Search in
Video Games TV Computers Finance Home Apparel Tech Cameras Autos Health & Beauty Children Entertainment Travel Pets
Forum Thread
Rakuten Discounts, Deals and Coupon Codes

Rakuten Buy.com Customers Getting Fraudulent Credit Card Charges

rrmoore 756 218 May 9, 2013 at 10:33 AM in Finance (2) More Rakuten Deals
Deal
Score
+157
298,081 Views
Get Deal

Thread Details

Last Edited by rrmoore January 12, 2016 at 12:10 PM
SD USERS REPORTING CREDIT CARD FRAUD VIA RAKUTEN SHOPPING SITE: 352

Many posts within SlickDeals have multiple threads about fraudulent credit card account transactions occurring within a few weeks of placing an order at Rakuten Buy.com. If you have been affected, please post your experience here so the magnitude of Rakuten Buy.com's apparent security breach and the impact on the affected Rakuten customers may be known. (Please save other issues, either regarding Rakuten, or other issues with credit card misuse to other posts.)

If you are one of the affected Rakuten customers, please make a post with (1) first date of the fraud transaction and (2) the most recent Rakuten.com order date (if there was one).
The most important thing however is to just be counted, if you're one of the affected customers.

RAKUTEN SHOPPING would like to hear from you directly:
*PHONE: Nick Thompson (Head of Customer Experience) 877-880-1030, ext. 2095.
*E-MAIL QUESTIONNAIRE: http://slickdeals.net/forums/showpost.php?p=60106758&postcount=622 -- Dedicated e-mail address rakuten-help@mail.rakuten.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Newspaper & Other Media Reports on this recent Rakuten/Buy.com Apparent Security Breach:

Consumer Reports The Consumerist [Jun-6-2013] -- "Here’s Everything We Know About The Rakuten/Buy.com Credit Card Breaches" -- post by 'steveliv', updated 'daniel32'
http://consumerist.com/2013/06/06/heres-everything-we-know-about-the-rakutenbuy-com-credit-card-breaches/ --and--- http://consumerist.com/2013/06/10...seriously/

New Jersey Record News [May-28-2013] -- "Bogota Police Warn Website Users of Suspicious Charges" -- posted by 'AnnoyedwithRakuten'
http://www.northjersey.com/news/B...l?page=all

Yahoo! Finance & MoneyTalksNews [Jun-6-2013] -- "Rakuten.com Customers Reporting Credit Card Fraud" -- txs 'krazyshopper'
http://finance.yahoo.com/news/rak...31825.html and http://www.moneytalksnews.com/201...ard-fraud/

Gizmodo via RakutenFraud.com [Jun-7-2013] -- "Gizmodo Announces They Will No Longer Post Rakuten Deals" -- txs to 'RakutenFraud.com'
http://rakutenfraud.com/2013/06/g...bORZRHn81I

StoreFrontBackTalk [Jun-12-2013] -- "Rakuten Breach: Live By The Web, Get Punished By The Web" -- txs to 'RakutenFraud.com'
http://storefrontbacktalk.com/sec...y-the-web/

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Summary of the conclusions made by the contributors of this forum:

(1) Identity thieves obtained credit card #'s and SSN #'s from some Rakuten Customers
[Ref: News Story & NJ Police Interview http://www.northjersey.com/news/B...l?page=all -- 'AnnoyedwithRakuten']
[Ref: Additionally http://www.bergendispatch.com/art...arges.aspx]
[Ref: 'scotthall3411' Post #462, etc.]

(2) Many other users have been affected outside of the SlickDeals community
[Ref: Specialized Site Now Available: http://rakutenfraud.com/]

(3) The apparent security breach is not limited to just customers who placed orders. Several have reported credit card details were taken from their Rakuten My Account screen.
[Ref: 'Cletus81' Post #435, 'missmex1' Post #445]

(4) The apparent security breach was not at the credit card payment processing agent.
[Ref: 'mirai' Post #437]

(5) Customers using credit, debit cards and Gift Cards have been affected.
[Ref: Thread postings and external sites.]

(6) Almost 100% of all fraud reports are from customers who gave Rakuten their credit (or debit) card directly (rather than using payment gateways or other payment methods (gift cards, etc.)
[Ref: Thread postings.]

