If you’re going to hack in to my account…
… try doing it to one that doesn’t email me to tell me that you did.
On Friday morning, I stopped at Starbucks on my way back from teaching class/running to get a drink. I used my debit card to upload $20 on to my Starbucks card, then used that to pay. Then went on my happy way.
I randomly decided to check my yahoo (read: spam) account later than morning and saw there was an email confirming a $100 Starbucks card reload from my credit card. Huh? I was super confused. I used my debit card that morning, and asked for $20… what the heck happened?
At first I thought the email was spam. So I googled the phone number in the email, and sure enough, it was the Starbucks phone number*.
I checked my bank account, and the $20 debit charge was on there, as well as a pending charge to my credit card. I called Starbucks and lo and behold, someone hacked in to my account, where my credit card was linked**, and then gifted themselves a $100 credit to their account.
Derpitty duh. You hacked in to my account then it sends me an email about your e-gift to yourself? Smart move.
Starbucks shut the order down, took my credit card info off, and is looking in to the IP address for the email*** that the e-gift was sent to.
Starbucks handled it really well and helped me out a ton. I also called my bank and ordered a new credit card, just to be safe.
But gah! I was happy I looked at my spam email account that day! I sometimes go a few days and forget to look at it! I would have been annoyed if that $100 charge would have gone through on my card!
Have you ever had an account/credit card hacked/compromised?
I hope not! But luckily, the banks are really good about detecting fraud now.
*Although the first time I called it, it went to some spammy “win a free vacation” message, which freaked me out.
**I didn’t even realize my card was linked. Awhile ago, Steven asked me why I still use a credit/debit card to add money to my Starbucks card, and don’t just link a card to my account and upload it using the app. Ha, well, my reasoning is that I pay more attention to how much money I put on the card if it requires more action than pressing a button on my phone. You know, the act of getting the card out of my wallet, and telling the cashier how much to put on really makes me think about it. Ha ha. Well, that plus the fact that the app rarely works in the building I most commonly get Starbucks from by my office. But it looks like I could have been using it all this time anyway.
***They gave me the email too, but of course it’s all spammy.
Themocracy
Wow, scary! I’m glad you caught it ASAP and had it taken care of.
This reminds me of the guy who recently broke into someone’s house and then called 911 because the owner had a gun. Dumb criminals!
I was hacked once on a credit card but was lucky to have it handled right away. I obsessively check my accounts. Haha, does that surprise you??
Ha! And what about the guy who broke in to someone’s house then logged in from their Facebook page… and left himself logged in? Derrrrrrrrrrrr.
No, that does NOT surprise me! LOL! I am happy you got it handled right away!
Jeeze. That sucks. 🙁
I hope you changed the password to your app from your phone and not your computer. Because it could have been compromised through malware/etx on your computer.
I’d reccommed to unlink your debit card from the app and only use your credit card in the future. (And that goes for buying stuff in general) because if your debit card gets cloned/account gets hacked you are screwed if they drain the money out of your account. Could take a week or more to put your funds back in. Whereas if your CC got compromised your bank account would still be intact.
I don’t even have the app on my phone! And it very well could be something on my computer. Who knows.
And the debit was never linked to the app. My credit card was linked to the account. But yeah, I know I am supposed to use my CC for online purchases, etc. I figured I was okay using my debit at the store… maybe not? 😉
Another thought – I wonder if Starbucks was on the list of accounts that got hacked awhile ago! LOL. I was pretty meh about all that.
You need to change your password to your account from your phone (because it sounds like your account was compromised somehow. If you change it on your PC, it wouldn’t make a difference if your PC has some malware or something in it or like you mentioned, could have been part of a breach earlier). And unlink your card from that site. (I’ve had to listen to L’s lectures plenty of times about this kind of thing…) this is his job (kind of)…
Using your debit card at the store isn’t ideal either. (For my reasons above) L has made me switch to using my CC for purchases everywhere because someone can clone your card so fast and it would suck to have your bank account drained.
They unlinked the card on Friday, when I called them 😉 Maybe I’ll add the app back on my phone to change it. I am not super worried… seems like a weird one off sort of thing.
I once had my Paypal account hacked so someone could pay for a camera they won on ebay. I was able to report it and have it taken care of pretty quickly.
Another recommendation – change the email account on your Starbucks app to the one you regularly use.
I am happy that you got it all figured out!
I keep gmail for personal and blog stuff and all the account crap goes to yahoo so I will keep it that way. I’ll just try to check it once a day.
Ah, well as long as you check it regularly. I just use a lot of filters in Gmail.
Eek. Scary. So often I blow over my spam emails, so this is a good reminder to pay attention.
Madness at least US banks are pretty good about dealing with these things…it’d be a bit of a nightmare at home in Ireland!
Good for you on the quick catch! Nip that shit in the bud! My credit card company’s fraud detection really impressed me a couple of months ago. I called our resort in the Dominican Republic to prepay our all-inclusive fees. I was using the landline at work, and before I had even hung up the phone with their customer service, my credit card people were calling my cell phone to make sure the off-shore charge was legit.
Isn’t that crazy awesome how fast they act? Steven has had that happen with one of his accounts (his was someone else though) and we were impressed that they caught it so quickly!
You’re like, I am going to the Dominican Republic for realz, yo!
Our credit card got used on a dating site in England during the Olympics. The bank caught it after the second charge to the card and quickly resolved it…after accusing me and my wife of using the dating site…They seriously asked if I was sure my wife wouldn’t have used the card for the dating site. WOW!
Oh gosh! That could have been awkward! Sounds like something out of a movie!
We had a breech at the cafeteria in my work building and a lot of people were impacted. My credit card company was on top of it and called to confirm a purchase in FL and put a hold on my card. I ended up having to get two new credit cards bc I didn’t know right away where my card had been swiped and I used a different one there just after. I had that one cancelled just in case.
Oh man, that stinks! Good thing your card co caught it! I bet that made people not want to use the cafeteria for awhile.
this hasn’t happened to me…but this week we were super glad that we have our square receipts emailed to us because we caught that mr. dawn was charged for an extra salad that he didn’t get. i love email tracking!
Glad you caught this before the charge went through on your card. The temp auth charges are the easiest to dispute.
Also kudos to Starbucks for getting this cleared up.
As for me, I had a couple credit cards over the years that were compromised. One was a $1200 charge for a storage unit in New York. Once I contacted my credit card company and they could see that all of my legit charges were good, they cancelled the card and removed the bad charges. I did have to fill out a few forms stating that I did not make these purchases. Scary stuff and you want to find out how it happened (I never did, but had my suspicions based on recent charges I made online.)
It actually did end up going through that following Monday. The bank didn’t understand to mark it as fraud so I had to call them and SB again. Then wait a few weeks to pay my CC. I am still waiting to sign those forms similar to yours! They are supposed to come to the house. I am happy you got it taken care of!