Welcome to the updated Slickdeals redesign beta. Learn more and give us feedback. Or, return to the classic view.

Search in
Forum Thread
Rakuten (Buy.com) Discounts, Deals and Coupon Codes

Rakuten Buy.com Customers Getting Fraudulent Credit Card Charges

rrmoore 198 May 9, 2013 at 10:33 AM in Online Only (2) More Rakuten (Buy.com) Deals
Deal
Score
+156
236,395 Views
Buy Now

Thread Details

SD USERS REPORTING CREDIT CARD FRAUD VIA RAKUTEN SHOPPING SITE: 346

Many posts within SlickDeals have multiple threads about fraudulent credit card account transactions occurring within a few weeks of placing an order at Rakuten Buy.com. If you have been affected, please post your experience here so the magnitude of Rakuten Buy.com's apparent security breach and the impact on the affected Rakuten customers may be known. (Please save other issues, either regarding Rakuten, or other issues with credit card misuse to other posts.)

If you are one of the affected Rakuten customers, please make a post with (1) first date of the fraud transaction and (2) the most recent Rakuten.com order date (if there was one).
The most important thing however is to just be counted, if you're one of the affected customers.

RAKUTEN SHOPPING would like to hear from you directly:
*PHONE: Nick Thompson (Head of Customer Experience) 877-880-1030, ext. 2095.
*E-MAIL QUESTIONNAIRE: http://slickdeals.net/forums/showpost.php?p=60106758&postcount=622 -- Dedicated e-mail address rakuten-help@mail.rakuten.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Newspaper & Other Media Reports on this recent Rakuten/Buy.com Apparent Security Breach:

Consumer Reports The Consumerist [Jun-6-2013] -- "Here’s Everything We Know About The Rakuten/Buy.com Credit Card Breaches" -- post by 'steveliv', updated 'daniel32'
http://consumerist.com/2013/06/06/heres-everything-we-know-about-the-rakutenbuy-com-credit-card-breaches/ --and--- http://consumerist.com/2013/06/10...seriously/

New Jersey Record News [May-28-2013] -- "Bogota Police Warn Website Users of Suspicious Charges" -- posted by 'AnnoyedwithRakuten'
http://www.northjersey.com/news/B...l?page=all

Yahoo! Finance & MoneyTalksNews [Jun-6-2013] -- "Rakuten.com Customers Reporting Credit Card Fraud" -- txs 'krazyshopper'
http://finance.yahoo.com/news/rak...31825.html and http://www.moneytalksnews.com/201...ard-fraud/

Gizmodo via RakutenFraud.com [Jun-7-2013] -- "Gizmodo Announces They Will No Longer Post Rakuten Deals" -- txs to 'RakutenFraud.com'
http://rakutenfraud.com/2013/06/g...bORZRHn81I

StoreFrontBackTalk [Jun-12-2013] -- "Rakuten Breach: Live By The Web, Get Punished By The Web" -- txs to 'RakutenFraud.com'
http://storefrontbacktalk.com/sec...y-the-web/

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Summary of the conclusions made by the contributors of this forum:

(1) Identity thieves obtained credit card #'s and SSN #'s from some Rakuten Customers
[Ref: News Story & NJ Police Interview http://www.northjersey.com/news/B...l?page=all -- 'AnnoyedwithRakuten']
[Ref: Additionally http://www.bergendispatch.com/art...arges.aspx]
[Ref: 'scotthall3411' Post #462, etc.]

(2) Many other users have been affected outside of the SlickDeals community
[Ref: Specialized Site Now Available: http://rakutenfraud.com/]

(3) The apparent security breach is not limited to just customers who placed orders. Several have reported credit card details were taken from their Rakuten My Account screen.
[Ref: 'Cletus81' Post #435, 'missmex1' Post #445]

(4) The apparent security breach was not at the credit card payment processing agent.
[Ref: 'mirai' Post #437]

(5) Customers using credit, debit cards and Gift Cards have been affected.
[Ref: Thread postings and external sites.]

(6) Almost 100% of all fraud reports are from customers who gave Rakuten their credit (or debit) card directly (rather than using payment gateways or other payment methods (gift cards, etc.)
[Ref: Thread postings.]