(7) Many customers were able to uniquely identify Rakuten as the source of the credit card theft.
[Ref: Many thread postings from customers using a one-time Virtual Credit Card Number, a new credit card only used at Rakuten, or a new Gift Card.]

(8) Rakuten Buy.com denies that any security breach has occurred, though they are "cooperating with police".
[Ref: News Story & NJ Police Interview http://www.northjersey.com/news/B...l?page=all -- 'AnnoyedwithRakuten']

(9) Using a Virtual Credit Card Number or Gift Cards at Rakuten may not be the best alternative.
[Ref: 'GPz1100' Post #205, Post #447, etc. Several affected customers posted their VCCN's later breach caused the credit card company to reissue a new card.]
[Ref: 'namlook' Post #449, etc. Hacker's later emptied the gift card or sold the balance on eBay.]
[Ref: 'bargainfinder09' Post #449 Must close VCCN out afterwards.]

(10) The apparent security breach still exists at Rakuten today, and a Rakuten customer order is not required to generate the subsequent CC fraud.
[Ref: 'Edxzxz' Post #583]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please scroll down to the Wiki for important messages from users
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[Full Text of the News Story] New Jersey Record News [May-28-2013] -- "Bogota Police Warn Website Users of Suspicious Charges"
BY DENISA R. SUPERVILLE, STAFF WRITER // Link: http://www.northjersey.com/news/B...l?page=all

BOGOTA – "Local police are asking anyone who has used the website Rakuten.com, formerly Buy.com, to look out for suspicious charges on their credit cards." The police department started investigating three cases in which residents complained of fraudulent charges on their credit cards and has since discovered five additional victims, including one in New York City, Bogota Detective Sgt. Jonathan Misskerg said Tuesday. The single thread between the victims is that they have made purchases on Rakuten.com in the past three months, police said. The victims’ names, Social Security numbers, dates of birth and credit card information were used to open accounts at online equipment suppliers, police said.

The purchases, made at five online stores, included gas valves and warehouse time clocks and totaled around $10,000, Misskerg said. The buyer was traced to an address in Bogotá, Colombia, Misskerg said. After the items were purchased, they were sent to an Englewood company, which then shipped the items to Colombia, Misskerg said. Police declined to identify the Englewood company, saying that the owner was cooperating with authorities and that it remained unclear whether he was part of the scheme. But since investigators first spoke with the company’s owner, someone electronically deposited funds in the company owner’s account — enough to cover the cost of shipping the items to Colombia, Misskerg said. “We’ve seized the packages and additional merchandise,” Misskerg said Tuesday. “We are going to try to shut him down at this point.”

Rakuten.com, a Japan-based online retail company completed its purchase of Buy.com, a California-based online market place, in July 2010. The website was rebranded as Rakuten.com this year. A company representative said Tuesday that the company had not been contacted by the local police, but that it would cooperate with authorities. “If there is a police investigation, we are not aware of it, and we have not been contacted,” said Mark Kirschner, the company’s executive officer for global marketing, adding that the company takes such reports “very seriously.”

However, an online message board [SlickDeals.net] contains several comments from posters claiming to have used the website and complaining about fraudulent charges on their credit cards. Kirschner said the company was aware of the website and had made overtures, “without success,” to those claiming to be affected. He urged those affected to contact the company’s head of customer experience at 877-880-1030 ext. 2095. Kirschner said he was unaware of any security breach or hacking incident that could have compromised customers’ information.

If anyone suspects that he or she may be a victim of identity theft, he or she should fill out an identity theft report at ftc.gov/idtheft, police advised. After doing so, the individual should take a copy of the report to the local police department and place an initial fraud alert with all three credit bureaus. The investigation was continuing, and as of Tuesday no charges had been filed, police said.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[Full Text of the News Story] Consumer Reports The Consumerist [Jun-6-2013] -- "Here’s Everything We Know About The Rakuten/Buy.com Credit Card Breaches"
By Laura Northrup // Link: http://consumerist.com/2013/06/06...-breaches/

Starting about a month ago, rumblings began on the SlickDeals forums among people who had recently made purchases from Rakuten Shopping, the new brand name of the marketplace Buy.com. The purchases made were diverse, ranging from time clocks in Colombia to newspaper subscriptions in Cleveland to plane tickets in Germany. Something is very, very wrong here: hundreds of victims from recent months have come forward on Slickdeals alone.

