thief (or what intelliguy said, though there are easier things to turn around than shoes)

How about SMS confirmation per every transaction (over certain sum)?

Sh*t , best wishes for you Charlie! It happened to me once when I was in turkey, they took 1.000€ from my credit card so I can understand your feelings right now... Hope the money will come back very soon

Sorry to hear / read that. But you'll get some nice Steem Power for your post :) Did you report that to the police? Maybe there is at least a small chance to catch them by observing the video takes of the shops matching them with the credit card data (time stamps)?
Good luck!

Thanks for sharing this so we can all be aware. Mall security should have video of him in multiple places in the mall. Those DVRs probably rotate their footage every 7 days, so don't waste time getting them to investigate. In the end, the mall merchants are going to lose here and they need to catch this guy since he's probably going to keep doing it with other people's accounts. Getting a police file number will also aid you in your dispute to prove it wasn't you.

Visa's fraud detection really failed here. They should also be concerned. I know they constantly data mine for patterns like this.. they really missed the boat on this one.

i am speechless o.O

I agree with most of this - hate chip readers though. Last night I stopped at the store for a couple items to make family dinner and it took me 20 minutes to check out - chip reader kept jamming and making me restart. Seems to be an epidemic in our little town.

I've had this happen to me before, never a good time.

That's an awful story and your details are really good here, and suggestions. RS and UV.

Honestly, you are an Online Maverick to many of us, and my take away is if it can happen to a guy like @charlieshrem --- it most certainly could happen to ANY OF US.

Keep up the good work Charlie!!

Sorry this happened to you and TY for the post and lessons!!

·

I am going to keep this short and simple.

The whole banking system is ruined.

Plus no one on this planet should be allowed to have more than a billion in their bank account.

No one, no matter who you are.

·
·

I am one of the dues paying members in #Canadastan here suing our Federal Gov't to get the banking system back into the hands of the people, so I am with you 100% on that.

If you want to see the progress as we head to the Supreme Court of Canada in the latest hearings -- here you go:

www.COMER.org


That totally sucks . Sorry, to hear that.

I know this was a long time ago and I hope you've been made whole by this point. It would be nice if BitPay had a 'freeze' card option or a Lost/Stolen department which is usually manned 24 hours. This is usually someone at the Bank or Visa that could block the card.

That sucks.

He might have had ID. Your name is on your card, however, the acquirer (the bank that your transaction gets sent to from the stores POS) doesnt check the name against it against the card issuer's records, they just check the account number with visa to make sure there is available credit.

So I could clone your card and print one up that says "Jason Poopybutthole" on front, with the name "jason poopybutthole" encoded on the magstripe, then make myself an ID that says "jason poopybutthole".

Or, i could just make myself an ID that says "Charlie Shrem". Even if they check ID's, how confident are you that some 6-dollar-an-hour footlocker goon is going to be able to spot even a bad fake.

And if i don't have a PVC printer to make an ID and a new card, i can just encode the mag strip onto a used visa gift card... the kind that doesnt have a name on it.

In reality, CNP cards aren't a ton more secure, and any security advantage they have over traditional cards is going to be gone as chip skimmers get as sophisticated as swipe skimmers are now.

What most likely happened to you is that you ran your card through a skimmer. Most likely place is a gas station. Second most likely place is an out of the way ATM machine. At this point, theyre nearly impossible to detect.
image below from krebs:

The skim probably happened a long time ago, and your data was just sold to someone in SF on a dumps website or DNM or something. You actually got really unlucky. Most credit card issuers will not allow POS purchases that far away from the CH address.

Also of note -- the identical amounts appearing at the same time are usually an artifact of how the issuer processes authorizations... When these finally post i suspect the damage is only going to be about half.

i guess cybersecurity is suppose to be increased a lot!

The clerk knows the person who stole your info...

It happens all the time these days unfortunately. I suspect if we all switch to crypto it will reduce the risk but the criminals will find some way to use that too.

·

right now, there's a pretty popular windows virus that watches your clipboard, and every time it sees a bitcoin address there, it generates one with the same first-few and last few letters, then replaces it in your clipboard, so when you paste the btc address youre trying to send money to, instead you paste on that looks the same on quick check but is actually controlled by the bad guy.

·
·

We have iMacs, that's crazy, are there any viruses like that that can infect macs? ...this whole thread and post is the kind of news I need!

·

It won't reduce the risk too much. The real issue is that, since there isn't a mediary like Visa, you won't have a recourse for fraud. So, if someone steals the money, you're screwed. It's like cash, except potentially way more exposed since there aren't physical and geographical constraints to the usage.

One more sad story involving scams.
And what was the Foot Locker guys thinking?!

I am done with the banks brother. Had a crazy experience this week myself. Wouldn't let me withdraw my money. Treated me like a criminal. I will only use them to pay bills now. With the interest rates STEEM offers and other things, in a way its a better option than any bank right now. Nice post.

