• Welcome to the Off-Topic/Schweb's Lounge

    In addition to the Mac-Forums Community Guidelines, there are a few things you should pay attention to while in The Lounge.

    Lounge Rules
    • If your post belongs in a different forum, please post it there.
    • While this area is for off-topic conversations, that doesn't mean that every conversation will be permitted. The moderators will, at their sole discretion, close or delete any threads which do not serve a beneficial purpose to the community.

    Understand that while The Lounge is here as a place to relax and discuss random topics, that doesn't mean we will allow any topic. Topics which are inflammatory, hurtful, or otherwise clash with our Mac-Forums Community Guidelines will be removed.

Credit Card Theft (cookie problem)

Joined
Jan 23, 2011
Messages
129
Reaction score
0
Points
16
Location
Wisconsin
Your Mac's Specs
iMac with OS X 10.11.2 -16GB memory
I have had my Credit card Hacked twice in the past 3 months. The bank gave me a new card after the first one was breeched and the new one was hacked too. I know it was on line since I never use it locally; I have never given it to a merchant over the phone and it was not stollen. I have always had Intego AV with anti phishing and other blocks
I am trying to lock down my computer even more
I have an iMac running Snow leopard and use Safari as my browser.

In Safari I had my Cookies setting as " Block them from third parties and advertisers" yet I have hundreds set by places like double click , Facebook, Google, twitter and other web tracking sites. I have NEVER had a Facebook account and I have never owned a cell phone yet they are setting cookies.

I tried setting my cookie setting to "Always" Block cookies. I cleared the cookies, cleared the cache and restarted my computer and the cookies are still being set . I tried this 3 times and it is not working.
What am I doing wrong?
Thanks
Barbara
 
C

chas_m

Guest
What you are doing wrong is thinking that cookies are the problem. They are not.

That Intego AV is also (obviously) doing nothing at all for you. There aren't any Mac viruses. I would recommend you uninstall it following the instructions from the manufacturer.

I would suggest that the hacking is coincidental, since it would seem to me that the thieves are using brute force on a pool of CC #s (both of your cards are from the same bank and thus probably very similar in numbers). The bank's security is more apt to have been breached than yours.

Most banks and many stores offer cheap prepaid cards, some designed specifically for Internet use where the numbers expire after a short period. For a period of time, it might be worth your while to look into one of these services. Another option would be to investigate getting a card from another bank or credit union ... at least for a while.

Another area you could look at ... is your wi-fi secure with a strong password? Are your passwords for your merchant sites easily guessable? Does anyone else share your account or Wi-Fi? Do you ever purchase goods online while using a public Wi-Fi network?
 
OP
B
Joined
Jan 23, 2011
Messages
129
Reaction score
0
Points
16
Location
Wisconsin
Your Mac's Specs
iMac with OS X 10.11.2 -16GB memory
What you are doing wrong is thinking that cookies are the problem. They are not.

That Intego AV is also (obviously) doing nothing at all for you. There aren't any Mac viruses. I would recommend you uninstall it following the instructions from the manufacturer.

I would suggest that the hacking is coincidental, since it would seem to me that the thieves are using brute force on a pool of CC #s (both of your cards are from the same bank and thus probably very similar in numbers). The bank's security is more apt to have been breached than yours.

Most banks and many stores offer cheap prepaid cards, some designed specifically for Internet use where the numbers expire after a short period. For a period of time, it might be worth your while to look into one of these services. Another option would be to investigate getting a card from another bank or credit union ... at least for a while.

Another area you could look at ... is your wi-fi secure with a strong password? Are your passwords for your merchant sites easily guessable? Does anyone else share your account or Wi-Fi? Do you ever purchase goods online while using a public Wi-Fi network?

Thanks!-I don't have WiFi at home and have never used a public Wifi Network. No one shares my account. I will change my passwords.

I am confused how Facebook and Twitter are setting cookies when I have never had a Facebook account and never had a cell phone nor a twitter account. I thought if I set the cookies to "Block always" they would be blocked after I cleared the cache and restarted the computer, but that is not the case. The same ones are being set.

You are correct the new CC ( just hacked) was from the same bank and the first 8 digits were the same as my old card. I only have one CC so perhaps I need to go to a different bank and get one there.

I will look into a prepaid CC. I don't want to totally give up all Internet shopping although I have decided to drastically limit it until I have exhausted all ideas to find where the breech is occurring.
 
C

chas_m

Guest
FB can set a cookie on any page with a "like" symbol on it, so I assume Twitter can do the same on any page you view with a "tweet" button.

Cookies do not store login info, or credit cards, so they are NOT the source of your issue. They store info like how often you've visited and whether you have an account (but not generally the account info). Cookies are the reason Amazon's page says "Hi Barbara" when you go there, even if you haven't signed in yet. :)

One other option I should have mentioned earlier: there are a lot of "fake" webpages out there that look like real pages. People often get to them by clicking on links in emails, which LOOK to be correct but are in fact directing you to another site altogether, one that has been designed to look like the site you intended to visit and grab your account info when you try to log in.