Rakuten Shopping is a sort of online mall: the site allows other vendors to set up their own “marketplace” stores and sell items. Users have reported fraudulent credit card transactions after purchases from a variety of marketplace vendors.

Rakuten staff reach out to complainers on Facebook and even on the deal forums, asking victims to call in order to straighten things out. If they have a solution in progress, Rakuten has not let customers know, including victims. While talking too much about it publicly might compromise the investigations, victims are unhappy that the only thing they’ve heard from the company is “call us!” to people whose cards have been breached. Apart from the threads on the subject on shopping sites, victims have started their own site, the appropriately-titled RakutenFraud.com.

If having fraudsters make purchases for up to $10,000 on your credit cards isn’t scary enough, the Newark Star-Ledger reports that some victims had new accounts opened up using personal information––their birthdates and Social Security numbers––that you don’t need to provide to Rakuten as part of a purchase. If you’re a victim, what should you do? Contact your credit card company and your local police, of course. You should also contact the merchant where your card was used: after all, they’re a victim too.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

SLICKDEALS USER NAMES WHO REPORTED CREDIT CARD FRAUD AFTER A RAKUTEN ORDER
  1. rrmoore
  2. tprevett
  3. motorolaX
  4. rebutiw
  5. cpeed
  6. jastisatya
  7. rbcrewser
  8. avishah
  9. koyhbae
  10. avatar13
  11. sakdeals
  12. Udis
  13. slinson
  14. hagure
  15. Amaylin
  16. jbiz
  17. fatt1974
  18. Friend of Sonic
  19. Missiethegal
  20. bonkman
  21. Marekv
  22. chote
  23. guyver2077
  24. rarmortn
  25. jefflam79
  26. drydeniv
  27. wezlypipz
  28. shahhet2
  29. keeplow.com
  30. cindyc1122
  31. kevinca
  32. chihuahua8383
  33. small_stuff03
  34. ek9cv5
  35. jmgjj
  36. deaconx31
  37. virbla
  38. lds322
  39. vsspam
  40. dealjourney
  41. villageidiot
  42. sproqit
  43. mrstak
  44. Ichen5
  45. nitish
  46. bigboco
  47. igorjrr
  48. Argantes
  49. HJFarnsworth
  50. vapers
  51. subpar101
  52. ktatka13
  53. callsoldier83
  54. speedyg
  55. jump4deal
  56. daniel32
  57. victoras
  58. Cptobvious
  59. blueskiesnh20
  60. buyforsalemit
  61. HockeyPuck16
  62. dealinneed
  63. bigdeal5189
  64. Zelucifer
  65. jho
  66. nismo13GTiR
  67. Newnameforme
  68. Tennisjon2002
  69. killab77
  70. dogert
  71. SDRebel
  72. xthundaz
  73. Link2999
  74. guy_on_The_sofa
  75. DraftBuyer
  76. tortoise
  77. isokramer
  78. shreyasr
  79. doctaFingaz
  80. lotsalotsadeals
  81. scotthall3411
  82. 68droptop
  83. tda388
  84. azisme
  85. haggle_master
  86. wjc
  87. nyarrow
  88. DavidandDenise
  89. mustsav3
  90. aerofreaky11
  91. 68droptop
  92. yuchar168
  93. singal3
  94. ceelove
  95. Atari
  96. adanyc
  97. dirtmaster
  98. FlyingNun
  99. CBdelta
  100. sindeko
  101. rexb
  102. peteh555
  103. sumo28
  104. DMUE
  105. tortoise
  106. mirai
  107. thoror
  108. jcrash
  109. HDTiVoFan
  110. jcknows0
  111. abels
  112. Satsusi
  113. AnnoyedWithRakuten
  114. DPackMan
  115. cleaver
  116. mattsgarage
  117. nksnk
  118. wand
  119. j1huynh
  120. zetasoul
  121. highland1024
  122. Sam-Heek
  123. sightlessnet
  124. baxao1
  125. binji
  126. robinski_
  127. faiz_23
  128. gazr
  129. dealer007
  130. nikla
  131. bnizzle
  132. tarzan1234
  133. BadBrent
  134. yuchar168
  135. marlin29311
  136. xseanx
  137. kachelma
  138. psychojinx