(7) Many customers were able to uniquely identify Rakuten as the source of the credit card theft.
[Ref: Many thread postings from customers using a one-time Virtual Credit Card Number, a new credit card only used at Rakuten, or a new Gift Card.]

(8) Rakuten Buy.com denies that any security breach has occurred, though they are "cooperating with police".
[Ref: News Story & NJ Police Interview http://www.northjersey.com/news/B...l?page=all -- 'AnnoyedwithRakuten']

(9) Using a Virtual Credit Card Number or Gift Cards at Rakuten may not be the best alternative.
[Ref: 'GPz1100' Post #205, Post #447, etc. Several affected customers posted their VCCN's later breach caused the credit card company to reissue a new card.]
[Ref: 'namlook' Post #449, etc. Hacker's later emptied the gift card or sold the balance on eBay.]
[Ref: 'bargainfinder09' Post #449 Must close VCCN out afterwards.]

(10) The apparent security breach still exists at Rakuten today, and a Rakuten customer order is not required to generate the subsequent CC fraud.
[Ref: 'Edxzxz' Post #583]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please scroll down to the Wiki for important messages from users
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[Full Text of the News Story] New Jersey Record News [May-28-2013] -- "Bogota Police Warn Website Users of Suspicious Charges"
BY DENISA R. SUPERVILLE, STAFF WRITER // Link: http://www.northjersey.com/news/B...l?page=all

BOGOTA – "Local police are asking anyone who has used the website Rakuten.com, formerly Buy.com, to look out for suspicious charges on their credit cards." The police department started investigating three cases in which residents complained of fraudulent charges on their credit cards and has since discovered five additional victims, including one in New York City, Bogota Detective Sgt. Jonathan Misskerg said Tuesday. The single thread between the victims is that they have made purchases on Rakuten.com in the past three months, police said. The victims’ names, Social Security numbers, dates of birth and credit card information were used to open accounts at online equipment suppliers, police said.

The purchases, made at five online stores, included gas valves and warehouse time clocks and totaled around $10,000, Misskerg said. The buyer was traced to an address in Bogotá, Colombia, Misskerg said. After the items were purchased, they were sent to an Englewood company, which then shipped the items to Colombia, Misskerg said. Police declined to identify the Englewood company, saying that the owner was cooperating with authorities and that it remained unclear whether he was part of the scheme. But since investigators first spoke with the company’s owner, someone electronically deposited funds in the company owner’s account — enough to cover the cost of shipping the items to Colombia, Misskerg said. “We’ve seized the packages and additional merchandise,” Misskerg said Tuesday. “We are going to try to shut him down at this point.”

Rakuten.com, a Japan-based online retail company completed its purchase of Buy.com, a California-based online market place, in July 2010. The website was rebranded as Rakuten.com this year. A company representative said Tuesday that the company had not been contacted by the local police, but that it would cooperate with authorities. “If there is a police investigation, we are not aware of it, and we have not been contacted,” said Mark Kirschner, the company’s executive officer for global marketing, adding that the company takes such reports “very seriously.”

However, an online message board [SlickDeals.net] contains several comments from posters claiming to have used the website and complaining about fraudulent charges on their credit cards. Kirschner said the company was aware of the website and had made overtures, “without success,” to those claiming to be affected. He urged those affected to contact the company’s head of customer experience at 877-880-1030 ext. 2095. Kirschner said he was unaware of any security breach or hacking incident that could have compromised customers’ information.

If anyone suspects that he or she may be a victim of identity theft, he or she should fill out an identity theft report at ftc.gov/idtheft, police advised. After doing so, the individual should take a copy of the report to the local police department and place an initial fraud alert with all three credit bureaus. The investigation was continuing, and as of Tuesday no charges had been filed, police said.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[Full Text of the News Story] Consumer Reports The Consumerist [Jun-6-2013] -- "Here’s Everything We Know About The Rakuten/Buy.com Credit Card Breaches"
By Laura Northrup // Link: http://consumerist.com/2013/06/06...-breaches/

Starting about a month ago, rumblings began on the SlickDeals forums among people who had recently made purchases from Rakuten Shopping, the new brand name of the marketplace Buy.com. The purchases made were diverse, ranging from time clocks in Colombia to newspaper subscriptions in Cleveland to plane tickets in Germany. Something is very, very wrong here: hundreds of victims from recent months have come forward on Slickdeals alone.

