While I was scrolling down the artists news I stumbled across this journal and I thought to share it despite not being able to directly help the person who experienced this nasty incident, if you can spread her journal is fine too so more people can reach her and eventually directly help her:
https://artistiacons.newgrounds.com/news/post/1514530
I know the person in question may not want to talk about details of how it happened but I want to take opportunity to mention possible causes of this event by using this website that shows some interesting causes of it:
Physical credit card theft still happens. If you forget your wallet somewhere or your wallet is stolen, a criminal can snatch your card and use it right away. A stolen or lost credit card has the unique advantage that it’s ready to use without requiring any extra steps.
Your mail can be an easy source for credit card fraud. If you throw away a pre-approved card, accidentally toss a replacement card, or forget to shred your statements, anyone can take them out of the trash and use them.
Perhaps surprisingly, family members are often the perpetrators of credit card fraud. A family member or friend you trust could have access to your cards and use them without permission. Or, a member of your family could open a credit card in your name.
These small devices collect credit card data from the card’s magnetic strips, which criminals then use to create a cloned card. Thieves install skimmers on ATMs, gas pumps, and other publicly available card readers.
Shimmers are the natural evolution of card skimmers. But instead of stealing data from your card’s magnetic strip, they go inside the reader and steal your chip information.
Open wireless connections at places like coffee shops and airports are notoriously unsafe. Hackers can use what’s called a “man-in-the-middle” (MiTM) attack to intercept your connection and collect any data you share, including credit card information.
Many modern cards use radio-frequency identification (RFID) for contactless payment. A thief close enough to you with the right device can use this technology to “scrape” your credit card information. There are very few reports of this scam, but it could grow as RFID becomes more common.
Phishing is a type of social engineering attack designed to scam you online and give up your sensitive information. A phishing message pretends to be from an organization you trust like your bank or the IRS. But if you share information by clicking on the link or responding to the email/text, the data goes directly to a hacker.
Phishing attacks can also try to get you to download attachments that include malware. This harmful software can steal sensitive data from your devices and share it with hackers. One common type of criminal software — called a keylogger — records everything you type. This includes credit card numbers, passwords, emails, and more, and sends them to the hacker.
Phishing attacks can also take place over the phone. A scammer will call posing as an authority figure who needs to confirm your credit card information. Often the scammer will use serious threats — like jail time for unpaid taxes or criminal activity on your card — to get you to act.
A rogue restaurant employee can copy your card data when you’re not looking (this scam is called shoulder surfing). Or, a call center worker can write down your information when you pay via credit card over the phone. I remember something like that happened in Japan where a man, with a strong eidetic memory, stole credit/debit card info from customers and drained their accounts.
Hackers use different types of cyber attacks to inject malicious software onto website forms. When you enter your info — including credit card numbers — they get access to them.
Researchers found “formjacking” code on major sites like Ticketmaster, Newegg, and British Airways. In 2022, security experts detected the code on over 100 real estate websites.
A thief with login information for your credit card company can use your credit as if it were their own. This form of identity theft is particularly dangerous as a fraudster can use account information to apply for new credit, take out fraudulent loans, and collect personal data.
Research shows that data breaches increased by 15% from Q2 to Q3 of 2022. Billions of account details have been leaked from Facebook, T-Mobile, Experian, LinkedIn, and more. A single data breach can expose tens of millions of credit card numbers to hackers on the Dark Web.
Many websites where you shop or pay for services offer to keep your card on file. While this can be convenient, it also means that if a hacker later accesses the company databases, they can steal that saved data(1).
https://privacy.com/blog/how-can-someone-use-my-credit-card-without-having-it
References and footnotes:
(1) https://www.aura.com/learn/how-do-people-steal-credit-card-numbers
Scudlez
People needs to be safe from these attacks, whoever did stole all of this Artists money needs to be caught and put behind bars.
ShangXian
Knowledge is the key to counterattack these attacks. I am glad the legal stuff has been put into motion reading her journal, but it's always important to stay always alert.
By far, data breaches are responsible for the most stolen credit card numbers. The FlexBooker data breach, for example, exposed ~19 million records containing partial credit card information earlier this year.
These card details end up for sale to hackers on the Dark Web for as little as $17. Unfortunately, we usually can’t (or don’t know how to) protect ourselves from data breaches.
For credit card theft that targets individuals, phishing is probably the most common method today. But scammers who steal your credit card information want to keep you blind to their scams as long as possible (to have time to max out your card).
And speaking of phishing at the beginning of this month I got a SMS in my dumb phone telling me that my debit card would have been blocked if I didn't update security info. I know these types of scams kilometers away but I still preferred to contact my financial service and inform them of the scam so they can keep track of those scams and report them to the authorities.
Another time, four years ago, I got an email telling to update my personal info, the email looked very legit but I didn't trust it, so I contacted again my bank and they old me that it was really them but that I did the right thing by contacting them anyway since phishers use these techniques.
My mother is very good at not falling for these scams but some years ago, she almost risked to fall for it. Another electricity agency had called with the intention of making us change supplier. To do this one of the key points is to request the identification number of the bill, so they can hook up to it and make you change supplier. I noticed she was on the phone and I hung up the phone immediately before she gave them the number and educated her on the matter.