  139. c627627
  140. snknk
  141. morpheus282
  142. coolcyber
  143. syncros123
  144. thriftyscrooge
  145. tialfred1
  146. semifast
  147. suril
  148. namlook
  149. hou1960
  150. jll544
  151. bongchoi21
  152. pjdavep
  153. dholu
  154. kskreider
  155. trencher7
  156. ohhyeeaahh
  157. oracleprogrammr
  158. KimmyKim
  159. anup_c_21
  160. theturnmaster
  161. jerry520ever
  162. supacala
  163. rite237
  164. richman
  165. singingintherain
  166. un_plug
  167. asdfghasdfgh
  168. rbv_shard
  169. NY2008
  170. nevermindvicky
  171. darkonex
  172. MonkeyChops
  173. mehrab012
  174. Badronald
  175. trueman1xfz
  176. TuncerY
  177. andychoi
  178. Chuggington
  179. drucula
  180. wquach
  181. HkB
  182. CheapBastardX10
  183. sky0102
  184. AkumaX
  185. attmci
  186. vodanh1982
  187. Tintinet
  188. k9homan
  189. diytech123
  190. kjmott
  191. mf6764
  192. thewatcher07
  193. cnewsgrp
  194. goldenone23
  195. bossusa
  196. Carkis
  197. ohhgourami
  198. cmm0325
  199. omendt
  200. ducky2802
  201. SlikRick
  202. teja9999
  203. kevvinz
  204. TP78
  205. shahnm
  206. DiabolicPumpkin
  207. blackoper
  208. gryphus
  209. mimi_mechant
  210. JoshMcMadMac
  211. bkiserx7
  212. EricW4226
  213. gimmie
  214. ghost5189
  215. sandman8288
  216. miziyuan
  217. rbreding
  218. JackDough
  219. Evenstar979
  220. Cletus81
  221. ecf
  222. bargainfinder09
  223. missmex1
  224. Chris29
  225. xiesanshao
  226. RoundSparrow
  227. bpp
  228. Krystm
  229. WhiteShadow1
  230. ilyap30
  231. bijju
  232. stingraysix
  233. santiagoanders
  234. compuguy1088
  235. photo00001
  236. Devius1
  237. parasitemite
  238. Princeton85
  239. contraium
  240. JavierH
  241. girishvk
  242. OnlyDealz
  243. elslicko
  244. Reallynotnick
  245. ieclipsie
  246. john_kc
  247. icdedppl
  248. knightracer
  249. scoutconnor
  250. silverforumsurf
  251. cazicthule
  252. mister_x
  253. produke
  254. minhquan2106
  255. FayEvelynSchlob
  256. Zechs19
  257. peterstevens
  258. TXGoat
  259. gbkims
  260. anzix
  261. pbmpharmacist
  262. Edxzxz
  263. bbf
  264. anakha
  265. vanburen0875
  266. sklar
  267. Funkorama
  268. lukeS1969
  269. twhite91
  270. vailr
  271. 1111111111
  272. SinceCCF
  273. LandonsDad
  274. ewiz77
  275. o0SlickMaster0o
  276. fvpawli
  277. kevin2011
  278. DocMo
  279. PharAway
  280. misterpooter
  281. kankri99
  282. skv
  283. mychaelp
  284. DaMostUnknown
  285. klatka13
  286. magicfame
  287. PokerKnight
  288. odysseyelite
  289. majorjohn
  290. taimeili123
  291. IlikeSD
  292. chis101
  293. amdk9
  294. chener
  295. jayhsu
  296. randalsw
  297. GottaLoveAZ
  298. BSoares
  299. fedechat
  300. DrunkenSoul
  301. turbobuick86
  302. viper87227
  303. BigChiefTaco
  304. HOO-MAN?
  305. HeavenlySkies
  306. TiredDog
  307. dipperq
  308. zaku178
  309. VirginiaBob
  310. ilya980
  311. rigamortis
  312. Genius4sho
  313. epicd2012
  314. thekedar
  315. drinkingbird
  316. djkyle65c
  317. peanut932
  318. plastik3000
  319. dersimden
  320. MarcSparks
  321. kxc262
  322. xtrabad
  323. yourownhero
  324. rebo0t
  325. ewh2002
  326. Chai
  327. finnadat
  328. MichaelM7154
  329. sleddie
  330. pood
  331. lampakky
  332. blueiegod
  333. spyderfang
  334. monster888
  335. hantidam
  336. nilmot
  337. dokiant
  338. Ashane
  339. dezenutz
  340. blazin-asian
  341. crocodile
  342. roleypoleyfoley
  343. alexboroda
  344. Ray97
  345. echostorm
  346. supercopofhongkong
  347. Not_TooBad
  348. gascolator
  349. kingkong79
  350. pprichar
  351. hezza8
  352. shootkey