Rakuten Shopping is a sort of online mall: the site allows other vendors to set up their own “marketplace” stores and sell items. Users have reported fraudulent credit card transactions after purchases from a variety of marketplace vendors.

Rakuten staff reach out to complainers on Facebook and even on the deal forums, asking victims to call in order to straighten things out. If they have a solution in progress, Rakuten has not let customers know, including victims. While talking too much about it publicly might compromise the investigations, victims are unhappy that the only thing they’ve heard from the company is “call us!” to people whose cards have been breached. Apart from the threads on the subject on shopping sites, victims have started their own site, the appropriately-titled RakutenFraud.com.

If having fraudsters make purchases for up to $10,000 on your credit cards isn’t scary enough, the Newark Star-Ledger reports that some victims had new accounts opened up using personal information––their birthdates and Social Security numbers––that you don’t need to provide to Rakuten as part of a purchase. If you’re a victim, what should you do? Contact your credit card company and your local police, of course. You should also contact the merchant where your card was used: after all, they’re a victim too.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

SLICKDEALS USER NAMES WHO REPORTED CREDIT CARD FRAUD AFTER A RAKUTEN ORDER
  1. rrmoore
  2. tprevett
  3. motorolaX
  4. rebutiw
  5. cpeed
  6. jastisatya
  7. rbcrewser
  8. avishah
  9. koyhbae
  10. avatar13
  11. sakdeals
  12. Udis
  13. slinson
  14. hagure
  15. Amaylin
  16. jbiz
  17. fatt1974
  18. Friend of Sonic
  19. Missiethegal
  20. bonkman
  21. Marekv
  22. chote
  23. guyver2077
  24. rarmortn
  25. jefflam79
  26. drydeniv
  27. wezlypipz
  28. shahhet2
  29. keeplow.com
  30. cindyc1122
  31. kevinca
  32. chihuahua8383
  33. small_stuff03
  34. ek9cv5
  35. jmgjj
  36. deaconx31
  37. virbla
  38. lds322
  39. vsspam
  40. dealjourney
  41. villageidiot
  42. sproqit
  43. mrstak
  44. Ichen5
  45. nitish
  46. bigboco
  47. igorjrr
  48. Argantes
  49. HJFarnsworth
  50. vapers
  51. subpar101
  52. ktatka13
  53. callsoldier83
  54. speedyg
  55. jump4deal
  56. daniel32
  57. victoras
  58. Cptobvious
  59. blueskiesnh20
  60. buyforsalemit
  61. HockeyPuck16
  62. dealinneed
  63. bigdeal5189
  64. Zelucifer
  65. jho
  66. nismo13GTiR
  67. Newnameforme
  68. Tennisjon2002
  69. killab77
  70. dogert
  71. SDRebel
  72. xthundaz
  73. Link2999
  74. guy_on_The_sofa
  75. DraftBuyer
  76. tortoise
  77. isokramer
  78. shreyasr
  79. doctaFingaz
  80. lotsalotsadeals
  81. scotthall3411
  82. 68droptop
  83. tda388
  84. azisme
  85. haggle_master
  86. wjc
  87. nyarrow
  88. DavidandDenise
  89. mustsav3
  90. aerofreaky11
  91. 68droptop
  92. yuchar168
  93. singal3
  94. ceelove
  95. Atari
  96. adanyc
  97. dirtmaster
  98. FlyingNun
  99. CBdelta
  100. sindeko
  101. rexb
  102. peteh555
  103. sumo28
  104. DMUE
  105. tortoise
  106. mirai
  107. thoror
  108. jcrash
  109. HDTiVoFan
  110. jcknows0
  111. abels
  112. Satsusi
  113. AnnoyedWithRakuten
  114. DPackMan
  115. cleaver
  116. mattsgarage
  117. nksnk
  118. wand
  119. j1huynh
  120. zetasoul
  121. highland1024
  122. Sam-Heek
  123. sightlessnet
  124. baxao1
  125. binji
  126. robinski_
  127. faiz_23
  128. gazr
  129. dealer007
  130. nikla
  131. bnizzle
  132. tarzan1234
  133. BadBrent
  134. yuchar168
  135. marlin29311
