Since I am already on the "list" for my first NFA item back in 1993,
I am not a cash only firearms stuff buyer.

I often use my credit card when ordering from various gun and ammo companies.
Just like with bike stuff, car stuff, gym stuff, clothes, etc.

These are legit companies, in America. EMS, REI, PSA, etc.

I had gone a decade or two and only had a credit card compromised once. And that was when I would often order a watch from Asia or give a credit card number over a phone when less of the companies in the US were internet order available.

In the past year or two,
With no CC info given over the phone, no non US orders,
No orders other than US legit companies from home computer,
I am now on my fifth damn time of getting fraudulent charges and having to change my damn credit card number.

We just got our card changed in November,
And today it is already jacked up again.

Huge pain in the ass.

How often does this happen so often?

Everyone I know has had it happen once or twice in the past few years,
This is crazy.

I have had it happen three times over 12 years on my Visa. Its never been a real hassle they call and ask if it was me and if not they send me a new card, I have never had to dispute charges or had a problem other than not having a card for a couple days while the new one arrives. We use our cards a lot. we get points so we just pay off the card each month.

The huge pain in the ass is my wife has a lot of bills set up automatically.
That have to be all redone.
Instead of mailing checks every month for phone, gas, electric, cable, etc. she has them all set up automatic.

Twice in about 6 years. I notified my bank on Friday, worked the weekend, went in Monday morning, signed my name one time on a form saying I attest I didn't do the charges, and had my money back that day by lunch.
Ill relay a story a MasterCard employee told me over the phone last time- He had just worked a case from, as he put it.."a VERY VERY old couple", who had just fairly recently gotten their very first Debit card, ever. They promptly put it in a drawer and NEVER used it!
THAT CARD GOT HACKED!! MasterCard verified they never used it, and of course they got the money back. So, hell if I know how its happening. How can someone in THE NETHERLANDS hack an old Alabama boys accnt....get tickets to a play, stay in a 5 star hotel, and eat at a 5 star restaurant? Dang if I know.

I had my .gov card get hacked two days after I activated it and booked flights and a hotel. No phone call from the company asking if I was in Brazil trying to by $14k in electronics. Just shut it off. I found out it was closed when I arrived in CA on my trip and tried to check into the hotel. Had to use my personal card for two days until my new card arrived at the hotel. I was reimbursed but still a huge pain in the ass.

The lowest form of human behind a rapist or murderer is a ****ing thief.

I am now on my fifth damn time of getting fraudulent charges and having to change my damn credit card number.

How often does this happen so often?

The answer is quite simple. It is one of two things. Either your home computer is compromised (most likely scenario) or the websites to which you placed orders were compromised, legitimacy matters not. If someone wants something bad enough, no amount of legitimacy will keep them out. Credit card numbers are harvested from various sources and sold on the dark web fairly cheaply. Russian and other organized criminal gangs pay groups of people to target and harvest credit card information.

In general, people need to get an order of magnitude smarter about using their computers or this will only continue to increase.

Your best protection is as follows, in order of priority.

- Keep Adobe Flash up to date, better to not use it at all (As on the day a new version is released)
- Keep Oracle Java up to date, better to not use it at all (As on the day a new version is released)
- Install a Java Script blocker in your web browser. (I use no script)
- Remove admin access from all but one account and only use it to install software
- Turn on any OS protections that prevent malicious installation of software
- Don't use IE
- Keep Firefox or Chrome up to date
- Run Super Anti-Spyware, Malware bytes and Windows defender at least once per month, better to run it once per week
- AV software is next to useless, do not rely on it

Go to this site: Download Zip File (https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx) and execute "Autoruns."

(Right click and run as administrator) Then, ONLY IN the LOGON tab, right click and "verify" every piece of software in every line in the LOGON tab

Right click and submit an MD5 to virus total. After the hash is analyzed you'll get back XX/54 if XX = anything other than 0 delete it.

Uncheck anything you don't recognize, or that doesn't need to run when you login. Don't do something stupid and don't go to any other tab or you'll hose up your computer permanently.

I'm sure there are others with experience, feel free to add measures you take to protect yourself. If you do nothing but AV software you are likely already compromised.

Compromised... Cards get compromised, not hacked. It's not a computer, it can't be hacked into. This is the financial world version of magazine vs clip...

That said if it isn't your computer or the company sites, what you're probably falling victim to is a BIN Attack. It's where the criminal has a single known good card number, and can extrapolate further good numbers off of that known good number (I'm explaining just the very roughest of details here). Cards in the same sequence generally have the same expiration date (printed at the same time). It's only a matter of patience then in trying cards for small transactions to get a "hit," then go time. You can never use your card and still end up getting hit due to a BIN attack, though bank software is getting better at randomizing card numbers so that batches aren't sequenced, and catching out of pattern transactions before they're even posted to the accounts.

Your computer leaves tracks as do the web servers where you buy stuff. Look no further than Home Depot or Target for examples of POS compromises. Millions of cards were compromised at the POS devices. You type your credit card number on your computer when you buy stuff online. One of the most common tools, in exploit kits, is a key logger, that will log every single key stroke and store it in a file for upload to their command and control servers. It is frighteningly simple.