Community Wiki

Last Edited by andyk July 16, 2014 at 07:31 PM
Section (0): How to protect your card number:
  • Use PayPal or Google Wallet.
    • When you are viewing Your Shopping Cart, be sure to click on "Proceed to Checkout" first, and THEN select PayPal or Google Wallet.
    • You CAN earn and use Super Points with Google Wallet.
    • You cannot use Super Points with PayPal.
  • Do NOT use Visa Checkout/V.me or Masterpass:
  • Do NOT use or store your card number on Rakuten.com.
  • Super Points
    • http://support.rakuten.com/app/an...l/a_id/871
    • Can one use Super Points with V.me? Yes, but don't use V.me anymore (see above).
    • There have been multiple posts by rrmoore stating: "Many are reporting they did with PayPal and V.me; But you can't use existing points toward the deal." I read that to mean points cannot be used with V.me, which is incorrect. I am sure rrmoore made those posts to help people. I am also sure rrmoore has a strong sense of right and wrong because he so wants to get to the bottom of the problem. Accordingly, I hope he will go back to clarify his posts because Rakuten Super Points CAN be used with V.me.


Section (1): Ways to help Rakuten take ownership of the security breach:

Letter to the Editor at Fraud Magazine: http://www.fraud-magazine.com/let...ditor.aspx
ACFE is the world's largest anti-fraud organization and premier provider of anti-fraud training and education. Together with more than 65,000 members, the ACFE is reducing business fraud worldwide and inspiring public confidence in the integrity and objectivity within the profession.


Message to the Complaints Board: http://www.complaintsboard.com/?search=rakuten and http://www.complaintsboard.com/new_complaint/ The most trusted and popular consumer complaints website.

Posting to Reseller Ratings: http://www.resellerratings.com/store/Rakuten

Anyone affected should consider filing a report: http://www.ic3.gov/complaint/ & https://www.ftccomplaintassistant.gov/ & http://www.bbb.org/
If enough people file a report, Rakuten will not be able ignore this any longer. -- 'DMUE'
California State Attorney General online complaint submission form: http://oag.ca.gov/contact/consume...or-company -- 'ducky2802'

Post a Message on Rakuten's Facebook Page: https://www.facebook.com/rakutenshopping

Send a message to the Amex Public Relations Dept: Desiree Fish, Vice President, Public Affairs and Communications / desiree.c.fish@aexp.com
Send a message to the Discover Public Relations Dept: Jon Drummond, Public Relations, jondrummond@discover.com

Send a news tip to: NY Times (news-tips@nytimes.com), CNet (tips-ne@cnet.com), CNN (http://www.cnn.com/feedback/tips/), <add more here please>

Also, please consider adding an additional posting to http://rakutenfraud.com/ (after you've posted here, of course). With the dedicated site, you can use a different posting username if you wish and no registration is required.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Section (2): Ways to help police catch the identity thieves:

Get the address where your product from the fraudulent charge was shipped from your CC company and post the city to see if we have any matches: -- 'namlook'
1. North Brunswick New Jersey
(I have a name and the full address but I won't post that here)

Call the defrauded merchant (might need police involvement with some) to obtain the IP Address of the Fraudulent Order -- 'Ids322' & 'Diamonique'

Those affected should contact Rakuten's head of customer experience at 877-880-1030 ext. 2095. -- 'epicd2012'
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Section (3): Ways to personally protect yourself after your Rakuten privacy breach:

Sign up for e-mail (or mobile) credit card and bank alerts with all your financial institutions -- 'ubiquitous'

Free Annual Credit Reports www.AnnualCreditReport.com (also consider utilizing 1-of-the-3-agencies every 4 months, instead of all 3 once a year)
I picked Experian at random, and its super easy to do, takes 5 min, completely automated, and hopefully give me some piece of mind. I believe you get a free credit report as well.
Equifax 1-800-525-6285 / Experian 1-888-397-3742 / TransUnion 1-800-680-7289

Experian's Credit Sesame www.CreditSesame.com and Transunion's Credit Karma www.CreditKarma.com provide a level of free credit monitoring.

