Online Fraud, Safe Shopping, Internet Security, Identity Theft

Some cheeky fucker tried to buy themselves a new vacuum cleaner online in the Boxing Day sales with my credit card (they also opted to spread it over four payments which seems idiotic). I hardly ever use it except for big purchases where I want more protection so I'm not sure how they got the details; I actually used it a bit more in the US when I was there last month and they tend to whisk your card away to do god knows what with it so at first I thought that would be the culprit but it's a UK site selling the cleaner. Only online store I remember I used it with recently is Etsy which I'd hope would be secure but I have to admit I no longer have any idea how people straight up steal credit card details any more (as opposed to identity theft which seems more popular). NatWest called me out of the blue saying there'd been suspicious activity, cancelled the card and refunded me so there was no damage to me thankfully but this is the first time I've had the fraud call and was like 'woah that was NOT me buying that'.

Friend had iPhone lifted. Seems as though the thief has removed the sim card and successfully posed as said friend in Whatsapp conversations, including asking for a reminder of email address which they then tried to reset the password for - presumably they were hoping to reset via text.

Difficult to know exactly what was happening, and thankfully it seems like the thief just got a blocked and reported phone, but this seems like a glaring vulnerability in Whatsapp if true. Will now have to be paranoid wondering if people are who they say they are on there.

Fuck WhatsApp sky-high.

Convenience > Security for most people.

Also, what @chrisbmx116 said

As it happens I deleted it this week. Growing less comfortable being in the Facebook ecosystem.

https://www.signal.org/

Wouldn't locking your phone solve this issue?

You'd have thought/hoped.

To clarify, this is what we think happened:

Thief steals phone. Immediately turns it off. Removes sim and places it in another phone. Installs Whatsapp. Whatsapp syncs with the number on the sim. Thief starts receiving Whatsapp messages to that number and is able to respond, and has also messaged contacts from groups (including me) in one-to-one conversations seemingly at will.

Meanwhile my friend has logged onto iCloud in an attempt to find the phone and it's offline the entire time. He uses his girlfriend's phone to interact with the thief in an attempt to recover the phone. Friend has also reported phone to mobile operator, but thief has continued to be able to use Whatsapp for a period of time afterwards.

Oh right, I see. I thought you meant they were using it on the stolen phone.

Use 2FA, hope that your friends are smart enough to do the same I guess?

https://faq.whatsapp.com/en/android/26000021/?category=5245245

I guess no one uses a SIM lock these days?

smart enough

I don't think it's really a case of being smart enough. Should be on by default, but I guess they wouldn't enjoy all the billions of users if they did.

If you order a brown thing and the online shop sends you a green thing, that should be covered by the Consumer Rights Act (https://www.which.co.uk/consumer-rights/regulation/consumer-rights-act) yes?

Should the buyer be expected to cover the return costs of the wrong-coloured item? It's a coffee table so probably not cheap to send back.

Consumer Contracts regs as bought online.

Not legal advice: But just tell them you haven't been given the item you paid for and they need to provide it. If they want the wrong item back, ask them to pick up at a reasonably convenient time to you.

If any issues speak to your CC provider, who will generally take it off your bill very quickly and then it's not your problem.

Spanks. I've already told her to say it's not as described and to send what was actually ordered but just wanted to confirm I'm not making this shit up.

Someone is trying to blackmail me. I'm almost certain they are bluffing about most of this, any advice appreciated. Anyone experienced this?

They know an old password for some online retail site, all others have been changed.

Ignore it, it's a template and all bluffing.

It's based on scraping exposed data sets, finding any old email and password combination, and then emailing the template to them.

Note that the actual threat has no specifics of your social media accounts, etc.

If you look up that bitcoin address at blockchain.info you'll probably see that lots of people have fallen for it.

Yes - it’s nonsense.

You could consider ways to wind them up though for shits and giggles.

Same happened to me .. I asked them which sex sites I’d visited and the list they sent barely scratched the surface so I knew it was a scam.

I've had on of those - given that I don't have a webcam it seems unlikely to be genuine. That and the fact that I am saving my purity for Jebus.

Thanks everyone I feel much reassured. Have disabled all my social media accounts, which might be a good thing anyway for a few days. Also emailed a policewoman I know, hope she doesn;t waste any time on it. Maybe I'll email again and tell her not to worry.

Also remember to wash the sock if you won't be using it for a while.

I’ve had the same template in the past it’s total bullshit. They’ll send lots more with ever increasing threats, just ignore or block the email address.

Some cheeky chappy is trying to obtain credit cards with my details, had two hard searches pop up in the last two days on my credit file, now got the credit agency in dispute with the banks to get them removed

Guess next step is paying CIFAS to put a mark against my file?

Phoned one of the banks who was useless and told me to deal with Action Fraud, tried completing the online form at action fraud to get told identify theft isn't a crime and as I had no crime to report basically spat me out the system

I guess the good news is CreditKarma (formerlly noodle) works at it has emailed each time a credit search has been undertaken although it only uses one of the credit agencies unfortunately

Auction Fraud was useless when my dad got defrauded over a camera sale, I rang Hermes and they returned their courier as they said there had been lots of weirdness around parcels to that address.

Good luck getting it sorted! Maybe moneysavingexpert has tips?