  136. xseanx
  137. kachelma
  138. psychojinx
  139. c627627
  140. snknk
  141. morpheus282
  142. coolcyber
  143. syncros123
  144. thriftyscrooge
  145. tialfred1
  146. semifast
  147. suril
  148. namlook
  149. hou1960
  150. jll544
  151. bongchoi21
  152. pjdavep
  153. dholu
  154. kskreider
  155. trencher7
  156. ohhyeeaahh
  157. oracleprogrammr
  158. KimmyKim
  159. anup_c_21
  160. theturnmaster
  161. jerry520ever
  162. supacala
  163. rite237
  164. richman
  165. singingintherain
  166. un_plug
  167. asdfghasdfgh
  168. rbv_shard
  169. NY2008
  170. nevermindvicky
  171. darkonex
  172. MonkeyChops
  173. mehrab012
  174. Badronald
  175. trueman1xfz
  176. TuncerY
  177. andychoi
  178. Chuggington
  179. drucula
  180. wquach
  181. HkB
  182. CheapBastardX10
  183. sky0102
  184. AkumaX
  185. attmci
  186. vodanh1982
  187. Tintinet
  188. k9homan
  189. diytech123
  190. kjmott
  191. mf6764
  192. thewatcher07
  193. cnewsgrp
  194. goldenone23
  195. bossusa
  196. Carkis
  197. ohhgourami
  198. cmm0325
  199. omendt
  200. ducky2802
  201. SlikRick
  202. teja9999
  203. kevvinz
  204. TP78
  205. shahnm
  206. DiabolicPumpkin
  207. blackoper
  208. gryphus
  209. mimi_mechant
  210. JoshMcMadMac
  211. bkiserx7
  212. EricW4226
  213. gimmie
  214. ghost5189
  215. sandman8288
  216. miziyuan
  217. rbreding
  218. JackDough
  219. Evenstar979
  220. Cletus81
  221. ecf
  222. bargainfinder09
  223. missmex1
  224. Chris29
  225. xiesanshao
  226. RoundSparrow
  227. bpp
  228. Krystm
  229. WhiteShadow1
  230. ilyap30
  231. bijju
  232. stingraysix
  233. santiagoanders
  234. compuguy1088
  235. photo00001
  236. Devius1
  237. parasitemite
  238. Princeton85
  239. contraium
  240. JavierH
  241. girishvk
  242. OnlyDealz
  243. elslicko
  244. Reallynotnick
  245. ieclipsie
  246. john_kc
  247. icdedppl
  248. knightracer
  249. scoutconnor
  250. silverforumsurf
  251. cazicthule
  252. mister_x
  253. produke
  254. minhquan2106
  255. FayEvelynSchlob
  256. Zechs19
  257. peterstevens
  258. TXGoat
  259. gbkims
  260. anzix
  261. pbmpharmacist
  262. Edxzxz
  263. bbf
  264. anakha
  265. vanburen0875
  266. sklar
  267. Funkorama
  268. lukeS1969
  269. twhite91
  270. vailr
  271. 1111111111
  272. SinceCCF
  273. LandonsDad
  274. ewiz77
  275. o0SlickMaster0o
  276. fvpawli
  277. kevin2011
  278. DocMo
  279. PharAway
  280. misterpooter
  281. kankri99
  282. skv
  283. mychaelp
  284. DaMostUnknown
  285. klatka13
  286. magicfame
  287. PokerKnight
  288. odysseyelite
  289. majorjohn
  290. taimeili123
  291. IlikeSD
  292. chis101
  293. amdk9
  294. chener
  295. jayhsu
  296. randalsw
  297. GottaLoveAZ
  298. BSoares
  299. fedechat
  300. DrunkenSoul
  301. turbobuick86
  302. viper87227
  303. BigChiefTaco
  304. HOO-MAN?
  305. HeavenlySkies
  306. TiredDog
  307. dipperq
  308. zaku178
  309. VirginiaBob
  310. ilya980
  311. rigamortis
  312. Genius4sho
  313. epicd2012
  314. thekedar
  315. drinkingbird
  316. djkyle65c
  317. peanut932
  318. plastik3000
  319. dersimden
  320. MarcSparks
  321. kxc262
  322. xtrabad
  323. yourownhero
  324. rebo0t
  325. ewh2002
  326. Chai
  327. finnadat
  328. MichaelM7154
  329. sleddie
  330. pood
  331. lampakky
  332. blueiegod
  333. spyderfang
  334. monster888
  335. hantidam
  336. nilmot
  337. dokiant
  338. Ashane
  339. dezenutz
  340. blazin-asian
  341. crocodile
  342. roleypoleyfoley
  343. alexboroda
  344. Ray97
  345. echostorm
  346. supercopofhongkong