Fraud Alerts on Credit Reports: For those who are a bit concerned/paranoid about ID theft, here is the FTC website on it. http://www.consumer.ftc.gov/featu...tity-theft
The first step they show is placing a temporary (90 days), free, fraud alert with 1 of 3 credit card companies: http://www.consumer.ftc.gov/artic...raud-alert
It that tells the creditor requesting your report to do additional due diligence. I think it's a free service but it automatically expires after 90 days. The creditor however is not required to do any additional verification, but they don’t want to get lose money either.

*** I think freezing credit reports is a little different than fraud alerts ***
Information on Freezing Credit Reports: (1) https://www.freeze.equifax.com/Fr...IDInfo.jsp (2) http://www.transunion.com/persona...eezes.page (3) http://www.experian.com/consumer/...reeze.html

Visa Verified-by-Visa: http://usa.visa.com/personal/secu...a_faq.html
MasterCard SecureCode: http://www.mastercard.us/securecode.html]

Response from Rakuten CMO, Bernard Luthi - please call the number to recount your experience to help with the investigation

902 Comments

6 7 8 9 10

Sign up for a Slickdeals account to remove this ad.

#106
Wow this is getting out of hand. Seems the super points are lures to keep you in also. I wonder why I cannot use my super points with paypal i wonder...
Reply Helpful Comment? 0 0
Joined Dec 2008
Permanently Banned
7,824 Posts
2,864 Reputation
#107
Quote from village idiot View Post :
Dear Rakuten_Staff,

The first post in this thread lists nearly 100 users with similar complaints, including myself (that's just the ones that complained on slickdeals.)

This problem has been apparently quite acute for several weeks, with indications that there have been problems for much longer - the company must have been aware. Is there any explanation yet?

At least one report of contact to rakuten.com customer service resulted in a canned response that was not relevant to the problem at hand. If you are indeed gathering information currently, what is the best way for affected customers to communicate?
noobie (director) at rakuten probably isn't getting enough profit to justify his million dollar salary/benefits. Needs another funding source.

Quote from ek9cv5 View Post :
Wow this is getting out of hand. Seems the super points are lures to keep you in also. I wonder why I cannot use my super points with paypal i wonder...
It seemed odd for before as well when they offered like 5x (10x as well i think) on their store and you couldn't pay with paypal. Now I guess we know why....
Reply Helpful Comment? 0 0
#108
Made a purchase from Rakuten with no problems yet, but this thread sure has me worried. I will keep a closer eye and don't expect to ever use a CC there again. Only PayPal for them now.
Reply Helpful Comment? 0 0
#109
Just got a call from amex. Apparently I'm buying furniture in Nebraska in my sleep... Only recent charge other than a gas station was Rakuten...grrr...
Reply Helpful Comment? 0 0
#110
I just found this thread and need to add that I was compromised as well. I got a phone call from my credit card company the other day saying that I had a whole bunch of charges from Proflowers and FTD and that my account was locked. (50+ charges)

I have not heard about this before so unfortunately I have made other charges to other credit card since then. I will need to keep a close eye out on this other credit card that I used.

if Rakuten is truly responsible for this I will never make another purchase from them again. I need to note that I have made almost $10,000 worth the purchase from Rakuten over the past several months.
Reply Helpful Comment? 0 0
Last edited by 68droptop May 14, 2013 at 05:52 AM
#111
Quote from 68droptop View Post :
I just found this thread and need to add that I was compromised as well. I got a phone call from my credit card company the other day saying that I had a whole bunch of charges from Proflowers and FTD and that my account was locked. (50+ charges)

I have not heard about this before so unfortunately I have made other charges to other credit card since then. I will need to keep a close eye out on this other credit card that I used.

if Rakuten is truly responsible for this I will never make another purchase from them again. I need to note that I have made almost $10,000 worth the purchase from Rakuten over the past several months.
I just checked my statement after reading this thread and found a 104.95 purchase from
"CHAMMPS HQ" in Wichita Kansas. It was manually keyed and I've never been there.

