|Sierra Madre Chamber of Commerce
Dec. 30, 2010
|After sending out an e-mail yesterday regarding the complaints about possible credit card fraud that appear to be related to the EVG station on Baldwin Ave., I received several replies from recipients that told me that they, or their friends or family, had been victimized. One member contacted a security consultant who responded with a message regarding his personal experiences, and suggestions on how to prevent this type of fraud from happening to you. It’s fairly long, but I am sending it to you anyway based on the large response I received. I ran it by Chief Diaz before doing this, as I don’t know the consultant involved and am not an expert in these things, and she sent the following response:
“It has been incredibly busy with the media, phone calls & a constant flow of victims in the lobby and in every room of the PD.
I can’t vouch for everything in Mr. Navarro’s email, but most of it appears to be accurate. The Calif. State Attorney’s website also has an identity crimes link with valuable information. Mr. Navarro provides a more detailed description of how some ATM/credit cards are misused at gas stations and ATMs.
Good luck, and thanks for putting the word out.”
The link the Chief refers to is https://ag.ca.gov/idtheft/
From Mr. Octavio Navarro, Security Consultant (310) 216-7784…
I have been “cloned” twice in the past 5 years. The first time close to $5K and the second time around $3.5K in just a matter of a few days. I did not have any problems dealing with Bank of America, both times I received my money back after filling up the forms and presenting my case. However, the crooks, both times went into spending binges that I could not match even if me and my girlfriend went out there with no limits. The problem happens, it happens more often than you think, and it happens quickly. VERY FAST.
In both cases there was a pattern: i.e.: the second one was really funky because there were 11 withdrawals of $300.00 all made at all 7-11s in the Hollywood/ Silverlake area, all within 2 days. Plus some other purchases.
Furthermore, in September this year someone was paying their electrical bills with my ATM card in LONDON, can you believe it? Yes, 5000 miles away, and I have not been in London in probably 5 years.
It is very likely that this problem will continue until the ATM/Credit card technology becomes a little bit more advanced. So, we need to get involved, all of us, even if you have not been cloned. It is not a matter of PARANOIA, no ladies and gentleman. It is a matter of re-taking what belongs to us, the fruits of our labor and our freedom.
To answer some of the questions:
1. No, you are not being followed or watched by the crooks. If you were being followed or watched a different type of crime would have occurred. You can bet on that.
2. Your ATM/Credit card contains a number of items:
2.a Account #
2.b Pin #
2.c Branch ID (where your original account was opened)
2.d Encryption Key
2.f Miscellaneous digital information
3. How is the card cloned:
The cards are cloned by initially reading the magnetic strip on a “magnetic card reader” very much like your ATM has, or the gas pump, or any other POS (Point of Sale) location. Magnetic card readers are available to purchase by the public at many websites.
The information in your card is recorded on a digital “binary code” (ones and zeroes) which for the crook is not really important at the moment. The card is read and the information transferred to some kind of memory devices. Some card readers have themselves storage to save up to 1,000,000 credit cards or more.
Once the operator of the reader (your “not so friendly face” behind the counter) runs the card through the “evil reader” the information is saved. The magnetic reader and storage device are now taken to the offices of “Crime Incorporated”, there another guy, perhaps very much like me, with some computer systems education, can spend some time decoding encryption and translating it into something that now makes sense to them. Once they know they have a workable translation path, they proceed to duplicate the cards.
Card duplication is also readily available in the market for applications like badge printing and others. So don’t think that someone sold to someone else privileged technology. All this junk sells as easy as a laptop or a printer and it is not regulated.
Once the cards are printed they are distributed to members of “Crime Incorporated” who are ready to hit known/ weak ATMs in the market and hit your account for as much as they can every time. That’s as far as cash is concerned. Many lend the cards to their wives or girlfriends, who knowingly go to other stores and hit your account for hundreds of dollars at Kohls, Bed Bath and Beyond, Office Depot, Walmart and even pay for the most outrageous tastes out there, you’ll be surprised of some of the stuff they buy with your card.
Finally, when the card is rejected for the first time then that card is usually destroyed by “Crime Incorporated” and they start with a new fresh card. That’s why it is hard to track when the “Cloning” happened. Your card may be cloned today but it doesn’t get used until three or four months later. So read the recommendations below for further info.
