If your credit card was charged $9.84, your information may have been stolen

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://myfox8.com/2014/01/28/if-your-credit-card-was-charged-9-84-your-information-may-have-been-stolen/

If you have noticed a charged of $9.84 on your credit card from an unknown
company, your credit card number and information may have been stolen by
scammers, according to the Better Business Bureau.

According to the warning, scammers are charging stolen credit card numbers
the small amount of money, hoping victims won't notice the relatively small
and "normal" charge on their bill. They are also hoping credit card
companies won't investigate the small amount of money.

At this point, the BBB is not directly connecting the scam to the security
breach of 100 million Target customers.

Here's how the scam works (from the BBB):

"You spot a recent strange charge of $9.84 on your credit card statement.
The source listed on your bill is an unfamiliar website. You check out the
web address, and it's not the business website. It's a generic landing page
that claims to offer "Customer Support." The text promises to "refund 100%
of your last payment" and provides a phone number and email address.

"What's going on here? Scammers are charging stolen credit card numbers for
a small amount of money.  (Recent victims were all charged $9.84, but
scammers may change that amount as word gets out.) The expectation is that
many cardholders won't notice the relatively small charge, and the credit
card companies won't go after such a minor sum.

"Victims report calling the "customer support" site and receiving verbal
confirmation that the charge would be canceled.  However, don't take the
scammers at their word. Contact your bank to report the charges and request
a new credit card. Your card card information has been compromised, and
it's likely scammers will be back for more."

Brian Krebs first wrote about the $9.84 scam on his blog and said he first
heard about it when customers were wondering if their information had been
stolen as a result of the Target breach.

"One reader said the $9.84 charge on her card  came with a notation stating
the site responsible was eetsac.com. I soon discovered that there are
dozens of sites complaining about similar charges from
similarly-constructed domains; for example, this 30-page thread at Amazon's
customer help forums includes gripes from hundreds of people taken by this
scam," Brian wrote on his blog.

The Better Business Bureau says credit card customers should monitor all
activity on their credit card statement to make sure their information and
credit card number is safe.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!