I see you edited your post. -Disregard most of what I just wrote and yes there are other ways as you mention.

I added acknowledgement of your computer concerns, nothing else. :-)

How does one explain the compromising of people's cards that are never used? Like the old couple in the example a few posts above.

Reread my post mentioning BIN Attacks. You never need to use your card.

Ive had my card numbers compromised a number of times. Ive gotten to the point that I just log into my accounts and check for charges on a weekly basis. Do it with all my cards and accounts. Visa, MC, AMEx all get attacked regularly and more often than not they have breeches. More often than not they dont say squat except to those that are affected. Wireless POS terminals are also points of weakness. Better yet, the outsourced CC processing centers manned by cheap labor are a good point of weakness.

The number of attacks that are ongoing is mind boggling. If there was some requirement for banks and CC companies to routinely report their breeches, not a soul on the planet would trust them. We'd all be bartering chickens and goats.

How does one explain the compromising of people's cards that are never used? Like the old couple in the example a few posts above.

Generate a number. Put it on the magnetic strip of any card. Go to WalMart and try it for pack of gum. If it works, go back to electronics and grab a TV. If it doesn't work, repeat above.

With the proliferation of cards, its not all that hard to pick a winner.

ditto just got a new card this week for our one that was compromised but often to its at the store itself somehow gets hacked forgot what hobby store had that a bit ago etc...

I carry more cash these days and for little things I use cash a lot online I have been pretty good and going to try to use apple pay more since the token thing is much safer

sadly its the way things are these days and no real penalty to the people doing it anymore ? they need to start doing serious time etc..

Reread my post mentioning BIN Attacks. You never need to use your card.

Explains how I had a debit card that was a temp card that was given to me at the bank that before I made it back home had fraudulent charges on. Regardless I no longer use that bank, the two final lines were that bank manager telling me after I stated I preferred paying in cash for many things, that cash was a high unreliable method of payment, (What third world ****ing shit hole did you crawl out of bitch?) and then having not only a bank manager but also the mother****ing fraud specialize ask me repeated if I was sure that I wanted to actually file the fraud claim for charges that were made out of ****ing Russia!!!!!!! when I hadn't been out of the country and both going, well maybe you just don't recall making those purchases. **** THOSE COCKSUCKERS!!!!!!!! Since leaving that bank two years ago I have had but one breach, that was quickly handled and fixed, opposed to regular breaches that would occur every few months.

Oddly enough, in the two years since you changed banks they have all gotten far better about preventing the attacks.

That said, it seems like they have a bigger issue at that bank regarding their customer service. I've had a card compromised before and there was not a word of doubt when I called about my claim. Just some clarifying questions that I know that they're required to ask, and an affidavit in my email for me to sign and send back saying that I did not make the charges. (Over three grand at an electronics retailer. Common really, TV's are easily "flipped" and unlike many high dollar items the serial numbers are almost never tracked with the sale.)

Now is the second most important time of year to keep track of everything with an extra bit of vigilance. Thieves know that many Americans carry larger than standard balances in their bank accounts as tax refunds come rolling in, and retailers don't bat an eye at large purchases when the person doing the buying mentions that they just got their money back...

In 10yrs I've had one card get fraud charges.

They need to start hanging these bastards in public. The economic impact is tremendous.

Mega, you just jinxed yourself for the next 10 years as you are most certainly the exception.

I'm right there with him... That single charge I mentioned in easily a decade if not more time. That said, I handle my cards in a very unique manner. I have dedicated cards for specific types of transactions and never keep a card longer than two years. Most companies make it pretty easy to get a replacement and if you've got each one labeled for what it's used (a little sharpie on the face of the card; online, EDC, memberships, NFA, etc...) then it's easy to know what to change when the new one comes in.

Oddly enough, in the two years since you changed banks they have all gotten far better about preventing the attacks.

That said, it seems like they have a bigger issue at that bank regarding their customer service. I've had a card compromised before and there was not a word of doubt when I called about my claim. Just some clarifying questions that I know that they're required to ask, and an affidavit in my email for me to sign and send back saying that I did not make the charges. (Over three grand at an electronics retailer. Common really, TV's are easily "flipped" and unlike many high dollar items the serial numbers are almost never tracked with the sale.)

Now is the second most important time of year to keep track of everything with an extra bit of vigilance. Thieves know that many Americans carry larger than standard balances in their bank accounts as tax refunds come rolling in, and retailers don't bat an eye at large purchases when the person doing the buying mentions that they just got their money back...

I don't doubt that there have been advances, but even if that bank was to come out being the best in cyber security I'd never go back after the shit I dealt with having them. At least with my current bank the single breach that I did have they called me before I even had time to find out, which beats the hell out of my previous bank which I always had to find out and tell them, to ask me if I had made this purchase. No? Will send you out a new card and cancel the current one and have it fixed ASAP.

As far as watching one's accounts. I check my stuff usually at least every other day, normally once a day along with keeping track of what I am buying. That said, I have not gotten so far as to cards set up for specific things. Though I have seriously, and likely will, get a card just for internet purchases. But, that is almost what I use my current credit card for anyway, that and bills. Hey, I get the cash back so it sort of works out that way.