4. International Ring? or Paranoia:?
Well, the truth is that ATM/Credit card fraud is 90% of the times local. If you live in Los Angeles (or New York or Houston), you get cloned in Los Angeles, and the money is spent in Los Angeles. The remaining 9% of the time may be non-local that is: You get cloned in Los Angeles and your card is used in Houston or New Y ork. The final 1% is International and generally easier to detect and more difficult for the thieves to perform. But it does happen as I explained it happened to me. You live in Los Angeles, you get cloned in Los Angeles but your card then travels around the world to pay for the crook’s expenses. More likely you get your losses returned to you because it is very easy to show that you didn’t travel at all. Now if you traveled somewhere overseas and you were cloned there then you will have a little more difficulty showing that it wasn’t you. However, banks trust most customers and if you do diligent work you can get reimbursed for all that money.
Banks pay back a lot of money every year to their “cloned” customers because the amounts are insignificant for the size of the bank, it is not insignificant for the “crook” who may make a living of this life style for years until getting caught.
During the last 10 years there have been at least a good dozen busts where the crooks were found with tens of card readers, dozens of duplicators and thousands of blank cards ready to be printed. Fortunately the larger the operation the more risks they incur, someone always becomes careless and leave a trace that allows authorities to track the crooks.
6. ATM/Credit Card fraud vs Credit Fraud (Identity Fraud).
You must learn the difference, ATM/Credit Card fraud is what this e-mail is pretty much about. Your card got stolen or cloned and some crook performed a number of transactions which eventually you catch by looking at your statement or your bank notifies you and everything pretty much gets resolved. If that is the case do not, please, get to worked up, 99% of these situations get resolved, I know it is a pain in the neck, your account may be drained, but you WILL RECOVER from it. Fill up the forms, make your claim, report to the police and move on, you’ll get more satisfaction if you follow the steps and contribute to make this a better world.
Now, Credit Fraud or Identity Fraud, is a completely different story, more likely in these cases yes somebody is checking your information, your behavior, your habits and a lot more, like seen on TV, check your trash, etc (reason #1 for buying a shredder). This situation can be, also as seen on TV, extremely stressful, you may not get reimbursement for the expenses, it may take years to resolve and it can actually land you in a prison. The cases are minimal compared to the ATM/Credit Card cloning. It doesn’t mean that you have to pay less attention, but some of the recommendations below will reduce you chances of falling for a Credit Fraud/ Identity fraud case.
By the way, even if you follow all the recommendations it does not mean that you are protected forever, it is only a way of creating obstacles for the crooks and have them give up before reaching their goals, but if they are “motivated” they will overcome the obstacles and clone your cards.
In my personal case I had to take some actions that at the beginning felt like a pain in the neck, however, they have become part of my routine, like everything else in our lives, re-educate, and I’m more than happy to share my experience, here are some of the actions that make me feel better today:
1. General Stuff
1.a. Put your phone #s and addresses in the National Do Not Call Center: https://www.donotcall.gov/ This protects you against excessive telemarketing, receiving unwanted/ excessive junk mail. The less your information is out there the less chances of being a victim. Be strong and determined about this. If you get a phone call from an unwanted telemarketer, con them and get their phone #s, addresses and other info possible and report them to the same office. Fight this.
1.b Repeat the same with unwanted e-mail (National Do Not Call Center)
1.c send REMOVE requests to those who do not give you the opportunity of “UNSUBSCRIBING”. If you get a link for UNSUBSCRIBE then do it, do not delete the e-mail. And when you are done, report it as SPAM. By law the sender is supposed to give you the opportunity to UBSUBSCRIBE. Anyone who sends you an unsolicited e-mail and does not give you a link to UNSUBSCRIBE is BREAKING THE LAW.
2. Credit Protection
2.a If you can afford it get a “credit protection agency” they report to you monthly, and some have “cellular phone” warnings, so if someone attempts to use your credit (I mean apply for credit fraudlently) you get “texted” immediately and you can immediately make the phone call. Some of the credit protection agencies charge between $15 to $25/month for the service.
2.b Now, talking about phone calls: Yes, more homework, add to your cell the telephone #s of your credit protection agency, fraud bureau of your bank or banks, credit card customer service phone #s, and every other phone that may be of particular interest.
3. Credit Cards
3.a Many Credit Card companies now have also “Text” notifications when you cards are used. My bank “texts” me faster than the time that it takes to the waiter to come back from the register with my card. And this is not only true but extremely “peace-of-mind-ly”…if you know what I mean.