Apparently they have a restaurant? Thanks to this thread I caught it, otherwise I might not have. I checked every transaction since I bought a stupid dehumidifier from them with their new customer coupon code. Each one seems to belong to me except for that one.

Not a bad deal for them, you save 20 bucks and they steal hundreds from you.
Reply Helpful Comment? 0 0
#112
I sent an email to Rakuten after my initial post yesterday with a link to this site. So that is why they are now posting on this site.

Here is my communication with them.

Me

Hi Rakuten,

Everytime I have placed an order on your site several days later I receive fraudulent charges on my credit card. The first time it happened I didn't think much of it, but when I received my new CC and purchased from Rakuten, two days later I had a $2600 hotel charge on my card.

The third new CC I got, after purchasing on Rakuten, I had several charges from overseas merchants I did not make.

I don't know if your company is trying to be honorable, but if you are, you really need your fraud department to monitor your employees processing orders.

You can read this thread on slickdeals, with many people reporting fraud after using Rakuten.

http://slickdeals.net/f/6018544-Rakuten-Buy-com-Fraudulent-Use-of-Credit-Card-Info-within-Company-More-than-46-SD-users-who-made-recent-purchases?v=1&page=1

I really wanted to keep using Rauten because of the super points incentive, but I cant risk it anymore and will have to take my business elsewhere.

Rakutens response

"Hello Aaron,

Thank you for contacting Rakuten.com Shopping, in regard to unauthorized charges on your credit card.

I am very sorry to hear you had fraudulent charges on your credit card after placing an order with Rakuten.

At Rakuten, all information is secured utilizing the latest 128-bit encryption technology in all areas of our site that asks you for any personal information. To know if the page is secure, you can look for the secure lock icon in the status bar of any page that asks for private information. As long as it is displayed, your information is being transmitted securely, additionally we do not process orders over the phone for security reasons.

Please let us know if there is anything else we can do to help you."

Me

"You say that the site is secure using 128 bit encryption on all areas of the site that "asks" for private info, but what about areas that "store or send" private info? What happens to my credit card info after I enter it in the site? How does a vendor receive payment? Does Rakuten have to submit my credit card info to the vendor selling the item?"

Rakuten

"Thank you for contacting Rakuten.com Shopping, in regard to how we store your credit card information.

Rakuten has your safety and security in mind when making a purchase at Rakuten. Rakuten will charge your method of payment directly through your Rakuten Account and will not pass along any payment information to the seller to ensure your payment information is safe.

Additionally Rakuten.com Shopping does not provide any customer payment information to its merchants. Instead, Rakuten.com Shopping's order payments are made weekly via ACH transfer. As a result, all Rakuten.com Shopping Merchants are required to have a valid United States bank account that will accept these payments.

Please let us know if there is anything else we can do to help you."

End


Somehow their 128 bit encryption is being intercepted before it is encrypted or its not being encrypted at all on some level, or they are able to make purchases using stored info somehow.

I believe some people have not been affected because of chance. It may be a handful of order processing personal that are doing this and you have just been lucky.
Reply Helpful Comment? 0 0

Sign up for a Slickdeals account to remove this ad.

#113
Yesterday, I made a purchase with " Foscam Digital Technologies LLC " as the seller on Rakuten using Amex card but what I find disturbing is the contact email for the seller is "movarocosmetics@gmail.com" Something does not pass the 1st pass smell test?

