in Follow-Up, Meddling

Scratch ANOTHER credit card. Sigh

Kelly was checking her email this morning, expecting to find more birthday greetings. Instead, she turned to me and asked me if I had purchased pizza at Domino’s. Buying pizza at 7 AM is a little … unconventional, so I walked over to see why she would pose such a silly question. Turns out she was reading a “fraud alert” email from our credit card company, showing a purchase at Domino’s sometime today.

Cue the internal cursing and rolling eyes.

A phone call to the credit card company confirmed our fears. Someone had purchased $40 worth of Domino’s pizza in Missouri and used our credit card to do it. Our card was promptly canceled and new ones put in the mail.

It had been less than two weeks that we had those particular cards. Two. Fricking. Weeks (in truth, these new cards had the same number as our old cards but with a different CVV).

Turns out, last night I bought something online just a few hours prior. Rather than buy yet another product from Amazon, I bought it from a mom-and-pop shop. I don’t know for sure but I’m assuming their e-commerce website has been hacked.

This morning I filed a credit card fraud report with Raleigh Police, though I found out after filing it that since the crime didn’t occur in the City of Raleigh it was out of RPD’s jurisdiction. I also called the area PD in Missouri and asked for a detective to call me back. Finally, I left a message at the Domino’s letting them know what had happened. Have not yet heard back from anyone, though I did miss a call from RPD this evening. I figured this incident was more promising for prosecution than the last one since the last time was apparently a road-trip spending spree and it’s a bit easier to figure out who it was who picked up a pizza (or had one delivered). There’s more to go on.

It did get me wondering: who is the victim in this scenario? It was my card used but I don’t have to pay the fraudulent charge. Domino’s traded pizza for a fraudulent payment yet they’ll likely be reimbursed by the credit card company. Finally, the credit card company will likely write off the fraud like the $21.48 billion dollars worth of fraud the industry suffers each year. Now, I am motivated to get these perps some jail time. Domino’s doesn’t five a shit because they got paid, and the credit card company sure ain’t gonna sweat $40 if they’re losing billions elsewhere. Likely outcome? The Pizza Perps walk.

So if no one is willing to go after these crooks, what are the options? A coworker mentioned that some credit card companies offer one-time “virtual credit card numbers” that can be used when making purchases from vendors of unknown honesty (or security). Only my card no longer offers this feature due to lack of demand. I did find mention of an interesting startup called Privacy.com which can tack a virtual number onto your existing credit card but it’s only in “invitation” mode at this stage. I’m hoping I can get in.

In the meantime, I’m thinking we’ll keep at least two cards: one for trusted vendors (Amazon, groceries, airlines, online bills, etc.) and one for untrusted vendors (mom-and-pop stores with dubious security). I’m hoping to lessen the impact of the next credit card breach (because another breach is inevitable, sadly) so that the card we use most (the trusted one) is shielded from unnecessary exposure. We’ll give it a try for a little while and I’ll report back how it works.

Now if you’ll excuse me, I have a zillion automatic payment websites to update. Sigh.