Posted on 09/25/2025 7:46:35 PM PDT by exDemMom
Well, I feel obliged to post this here because I have now been the victim of fraud three (possibly four) times in the last month.
The first and second incidents took place in Dallas at the end of August. I did not know until I looked at my bank statement that my debit card had been used at a Dallas area restaurant. My husband's debit card had been used at a different Dallas area restaurant. We live in San Antonio, so it's not like we were in the Dallas area and forgot that we stopped for bites to eat. My husband has never used his debit card, and I only use mine at grocery stores. Our bank refunded the fraudulent charges and issued us new debit cards.
The third incident of fraud involves someone trying to use my phone number to sign up for California LifeLine four days ago. I had never heard of this entity, but when I looked it up, I found that it is a CA state program to supply phone service to people who can't afford it. I found out about this because I received one of those access codes that you get whenever you try to sign in to an account. I sent an email to report the fraud, but they told me I have to call to discuss the issue. I will call tomorrow.
The fourth and last incident happened tonight. For some reason, I was looking at my email trash and saw two emails from Walmart there. They never came into the inbox, but went directly to trash. Apparently, I had ordered something, and then Walmart cancelled the order within a minute. This is strange, as I have not ordered from Walmart in over a year. So I went to open up my Walmart account and could not because my password was wrong. Then I used the change password option and was able to get into the account. It showed five street addresses that are not mine. It showed the last four digits of a phone number that is not mine. I immediately contacted Walmart and talked to their representative in India, who closed the account for me and gave me a lot of advice on avoiding fraud. I told him that I do all that, but somehow still was the victim of fraud. He said that I should be able to open a new account with the same email address and correct phone number.
A few months ago, I received notice through my antivirus program that my email is out on the dark web. I checked and found that there were hundreds of unsuccessful attempts to access my email. Maybe that's related?
A little off topic, but I would suggest that you freeze all three of your credit reports so no one can open accounts using your identity.
https://www.experian.com/blogs/ask-experian/credit-education/preventing-fraud/security-freeze/
It’s the same thing LifeLock does for $30 a month.
Also, you should use a password manager so you never type in a password. Keyloggers that record your keystrokes and forward them to bad guys are one of the most common ways of getting access to your online accounts.
I just pay cash for most everything. No problems here.
You are so special! Does the world know how special you are?
Don’t use a debit card for purchases; it’s a direct gateway to all of your accounts, and you could be financially wiped out. Use a debit card ONLY when you withdraw cash at a bank’s office, with a teller.
Use a simple credit card, which doesn’t allow access to your checking and saving and investment accounts.
My Wells Fargo CC has been hacked 5x since I got it in 2018, and the bank/ CC company have refuted all the charges and credited my account, plus issued a new card each time. It’s been almost 18mos since last hack, and with all financial usernames/passwords changed, so far, so good.
Find out if you had passwords identified here:
Put in your various email addresses. Do note if you reuse passwords, criminals will simply use your email address and breached password against other websites, hoping you reused that password, there.
It is also possible your debit card was skimmed. Only use the chip inserted into a reader and a PIN. Otherwise, consider something like Apple Wallet to hold a debit card. If you swipe a debit card, you could be feeding a skimmer tool. No point of sale should allow a card slide to be required. Don't use a debit card if they only let you slide it.
For credit cards, always try to use Apple Wallet with Apple Pay. It is the most safe method.
How’s your mattress full of cash doing these days?
The only time I have been compromised was using a debit card to take money out of a atm. That set off an adventure of my account being target and numbers sold off. Never, ever use your debit card.
Be careful about using “free” wifi. Bad guys can get you that way, too.
> Don’t use a debit card for purchases <
I agree. My bank forces me to have one. So I set its limit at one dollar.
> Use a simple credit card, which doesn’t allow access to your checking and saving and investment accounts. <
Also good advice.
Agree. We don’t use debit cards for much. Maybe more than we should even then
So sorry for your troubles.
I’m no expert, so I can only give a few rudimentary items and suggestions.
There have been many major events in recent years in which millions of accounts of various kinds have been hacked. One of the biggest that I remember was more than a decade ago when Chinese figures hacked into government computers and stole the data of millions of government employees.
Although your email being on the dark web is not a good thing, it may not be as unusual as you think. It wouldn’t surprise me if half of the American public unknowingly are in the same boat.
Change passwords on all significant accounts. Use different passwords for each account. Enable your bank accounts to notify you if there are unusual purchases. Some banks allow you to limit a geographic area in which your cards can be used. Use a credit card instead of a debit card for out of the ordinary purchases.
Others probably can give you better information. I hope that you have no further problems in the near future.
I carry very little cash. Carrying cash makes me nervous.
If you use a VPN they only intercept encrypted packets.
Use secure passwords and long pin #’s and change them often. Use ‘tap’ to pay and avoid ever putting your pin# in to any ATM’s or POS terminals (The ATM’s at your bank are usually safe though) but now even most bank ATM’s have ‘tap’ to enter too, so always use that instead of entering a pin#. Remember, they can get all the info on your card but without the pin# they’re out of luck, so guard your pin like you would your wallet.
There’s more but those things right there will keep your card very secure.
Thank you for that advice! I have frozen my Transunion credit, but I should probably do the others, as well.
I keep my passwords in a spreadsheet and in password managers. If I copy/paste a password, I don’t think a keylogger can see it?
I try to make passwords as random as possible, except for avoiding O, 0, I, l that look alike in some fonts. I’m going to change some passwords now that I’ve had this fraud problem.
One of the things I have done is buying prepaid cards at sources I trust.
So I pickup $200 visa card or master card, pay an activation fee of $7.95, then use it at many locations, my credit union cards are never put at risk. Now that doesn’t mean they can’t hack your card by some other means but it reduces that likelihood. The couple times I’ve had my card hacked the fraud alert people picked up on it right away. But at places like point of sale like for gas or food, I use those cards so the most someone can steal from me is the amount on that card, and usually I’ve used it so it is rarely face value that they can get.
FWIW.
Thanks for that advice. I will check and see if Chase allows me to restrict use of my account to the San Antonio area.
It used to be that some credit cards would automatically alert you of fraud if they were used outside of your local area, but they aren’t doing that any more.
I will change my email password again. I think I changed it after I found out about the email being on the dark web, but now that someone used it to hack my Walmart account, I should change it again.
You are safe from a keylogger, but if you keep passwords in a spreadsheet and somebody gets access to your computer, they have them.
Password managers are password protected themselves, so the are much safer than a spreadsheet.
Starting the in the last 2 days, I have been getting multiple “system-generated notification sent by Gmail’s mail server when an email you attempted to send could not be delivered to its intended recipient” from (supposedly) mailer-daemon@googlemail.com.
All of my mail from all of my accounts are forwarded to my private Protonmail accounts... I haven’t used google-mail in years.
This appears to be another type of spoofing/phishing, and you should NOT click on anything contained (or even open) those mails, as they can then get your personal information.
(I now have my email filter to send all of these straight to my spam folder.)
I am not saying this happened to you, but it is a possibility, and is now, always, a future possibility that everyone needs to be aware of.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.