I'm presuming you already do this, but make it habit NEVER to click on a link in an email, particularly one that says it is from a bank or other financial institution. Always enter the site's address manually into a browser.
 
OP
B
Joined
Jan 23, 2011
Messages
129
Reaction score
0
Points
16
Location
Wisconsin
Your Mac's Specs
iMac with OS X 10.11.2 -16GB memory
Thanks ! Well that explains the Facebook and Twitter tracking. Nearly every site has those icons on them. I have never clicked on a "like" icon for any of them.

I never click on links in email unless I know the person is sending me something.
They know I don't want all the jokes circulating the Internet.

Twice when I had a PC I got "we need info" emails from banks I did not do business with. I called the banks in question and they had me forward the emails to their fraud department.
The logos and letter head on the emails looked authentic but they were fakes:(

As I said I try to be so careful and still I was hacked twice.
It looks like the way this hacking was accomplished may remain a mystery.
My best option may be to get a CC from a different bank
Thanks again
 
M

MacInWin

Guest
What I do (it's not perfect) is use PayPal whenever I can. Paypal has my CC info, but at least I don't have to give it every time. If my data ever gets compromised at PP, I plan to cancel that CC as soon as I hear about the breach and let the CC company know. If the merchant doesn't take PP, I try to find the product at a vendor who does. Only if I absolutely have to use that vendor do I give a CC, and then I try to use AMEX first because they have a fantastic fraud department. My card has been compromised twice in the past three years, each time they cancelled the charges and the card and issued me a new one within 24 hours. The last time the agent said that the most likely way it was compromised was from a local theater where I bought tickets with the card. They had several reports from users who had been there just before being compromised and were working with the local police department to try to find the culprit. Now I don't pay with any credit cards there anymore.
 
OP
B
Joined
Jan 23, 2011
Messages
129
Reaction score
0
Points
16
Location
Wisconsin
Your Mac's Specs
iMac with OS X 10.11.2 -16GB memory
Thanks! I am hoping to find where the breech happened, but so far they don't know where it happened the first time, so I have little hope they will find the culprit this time. I never use my card locally so it had to have occurred on line.

I think I have done all I can to secure my computer.

AMEX may be a good choice if I decide to get another card. I pay my CC bill in full each month and I think that is the policy of AMEX so it would be no problem for me.
Thanks again for the suggestions
 
M

MacInWin

Guest
I suspect (assuming you are not a victim of simple guessing at card numbers) that one of the vendors somehow disclosed your card number, rather than it happening from your computer. Or that you got spoofed onto a bogus URL that stole your number. Nothing to do with your computer at all.

As I said, I use PayPal. Doing that hides my CC number from the seller, they just get a transfer from PP to their account. So the only place my card is recorded directly is Paypal. You should look into that, too.
 
OP
B
Joined
Jan 23, 2011
Messages
129
Reaction score
0
Points
16
Location
Wisconsin
Your Mac's Specs
iMac with OS X 10.11.2 -16GB memory
The person in the fraud department at my bank said frequently small companies are less diligent in their security and then someone can get into their system and lift all of the CC info. I can't control that all I can do is be sure my computer is as secure as I can make it.
It was suggested here that I change my passwords on any site where I am registered so I will do that .
Thanks
 

chscag

Well-known member
Staff member
Admin
Joined
Jan 23, 2008
Messages
65,248
Reaction score
1,833
Points
113
Location
Keller, Texas
Your Mac's Specs
2017 27" iMac, 10.5" iPad Pro, iPhone 8, iPhone 11, iPhone 12 Mini, Numerous iPods, Monterey
I would suggest that the hacking is coincidental, since it would seem to me that the thieves are using brute force on a pool of CC #s (both of your cards are from the same bank and thus probably very similar in numbers). The bank's security is more apt to have been breached than yours.

Keep in mind nowadays that credit card thieves are very sophisticated. The statement above about brute force is very likely true. We have had our personal CC and our business CC hacked several times. On each occasion, the bank has made it good but it is indeed a headache to have to obtain new cards every time it happens.

Also, our cards were not similar in numbers but that doesn't matter to thieves. Each time it happened it was at a location far removed from where we live and the cards were not lost or used for on line purchases.

Also - your thread was moved here as it has nothing to do with being a "Switcher". Please take note of our forum descriptions before posting.
 
OP
B
Joined
Jan 23, 2011
Messages
129
Reaction score
0
Points
16
Location
Wisconsin
Your Mac's Specs
iMac with OS X 10.11.2 -16GB memory
Thanks for moving the thread ! I was not sure where to post it to find any other ideas I had not thought of for securing my computer
 
Joined
Feb 14, 2004
Messages
4,781
Reaction score
166
Points
63
Location
Groves, Texas
If your worried about cookies you might give this a try: Ghostery
I use it and don't have near as many cookies as before. It's available for several different browsers.
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top