886 Comments

47 48 49 50 51

Sign up for a Slickdeals account to remove this ad.

#721
I just saw this thread. I purchased some items through buy.com with my discover card in January. 2 weeks after someone made a fraudulent charge to Walmart.com. Discover closed the account and mailed me a new card. I couldn't pin down where the fraud had come from because I had used the card at 2 other online shops previously. I have since ordered from one of the 2 other shops without any further fraud. I have not ordered from buy/rakuten since Jan.

Order placed: Jan 8th
Fraud Order placed: Jan 23rd.
Reply Helpful Comment? 0 0
#722
Yesterday I received a new credit card in mail, and when I called Bofa, they said they had received information from Visa and Mastercard that CC information were stolen. Even though no fraudulent charges had been attempted, for security reasons they immediately blocked the card and issued new one. And today I got a call from Bofa fraud claims department asking if I had authorized couple of transactions on another credit card with them, (for $2.62 store, $131.02 hotel reservation) in France !!! Luckily they both were declined cause they attempted to use one of my shop safe card, which was authorized for a different vendor (With whom I originally used it).

Since they already closed the account, I couldn't access my shopsafe details to find out which one was being used, and even bofa didn't have the information either. They asked me to contact shopsafe. But from what I recollect, I recently ordered few stuff from following websites that have been reported doing fraudulent activities in recent past:

buy.com (using V.me in Apr 2013) http://slickdeals.net/f/5983698-Canon-SLR-Gadget-Bag-20-w-V-me-by-Visa-Checkout-Free-Shipping?v=1
meritline.com (using VCC)
dailysteals.com (using VCC)

Thanks to shopsafe this time, but I will shop with well reputed merchants only ,from now on.
Reply Helpful Comment? 0 0
#723
Quote from BenJeremy View Post :

3. Rakuten's database server (where all the data is kept) is compromised...
3.a. Perhaps data is stored unencrypted, and the database's file is being scanned for changes, with new numbers being scrapped from the files in plain text?
3.b. The database server is fully compromised and all transaction calls are being shunted through a middle man trojan that is siphoning off the CC data when it moves around on the server

4. Rakuten's web server is compromised...
4.a. Outgoing calls to the database server are examined and CC#s scraped from the data
4.b. Even simpler, code might have been hooked into the server's web applications to scan the data and store it off someplace.

5. Rakuten's firewall hardware has been compromised, leaving all incoming data freely available to a trojan that scrapes the data.

The CC# data for thousands of customers a day is easily valuable enough for a large criminal enterprise to target Rakuten directly and write code targeting their hardware. It might not be easy to root out, but it looks like they haven't put a very good effort if their only response has been "we checked, and you are all morons" - even while major banks have started getting serious about the problem from the customers' end.
Im no computer tech, but I thought this was kinda funny to see:

HP servers compromised through backdoor, root access:
http://www.h-online.com/security/...16506.html

HP website highlighting a Rakuten case study using what appears to be their technology/servers/partner's hardware
http://hp.fusionio.com/case-studies/rakuten/
Reply Helpful Comment? 0 0
#724
Quote from ducky2802 View Post :
Im no computer tech, but I thought this was kinda funny to see:

HP servers compromised through backdoor, root access:
http://www.h-online.com/security/...16506.html

HP website highlighting a Rakuten case study using what appears to be their technology/servers/partner's hardware
http://hp.fusionio.com/case-studies/rakuten/
Ugh, as an HP employee, that was a painful reply.

In fairness, it's not actually a "back door" - to meet the definition, it has to be exploitable without the customer's permission. HP is hardly the only company that does this, either.