Horrible @charlieshrem! This just happened to me the day we flew back from SteemFest. Someone in Miami hacked my PayPal account and tried to order shoes at Footlocker. PayPal caught it in time and terminated the transaction. Best of luck getting it rectified! I agree, we need a network of merchants accepting crypto. Soon. : )

Sorry you had to deal with this ordeal... Grrrr!!! Yet "Wow!" I love these words, at the end, in relation to the Steem... This is so good to read. Thanks for the thoughts. Namaste :)

Wait, I need to wait for the stores to actually charge me to dispute it? If its not charged yet, can you just cancel the charges?
No sir.

..lol, just lol.

Bitcoin transactions are push transactions, everything else in the world is a pull transaction. When you swipe your card or write a check, the receiver has complete access to your funds.

As someone who doesn't know much about how transactions work outside of crypto-currencies this surprised me a lot.

I'm sorry to hear that, Charlie and I'm sure you will get your money back. And, like you, I'm looking forward to a world when we can pay with steem dollars.

That sucks Charlie! I use BitPay too. How the hell do you think that happened?

JOKE :.. this is the kind of scam ex-cons learn on the inside and execute on the outside. Would be interesting the thief was charlies friend, but I don't think charlie would ever take such a risk after what he went thru before :)

Steem Dollars and BlockPay - We're workin as hard and fast as possible Charlie.
Let's make it happen! :)

·

F.ck yeah brother!

upvoted and followed.

I use wirex and have had problems and service can take a long time to respond. And best of all the bank keeps fucking with them. I have big problems since leaving eastern europe with pos terminals that don't do credit cards or have big minimum payments.

Blockchain is better. It will take over. I find it interesting that using credit cards is a serious pain in brick and mortar venues. Trusted third parties suck.

сочуствую !но если возратяться деньги это будет хорошо

So sorry for what happened! Sickening and infuriating!

Let's hope that www.BlockPay.ch spreads like wild fire. With their payment system merchants can accept crypto such as Steem automatically and with no cost to them!

You can check some of their progress right here at @kencode I personally used the system to buy a beer in Munich.

https://tinyurl.com/hq8tsyq

@kus-knee (The Old Dog)

I also hope you recover what you have stolen I voted for you and Resteem
Thanks for sharing this story

so sorry this happened, that's a lot of money to have to wait 60 days for!
and yes yes yes -
We need more merchants accepting Bitcoin and cryptocurrency.

Steem Dollars would be perfect. Transactions are instant and removes volatility.

Sorry this happened. Bitpay is more to blame in my opinion than Footlocker. This wouldn't happen with an ordinary card. They are usually pretty good at detecting unusual activities fast.

OMG, but is a stupidity to use a bitcoin debit card: you are giving to a "bank" open source to your BTC wallet. You should use a trezor wallet.

Per the merchant agreements with the credit card (and debit card issuers), merchants are not allowed to check id during a transaction as long as a properly signed card is presented. The only exception is if a credit card is not signed. Then they can ask for id and make you sign the card before they will accept it.

Writing "SEE ID" instead of signing the card is also a violation of the card member agreement, although in practice I don't think anyone has ever gotten in trouble for doing it.

It's really messed up the way it works, because it is usually the merchant who eventually ends up eating the cost of what ever fraud occurs. The consumer files a dispute and if the bank agrees they claw the money back from the merchant. The agreements are stacked so the merchants don't even have a good way to help prevent the fraud.

A lot of this is why I know longer use a debit card. If fraud occurs, I'm not out any money, I'll just have a pending balance sitting on a credit card for a while. It's a little bit more of a hassle, but it's probably worth it to help insulate my bank account from any thieves.

Sorry to hear that Charlie. I hope it gets resolved quickly.

This post has been linked to from another place on Steem.

Learn more about and upvote to support linkback bot v0.5. Flag this comment if you don't want the bot to continue posting linkbacks for your posts.

Built by @ontofractal

Damn scammers.
coincidentally my wife and I had bogus charges on our credit card a few years ago from Foot Locker, Miami, Florida.
It must be an organized crime routine.
Sorry about your situation.

Charlie If you get this in time, - 4 more hours in the Free Ross a Thon -- can you RS and get the word out?

Hey buddy, can you resteem this? #FreeRoss show is live now!

https://steemit.com/freedom/@barrydutton/free-ross-a-thon-is-now-today-share-the-info-details-below-2-pm-10-pm-est-steemians-speaking

@charlieshrem I love it man!! you lose that money then make a couple of posts and earn it all back and still you have to wait a few days longer to get what was spent back!! you are a crypto-G

Ah man. I had $1,100 stolen from me as well back in 2011. I got it all back in about a week, but it was such a pain in the butt. Credit Cards were developed prior to the internet. From a purely logical perspective, the banking systems as it exists today is ridiculous.

"Oh, here's the combination to my safe. Please only take out what you're supposed to."

What a joke.

If governments didn't have a monopoly on currency creation backed by a monopoly on the use of force, these archaic systems would have been innovated away a long time ago.