3.b Too many credit cards become a “management” problem, but this is your thing, so if you want to reduce the risk then manage them. Do not blame anyone else later.
4. Purchasing habits.
4.a If you need to stop and buy gas at a station that you have never been before it is better to use the ATM if available and get the money and then pay cash.
4.b Do not use ATMs where you have to hand your card to the attendant.
4.c When possible avoid ATMs that do not have a camera (this is what happened to me with the 7-11s, however most 7-11s have been upgraded with Citibank ATMs that do have cameras).
4.d If you need to buy gas and you do not have cash try to pay at the pump. If you have one gallon of gas in your car chances are that there is one ATM within range Wells Fargo, Bank of America or other, yes, you may have to pay a fee, but it is better a “friendly face” than a “furious foe”… One gallon of gas unless you drive a Corvette will let you drive at least 10 miles.
4.e Do not use ATMs that appear to be “damaged”, modified, broken, or “smell funny”.. follow your heart, if the ATMs doesn’t look right DO NOT USE IT.
4.f Most “cloning” occurs beyond your sight. If you need to give your card to an attendant DO NOT LOOSE SIGHT of your card. If the attendant runs your card on somewhere underneath the counter STOP THE TRANSACTION Immediately and report it, check with your bank, and/or replace your ATM card IMMEDIATELY.
4.g The most difficult of all: Buy always at the same place, become what you really are: a creature of habit. Buy where they know you and where you know them. Sometimes we do need to buy at a new place, and that is probably unavoidable. I know that. So, if you must buy at that new place, make sure you follow the advise in the previous paragraphs.
4.h Needless to say, check your bank statements as often as possible.
I know that is a lot of stuff to keep in your mind, but the tighter the rope around a crook’s neck, the better we are. Every single precaution counts. Every little bit helps. We need to be more pro-active protecting our assets. And of course, the older we get the more important is to protect these assets. Teach the young too, “teach them well” (Crosby, Stills, Nash & Young), tell them that they are doing something to help the world and they will listen.
5. Traveling Overseas
5.a There’s no safe place anywhere in the world. So here is another set of recommendations:
5.b My last few trips overseas (Spain, Italy, Switzerland, Denmark, Greece, etc) I have been able to book pretty much everything in advanced via Orbitz or Expedia. Car rental, hotels, trains, air fares, entertainment, etc. I know, I know I know, but there’s so much stuff once you get there…. Well, yes, so get your traveler checks, record their numbers on your cellular, and also the emergency phone # of the issuing bank.
5.c Get some currency in advance (Euros, Yens, or whatever you are going to need) you need to become familiar with the transaction dynamics of the country before you start using your credit card there. If you are computer savvy then make sure you check your transactions everyday or every other day on the Internet, when Overseas you must be ahead of the game. Things happen much faster there.
5.d Say you are going to stay 10 days in Madrid, then become aware of your surroundings, that is: if you need to exchange your Traveler Checks always go to the same place. If you are going to use an ATM use always the same ATM. Try to reduce your ATM/ Credit Card usage on shops and restaurants.
5.e As you use your traveler checks record the numbers on your cell, as they should have been entered before you left the US.
I know that this is a lot but I hate it when someone becomes a victim of today’s usage of technology. I have spent the last 25 years of my life fighting Cyber Crime, Computer Misuse/ Abuse and during the last 17 years helping Law Enforcement Agencies make use of computer systems to fight crime more adequately. Everyday there’s a new challenge but things get better, however, as Law Enforcement Agencies get better, crooks also get smarter. I do believe that the distance is getting shorter…
Thank you, Octavio.
Finally, I saw a comment on the website of one of our members that sums things up pretty well, and since I couldn’t say it any better, I’m going to repeat what Kim C. said on SierraMadrePatch.com:
“In a small community like this where you see most merchants daily as you walk and drive through town, there is a great deal of trust….after all these are people who you see all the time. It is sad when someone violates that trust and robs the community of its feeling of security. It in a way it diminishes the feeling that we have something far better here in Sierra Madre, and might make one feel as though even here in our sweet little town we must be as paranoid and fearful as most people are in the rest of the LA area . It would be very sad if we let this incident take that away from us for good.”
Sierra Madre Chamber of Commerce