/Disclaimer: I don't work on server OS software or anything specific to HP hardware products
Reply Helpful Comment? 0 0
#725
Card number 3 got hit today (7/15/2013). $10 donation to the "Green" party and a $1300+ charge to something I can't even recall right now. I was going to check my charges to see its relevance to rakuten.com, but bank of America shit down the account, so I can't check until my new card and account number comes in.

Damn, their deals and points aren't worth this crap. Using last of my points tomorrow and shutting down my accounts tomorrow. I hope that only card numbers were stolen and not the real important info.

*edit* just checked and card was still on file with main account. barely used the card in months...just 1 Dell.com and beginning recurring charge from everydayprivelegesgold.com. (BTW, they have no option to delete account except to contact them....WTF?)
Reply Helpful Comment? 0 0
#726
Quote from chis101 View Post :
Another data point, although I have no proof that this is from Rakuten.

Got a call from Chase Fraud Dept today, with the following unrecognized charges:

06/28/2013 Pending YAHOO *WALLET $1.00
06/28/2013 Pending PAYPAL -$1.00
06/28/2013 Pending PAYPAL $1.00
06/28/2013 Pending RN * $1.00

My last use of Rakuten was 3/21/2013 ... so it's been 3 months. No idea if it's related.

Edit:
Upon looking a bit more, I noticed I did use Buy.com on 6/4/2013 that went on this credit card, but it was through PayPal, so the number should have been protected from that.
when you use a card with them, they store the card info to your account...all of the information including the 3 digit security code. it doesn't matter when you made the purchase, if you didn't delete the information from your account that they automatically stored, they ALWAYS had access to it.
Reply Helpful Comment? 0 0
#727
My card was compromised 2 days ago. Although I can't point at Rakuten with certainty, it must have been the source of the leak like the rest of you guys. Someone tried to buy $58 worth of movie tickets and a $400 cell phone, both attempts made in Australia. Amex denied both and sent me a text message to stop the madness.
Reply Helpful Comment? 0 0

Sign up for a Slickdeals account to remove this ad.

#728
Quote from haggle_master View Post :
Card number 3 got hit today (7/15/2013). $10 donation to the "Green" party and a $1300+ charge to something I can't even recall right now. I was going to check my charges to see its relevance to rakuten.com, but bank of America shit down the account, so I can't check until my new card and account number comes in.

Damn, their deals and points aren't worth this crap. Using last of my points tomorrow and shutting down my accounts tomorrow. I hope that only card numbers were stolen and not the real important info.

*edit* just checked and card was still on file with main account. barely used the card in months...just 1 Dell.com and beginning recurring charge from everydayprivelegesgold.com. (BTW, they have no option to delete account except to contact them....WTF?)
Some would argue that their deals and points are good enough to deal with the reissue of a credit card, not ever thinking your CC company might not want to do business with you for taking on risky behavior they have to constantly flag.
Reply Helpful Comment? 0 0
#729
And people still shop Rakuten?
Reply Helpful Comment? 0 0
#730
I'm doing my duty today after seeing quite a few Rakuten posts in the Hot Deals section recently.

Tumbleweed Threads for Rakuten should look like this until they actually do something. It seems like they think people may have forgotten the attention this thread was getting before.Tumbleweed
Reply Helpful Comment? 0 0
#731
The Rakuten owners must be into some criminal stuff, otherwise why would they allow this to go on for so long? Why are the credit card servicers still allowing purchases to go through on their website?
Reply Helpful Comment? 0 0
#732
i'm not IT guy. but it is my true story. unknown transaction appeared after purchase at rakuten using paypal. i might be wrong, but it is natural to connect these two events together.





QUOTE=BenJeremy;60618096]I find the "used PayPal now my CC is defrauded" accounts highly suspect.

PayPal does not EVER share CC or other payment info with vendors. There is no reason to.

Whatever is happening at Rakuten is specific to CCs used directly with them to purchase items. If your card was defrauded it was probably unrelated.

I have used buy.com/rakuten.com in the past, always with PayPal and have never had a fraud issue with the credit cards linked to that PayPal account.

I'm beginning think this CC fraud whole thing is actually being run by the company too.... why else do they offer incredible promotions - ONLY IF you use a credit card? That would be stupid to the nth degree, of course, so I can't consider it seriously, but it does seem strange.

