Devlin's Weblog: March 2005 Archives

« January 2005 | Main | April 2005 »

March 10, 2005

My identity has been stolen

I've heard a lot of stories from other people about identity theft. Things from cell phones in their name to calling cards being drained with calls to Asia. It happened to me with my Discover card that I share with my wife.

Fortunately Discover Card contacted us to ask what had happened. Evidently their software heuristics sounded off an alarm since our purchasing pattern changed quite dramatically.

I took a security class from Dr. Kent Seamons last semester which made me, well, paranoid about things of this nature (a bit of it rubbed off on my wife too). When they called, my wife wouldn't give any of our information like a good girl, but only verified the information that they had to assure us that it was indeed Discover card.

They're were quite funny about it, saying things like, "yeah, we kinda noticed you don't make a lot of large purchases with your card. I have a charge on here for $4.05 at the C-o-o-ugaarreet is that yours?" Yes it is. It was at BYU's Cougareat, it's a navajo taco and yes, it's very good.

Discover closed our account immediately and sent us some new cards right away. It's very much surreal, but I'm grateful that Discover figured it out right away so we didn't have to convince them that we weren't trying to scam them.

I called Discover later to get some details about the purchases for some paperwork they sent to us. Turns out that all of the purchases were "keyed in", meaning no card was present (not sure if that would have mattered). The purchases started at 4:23 pm at Nordstrom's for $2,278. Followed quickly by $298 at Beebee Stores at 4:38 pm. The third and unsuccessful attempt was at 5:06 pm at Bed Bath and Beyond for $1,053. Discover denied the card suspecting fraud. All the purchases were made in Rhode Island where neither my wife or I have ever been -- or even close.

Makes one very curious to know how the bandits got our information. Did they send it to their accomplices across the country or did someone crack a server where our credit card was saved? I highly doubt this one, even if it is possible. It's much more likely I think that someone at a restaurant or store made theirselves a copy when we used our card. Easier. Simpler. More likely.

Posted by Devlin at 10:01 PM | Comments (0)