I got $5,000 Scammed Last Night - Problems with the Modern Banking System by Charlie Shrem
EDIT: Total stolen was $7200. Foot Locker alone was $2400
Last night I'm out with family eating dinner and I go to charge my debit card. It got declined.
Like many of you, I work in Bitcoin and crypto currency. I get paid in Bitcoin as well for many projects. I keep the funds in various cold/hot wallets and I use a BitPay Debit Card for my day to day bills. My accountant actually prefers this because it makes calculating taxes easier.
So my card was declined and when I logged into my BitPay account, I saw someone spent $5,000 I had on the card
I'm in Pennsylvania, so my first reaction was that my card was skimmed along the way and created a clone card. I looked at the statement and looks like the scammer did a quick run at a shopping mall in San Francisco, CA.
I immediately called BitPay Card Services and they were closed. This really pissed me off because I could have potentially stopped the charges. When I spoke to a gentleman at Foot Locker, he said if I had called the day-of he could have voided the charges.
I said to him:
Hey, I don't mean to offend you, but if someone walks in and spends $1500 in your store in multiple transactions. Don't you think you should ask him for ID?
He hung up on me.
Someone just bought the whole city new shoes on my dime.
(Update- Total spent at Foot Locker was $2400, not $1500)
I spoke to card services today and they advised me to make a dispute. However they said I have to wait until the stores actually charge my card, since its in pre authorization.
Wait, I need to wait for the stores to actually charge me to dispute it? If its not charged yet, can you just cancel the charges?
No sir.
Awesome.
Take away:
- I'm not blaming BitPay. I absolutely love this card and I plan on keep using it, but 24/7 customer service should be standard.
- This is a non-chip card. I wish their issuing bank "Metropolitan Commercial Bank" would issue chip-pin cards like the rest of the world. If you are using a non-chip card, I recommend you get a new card every 30 days.
- Set up a flag that if your card is used more than 3 times in 1 day, it should freeze the card.
Every time you use your card or a check, your payment information is on the card or the check, anyone can use those details to drain your account.
Bitcoin transactions are push transactions, everything else in the world is a pull transaction. When you swipe your card or write a check, the receiver has complete access to your funds.
Now, I am covered by Visa's "Zero Liability Policy" however I have to file a dispute and wait 60 days for my money back.
We need more merchants accepting Bitcoin and cryptocurrency.
Steem Dollars would be perfect. Transactions are instant and removes volatility.
Let's make it happen.
Charlie
I love this, and I love how this is the highest voted comment
This plus the Screenshot made me laugh so hard - I feel bad now :(
Hope you get your money back and thank you for sharing the story!
I should get it back, but its just the hassle of waiting and the budgeting for the rest of the month. Thank you!
I think the worst part would be knowing they wasted it all on some damn child slave made Nikes.
Exactly! They could have bought a boat l0ad 0f Steem(Sp.) and could have made future m0ney;) Now they have to steal again with the risk 0f getting caught;(
I have no idea how someone at footlocker could stand there and let the scammer walk away with dozens of shoes, like who needs dozens of fucking shoes?
That's what pissed me off. The human component could have prevented this
damn @charlieshrem - that sucks!
Scammers are everywhere!
Exactly my thoughts!! How insane!
"gifts"
This also happened to me at tax time last year, My bank account was drained in one day by someone in the UK. I know the source of the hack was from a Battery sales website. My Bank eventually flagged the charges after 700 dollar charges in the UK, I also had to wait 30 days for the money to be refunded and it was really disruptive in getting my bills paid that month.
Thats the worst part of it. The waiting and having to deal with this. I'd gladly pay $100 for some expedited service.
I know it can't help with a Bitcoin-linked card, but this is a big advantage of credit cards over debit or prepaid cards. With a credit card you can dispute and refuse to pay, meaning you still have your money. With a debit or prepaid type card you don't have "your" money until the bank feels like giving it back to you.
True story. A cool idea is a secured credit card, secured by Bitcoin or a credit card that its bills can be paid in Bitcoin.
The problem is this requires a bank to exercise credit powers. But it would be handy.
It would be cool if there was some way to invalidate crypto transactions using a premade revocation that generates after each transaction, that cancels the transaction and specifies a backup address.
Wow, very unfortunate, so sorry for you!
Crazy how stuff like this happens sometimes.
I hope you can get your money back as quick as possible, and that the scammer can be tracked down as well.
Plus, you were totally right when calling Footlocker - they should ask to see an ID if someone tries to buy so many shoes with a credit card!
Hope everything turns out well for you.
JOKE :.. this is the kind of scam ex-cons learn on the inside and execute on the outside. Would be interesting the thief was charlies friend, but I don't think charlie would ever take such a risk after what he went thru before :)
Sorry you had to deal with this ordeal... Grrrr!!! Yet "Wow!" I love these words, at the end, in relation to the Steem... This is so good to read. Thanks for the thoughts. Namaste :)
Also of note -- the identical amounts appearing at the same time are usually an artifact of how the issuer processes authorizations... When these finally post i suspect the damage is only going to be about half.
Steem Dollars and BlockPay - We're workin as hard and fast as possible Charlie.
Let's make it happen! :)
F.ck yeah brother!
That sucks.
He might have had ID. Your name is on your card, however, the acquirer (the bank that your transaction gets sent to from the stores POS) doesnt check the name against it against the card issuer's records, they just check the account number with visa to make sure there is available credit.
So I could clone your card and print one up that says "Jason Poopybutthole" on front, with the name "jason poopybutthole" encoded on the magstripe, then make myself an ID that says "jason poopybutthole".
Or, i could just make myself an ID that says "Charlie Shrem". Even if they check ID's, how confident are you that some 6-dollar-an-hour footlocker goon is going to be able to spot even a bad fake.
And if i don't have a PVC printer to make an ID and a new card, i can just encode the mag strip onto a used visa gift card... the kind that doesnt have a name on it.
In reality, CNP cards aren't a ton more secure, and any security advantage they have over traditional cards is going to be gone as chip skimmers get as sophisticated as swipe skimmers are now.
What most likely happened to you is that you ran your card through a skimmer. Most likely place is a gas station. Second most likely place is an out of the way ATM machine. At this point, theyre nearly impossible to detect.
image below from krebs:
The skim probably happened a long time ago, and your data was just sold to someone in SF on a dumps website or DNM or something. You actually got really unlucky. Most credit card issuers will not allow POS purchases that far away from the CH address.