Late on July 19th my email alerted me to three unauthorized online purchases using my credit card. I was alerted to this by a bunch of emails from two companies that I had never heard of and would probably never use. The first email was one of those “to complete your account please verify your email address” type. The second was basically “congratulations on successful account set up” and the third and fourth was “ a gift card was sent to ‘so-and-so’ for ‘xxx’ amount”. There were two different online merchants involved. I noticed this within an hour of the first email and was able to cancel my credit card to two of the three purchases so they did not get payment authorization. I immediately reset my email password, canceled my credit card, emailed the two merchants involved (one emailed me back within hours and verified that they removed the fraudulent account; the second one has not). I checked my email activity log to see if there was log-ins from non-recognizable devices, etc and nothing overtly indicated a hack, although someone had to use that first confirmatory email to activate the merchants account. So I went to bed early Saturday morning thinking that things were OK with the exception of the email hack and that I caught it early and basically no harm done just annoyance. I also changed all my other passwords on-line that may have been breached (amazon, facebook, banking, etc) and filed an FTC report on credit card fraud as suggested by one of the merchants.
Saturday morning I checked again with the email - no new purchases noted from unauthorized websites - checked my credit union - no new credit card transactions and verified that the card has been canceled - and was reassured.
Then we had big T-storms and lost internet service for about 8 hours (second time in 20 days: stupid Spectrum). Got it back around 10:00pm last night and I tried to check my email to make sure no new mischief. And here is the puzzle: someone deleted my account!! which means the hackers were able to use my new password within <24 hours of my changing it. I called the email provider and was told that “yes, it was deleted” and “no there are no overt signs that you were hacked”. They have no explanation of why / how it was deleted. They assured me that it could and would be recovered and I should hear back from them today — well I didn’t but I will call tomorrow for a follow-up. The support tech speculated that I have malware on my laptop so I worked with the computer support tech for an hour last night going through my hard drive with anti-malware software and looking at downloads, apps, activity monitor, etc and nothing showed up to suggest virus / malware. The two support techs (email company and computer company) both mentioned that it could be a keystroke malware that is so new that the detector can’t recognize it yet.(?)
So my sick-to-my-stomach feeling is not so much my credit card situation, because I think that is safe for now, but my email situation. Does anyone know how someone could hack into my email twice, the second time within hours after the password change, and with no tracks that the email web engineers can detect? and what is the purpose of deleting my whole account? How does that benefit the hackers (revenge for catching them and stopping payments)? And how my laptop seems to be “clean” of known viruses (I have a Mac so theoretically, less prone to infection although I know that is not as true as it used to be).
I also have some concern for my physical safety because the second merchant purchase was for a package to be delivered to my home address: I am concerned that some “proper rogue” will be hanging around my home, waiting for a delivery and / or to do harm — it seems odd that they would steal from a credit card to send a package to the victim (?). Or is this a sign of incompetence.
So to sum it up: I was feeling OK after Friday by the steps that I had taken: canceled credit card, notified merchants, changed passwords, submitted fraud report to FTC, etc. But then got a big jolt when I lost my email account on Saturday night (not to mention all the info on it about my kitties’ health records that are so important and other info that is vital to my life right now) and I feel really confused and a bit uneasy and that this is directed to me personally and not a random victim caught up in the millions of scams out there.
I am also feeling very reluctant to use my credit card either on-line or in-person because who knows where the breach occurred? I have malware scanner installed now on my computer but I am also in need of advice on how to go forward and get back to feeling “normal” about using a computer and credit card.
What I am hoping you can help me with:
1. thoughts on how the hacker was able to use that first email to verify the accounts through the gift card merchant: that “last step” verification that many merchants use before they will activate an online customer account, without leaving a trace. And if he did hack into my account, why didn’t he delete the email that notified me of the account and purchases so I would have never known that this was done? Or do you think that the merchant really doesn’t wait to receive that verification response or is vulnerable to hacking on their end thus making the verification process moot? (thus I wasn’t really hacked at that time after all). That whole process of setting up the account, getting it verified through email and purchasing two gift cards was done in about 2 hours or so.
2. thoughts on the randomness of my credit card and email account being linked and hacked at the same time. Why did the hacker put in my email when he set up the merchant account? wouldn’t it have been smarter to just put in his email so that again, I wouldn’t have ever known what he had done until I got notification from my credit union about the credit card charge?
3. thoughts on how and why my email account was deleted by the hacker within hours of the password change.
4. thoughts on the likelihood of the email provider taking this seriously and restoring my account.
5. thoughts on how concerned I should be for my personal safety due to the attempt to mail a package to my home.
6. advice on how to go forward with a new credit card, a new or restored email account, and a malware protected computer (and how to be assured that my computer really is clean now) and to get back to normal.
Right now I am dazed and confused and I am looking to have some understanding which gives me some sense of control.
Oh, when doing research on the one merchant I noticed that there was a spike in complaints starting on July 19th from people who had their credit cards stolen to make unauthorized gift card purchases — so it that respect it does seem as if I was caught up in a random theft ring…...if it wasn’t for that deleted email account I could rest somewhat easier……...