As an IT professional, I see several possibilities here:

1. Rakuten is complicit in the credit card theft. Not the most likely possibility, but it is a possibility.

2. Rakuten's credit card processor is compromised in some way

3. Rakuten's database server (where all the data is kept) is compromised...
3.a. Perhaps data is stored unencrypted, and the database's file is being scanned for changes, with new numbers being scrapped from the files in plain text?
3.b. The database server is fully compromised and all transaction calls are being shunted through a middle man trojan that is siphoning off the CC data when it moves around on the server

4. Rakuten's web server is compromised...
4.a. Outgoing calls to the database server are examined and CC#s scraped from the data
4.b. Even simpler, code might have been hooked into the server's web applications to scan the data and store it off someplace.

5. Rakuten's firewall hardware has been compromised, leaving all incoming data freely available to a trojan that scrapes the data.

The CC# data for thousands of customers a day is easily valuable enough for a large criminal enterprise to target Rakuten directly and write code targeting their hardware. It might not be easy to root out, but it looks like they haven't put a very good effort if their only response has been "we checked, and you are all morons" - even while major banks have started getting serious about the problem from the customers' end.[/QUOTE]
Reply Helpful Comment? 0 0
#733
I had my Blue Amex compromised on 4/28/2013. I never had a problem in the last 2 years with this CC. I got a warning call/email from Amex regarding a $200+ transaction for an online order from a place that sell shoes (I do not remember the name).

My last online transaction using this CC

4/26 Bestbuy.com
4/24 Amazon.com
4/19 Express.com
4/15 Meritline
4/10 Buy.com
3/22 Godaddy.com
3/17 CallingMart.com
3/9 Fandango
Reply Helpful Comment? 0 0
#734
Had my account compromised after a purchase at Rakuten. Got an email from chase about a $200 walmart.com transaction and noticed another $200+ walmart.com transaction and a real networks transaction.

Order placed: May 10th
Fraud Order placed: July 15th
Reply Helpful Comment? 0 0

Sign up for a Slickdeals account to remove this ad.

L5: Journeyman
198 Reputation
Original Poster
#735
Quote from fedechat View Post :
I had my Blue Amex compromised on 4/28/2013. I never had a problem in the last 2 years with this CC.
For many, they can precisely determine that Rakuten Shopping was the source of their credit card fraud. For others, they've had to do further investigating. There are several highly reputable companies in your transaction list. With some searching, I think you'd rule out those very quickly. I'd search the two smaller companies to see if there were any reported cases. If that search turns out negative, I'd look at the facts of the Rakuten Shopping fraud cases:
(1) There was a huge number of reports of compromised credit cards from Rakuten Shopping customers in the month of April. Probably 250+ from SD Users alone, with probably another 2,000-4,000 non-SD users.
(2) The vast majority of the fraud attempts occurred 10-20 days after their Rakuten Shopping purchase. (Yours occurred 18 days after.)

In response to the massive amount of reports of fraudulent credit card transactions that occurred as a result of Rakuten purchases in April, Rakuten strengthened somewhat its security measures which is both good and bad.

The good news for Rakuten is that reports of fraud have been reduced significantly over the past month. They've also been able to escape any blame and having to admit to any security problems at their end.

The bad news for customers is that the root problem hasn't been determined, nor has it been eliminated completely. The reduced number of reports will be written-off, most likely, as insignificant as compared to the large number of transactions that occur at Rakuten Shopping each day. It's important to note that, in addition to the strengthened security at Rakuten, something else also occurred at the same time -- the percentage of customers using more secure methods of payment (PayPal, V.me, VCCNs, etc.) has increased dramatically. Perhaps that too has contributed to the reduction of reports of credit card fraud.


Today, the total number of SlickDeals Registered Users who have reported credit card fraud following a purchase made at Rakuten Shopping is 300.
Reply Helpful Comment? 0 0
Page 49 of 60
47 48 49 50 51
Join the Conversation
Add a Comment
 
Slickdeals Price Tracker
Saving money just got easier.
Start Tracking Today
Copyright 1999 - 2015. Slickdeals, LLC. All Rights Reserved. Copyright / DMCA Notice  •  Privacy Policy  •  Terms of Service  •  Acceptable Use Policy (Rules)