This is the thread that started my uncomfortable journey http://slickdeals.net/f/6025670-Foscam-FI8910W-Wireless-Wired-Pan-Tilt-IP-Network-Camera-with-IR-Cut-Filter-for-True-Color-57-until-4pm-PDT?v=1&p=59441636#post59441636
Reply Helpful Comment? 0 0
Joined Feb 2005
Sanity Is Overrated
3,881 Posts
1,051 Reputation
#114
Has anyone who purchased from BuyDig through Rakuten had this happen?
Reply Helpful Comment? 0 0
#115
I also got the pre-scripted response about 128 bit encryption after I asked Rakuten to check into it. That was a couple of weeks ago now and they still haven't issued any kind of statements and continue letting others be compromised.
Reply Helpful Comment? 0 0
#116
Quote from Argantes View Post :
Somehow their 128 bit encryption is being intercepted before it is encrypted or its not being encrypted at all on some level, or they are able to make purchases using stored info somehow.
That 128-bit encryption stuff refers only to the connection between your browser and Rakuten's web server, such that you'd be safe from eavesdropping while surfing an open wifi hotspot. Most likely, once the data reaches Rakuten, they probably just store everything unencrypted in their database. Either someone has hacked the database, or a Rakuten insider is pulling and selling the data.

It's sad that Rakuten is not taking this stuff seriously and is just giving out irrelevant BS replies about basic web encryption. Maybe it's time to write to Consumerist [consumerist.com] to get some media attention on this stuff. Or, at the least, anyone affected should file a report: http://www.ic3.gov/complaint/ and/or https://www.ftccomplaintassistant.gov/ The threat of government scrutiny can be very persuasive in getting a company to do the right thing.
Reply Helpful Comment? 0 0
Last edited by njeral May 14, 2013 at 10:01 AM
#117
Quote from Diamonique View Post :
Has anyone who purchased from BuyDig through Rakuten had this happen?
Yes...
Reply Helpful Comment? 0 0
Joined Apr 2006
L5: Journeyman
756 Posts
218 Reputation
Original Poster
#118
Absolutely correct! Could you image a bank taking that attitude? (Ah shucks, you have a 128 browser, can't be our fault; case closed.) Could you image Amazon or Newegg taking a similar response?

The reality is that it IS happening, regardless of anything else. Absolute conclusions have been made by many of the 80+ respondents here that it INDEED was a direct result of their Rakuten order(s).

All customer orders at Rakuten are not having their credit card accounts compromised, only a group of them. And if this group of 80+ SlickDeal users represent only 1 out of 20 orders at Rakuten, that tells me that (at least) 1,600 credit card accounts have been compromised. Most will simply respond by disputing those strange charges.

Although only a few orders out of the vast quantity of orders that get processed by Rakuten each day have had stolen credit card account details (1,600+), the fraudulent attackers are very professional. They've used the credit card accounts for generating credit reports, for searching identity databases, etc.

Quote from Argantes View Post :
Somehow their 128 bit encryption is being intercepted before it is encrypted or its not being encrypted at all on some level, or they are able to make purchases using stored info somehow.

I believe some people have not been affected because of chance. It may be a handful of order processing personal that are doing this and you have just been lucky.
Reply Helpful Comment? 0 0
#119
Thankfully, read this thread. Several months ago, my AMEX was compromised (ticket to Mumbai). Was detected by company's fraud department thankfully. Checked my Quicken and noticed I made purchase at Rakuten several weeks before. Is stuff like this reportable to BBB or at least can we point them to this thread?
Reply Helpful Comment? 0 0

Sign up for a Slickdeals account to remove this ad.

Joined Apr 2006
L5: Journeyman
756 Posts
218 Reputation
Original Poster
#120
Quote from "Will" (Apr 22, 2013 at 10:13 pm) from: http://www.the-digital-reader.com...ZJ6sxHn81I
"Also had my CC stolen after using Rakuten. Rakuten employees asked me to fax my driver license and credit card prior to charging the item. I felt that it’s not wise to fax the DL. Fortunately, I didn’t, otherwise all my info may have been stolen as well. I’m not sure if this asking DL online practice is legal or not. But really, Rakuten needs to investigate their employees."

Quote from "Kujira" (Apr. 29, 2013 @ 9:08p) at another deal site: "I have a bad experience with this store. 2 weeks ago, I placed an order for an external HDD. After the 2nd day I bought it, someone located in IN stolen $1085 from my credit card. I did not use my card at other stores during that period. There are some victims in this thread as well."
Reply Helpful Comment? 0 0
Page 8 of 61
6 7 8 9 10
Join the Conversation
Add a Comment
 
Copyright 1999 - 2016. Slickdeals, LLC. All Rights Reserved. Copyright / Infringement Policy  •  Privacy Policy  •  Terms of Service  •  Acceptable Use Policy (Rules)