**** Extreme Caution With Barnfloor.com **** - RC-Monster Forums

Arct1k · **** Extreme Caution With Barnfloor.com **** - 03.18.2008, 08:01 PM

12 months ago I was hit with CC fraud...

I just got a call from a guy today - fellow RC'er that found my old CC details, name and address online.

He had fraud two weeks ago - The common link appears to be Barnfloor.com

It may not be them but be very careful - Details are being sent to authorities...

Arct1k · 03.18.2008, 08:26 PM

Anyone know a policeman in Reading MS?

glassdoctor · 03.18.2008, 10:03 PM

You know what?... I need to check this out. I had cc fraud a few months ago too, and I ordered from them once last summer. If it looks like the timeframes match, I'll pass along the info to the cc fraud dept.

Arct1k · 03.18.2008, 10:24 PM

If you let me have your real name / location i can check the file to see if you are listed. pm me

gogglespaesano · 03.18.2008, 10:37 PM

Here's a link to the fbi's internet fraud division. They have a lot of information on pursuing and reporting this type of stuff.

http://www.fbi.gov/majcases/fraud/internetschemes.htm

JERRY2KONE · **Info -** 03.19.2008, 03:20 AM

Just as a note of interest I had something similar last year with CC fraud. I can tell you that none of the police municipalities have the manpower to help with fraud unless it is a large amount of money that is involved. For instance I had approx $5000 worth of charges made on our Visa in one day. Luckily we caught it just in time and stopped the charges. We still ended up losing a couple of Hundred dollars.

When we went to the Sherrifs Department and the local city police Department (San Francisco) they were not at all interested due to the shear volume of fraud cases. There was a woman at the desk who had been working with a company to book a wedding party adventrue in Hawaii for like $40,000. and lost it all

. Even then they just do not have the resources to deal with internet or CC fraud. The FBI will not do much either unless it is a substancial amount of actual cash losses involved. This sort of thing is so huge that the law enforcement iagencies are struggling to figure out how to really deal with it. The only people who are equipt to handle it are those companies who have their own investigating forensics in place. We work with federal agents in our employment and they do have people trained to do such stuff, but nowhere near enough to deal with a worldwide problem of petty losses every single day. Good luck with that.

sikeston34m · 03.19.2008, 08:10 AM

Several years ago, when I first got on Ebay, I was tricked into giving up my information with one of those fraud emails. The email had a link in it that took me to a place that looked just like Ebay.

The crooks had used the same html code to build this place as Ebay did, so no wonder it looked the same.

Once they got my information, they locked me out of my own Ebay account. Then they flooded my email box with Virus's knowing that Ebay had sent a "password change confirmation" email along with the originating IP address of the password change.

Well the guy did NOT crash my system, so I had his IP. I traced him to his service provider (Va. Account). At this point, all I needed was a court order to give up his personal contact information and charges could be filed.

I was envisioning the Police showing up at this guy's house to seize his computer and discover the total illegal activities that he had been up to.

Armed with this information and having done the "leg work" to solve the crime, I went to the County Courthouse to report all of this and submit the information.

This County has ONE person assigned to internet crimes. NOTHING was EVER DONE!

I got my account back from Ebay and did not suffer any losses.

Internet Security has improved some since then, but never assume security when dealing with accounts and the information about them.

I NEVER release CC information over the internet. Reason being, the website that you are purchasing from may be 100% secure. But the information that you enter is stored on YOUR computer. If you are hacked later, via program backdoor, trojan, etc., this information THEN falls into the wrong hands.

My advice is, if you see something online that you want to purchase with a CC, pick up the phone and speak with a real person. It could mean the difference between a good experience in purchasing, and identity theft.

03.19.2008, 10:17 AM

My sister had CC fraud just a few weeks ago, they whipped out 3 or so grand all on online stores in France... They still cant figure out how they got the CC info, but the bank got all her money back thankfully

Paypal is the only way to pay online, im 14 and I have my PP account tied into my dads, and thats the only way he will let me buy crap online

legobrains · 03.19.2008, 10:36 AM

Never follow a link from an e-mail to go login to something, always go to the site yourself by typing it in the URL.

That helps a little bit.

Arct1k · 03.19.2008, 11:25 AM

Sometimes there is nothing you can do - If a merchant has SSL and is reputable you have to hope for the best. The barnfloor is where the RCM bash is held each year and is reputable.

I'm not sure if this is where the leak came from - it is a common link though atm.

Arct1k · 12:33 PM

From the barnfloor...

Hi Chris,

We have contacted and spoke with our web hosting service provider. You are correct in that they have confirmed that a few of our customers' information has been leaked from their servers. So thank you very much for contacting us before this problem had happened to more of our customers. This is a very unfortunate situation and I am deeply sorry for the inconvenience and trouble caused as you should not have to deal with this type of problem.

They have their site administrators looking into the problem as we speak. We were assured by our host that all secure information is strictly confidential and unreadable by any 3rd parties. We now have decided to take more drastic measures of security into our own hands. We have since kept our programmers up all night encrypting all sensitive customer info stored on our site for past orders and future orders made, which is now complete. This makes all sensitive information scrambled and unreadable to any 3rd party.

The problem is now resolved as our encryption methods are now in place.

Again, we deeply apologize for this intrusion of your privacy.

Kind Regards,
Chris
The Barn Floor
Dirt Cheap RC

What's_nitro? · 03.19.2008, 02:06 PM

So, they're saying that the information was NOT encrypted before??? That's really stupid.

johnrobholmes · 03.19.2008, 02:16 PM

I chose to go through paypal for my CC processing so that paypal would deal with encryption and ssl certificates. There are so many ways to grab info online now. Even WEP secure networks are hackable within a few seconds with proper software. TJ-(ma)X had hundreds of thousands of customer ID's stolen because they used WEP encryption on the networks that connected their systems- which tied direct to cooperate.

Rcaddict · 03.19.2008, 06:37 PM

A couple of things you can do to help prevent cc fraud is to have only one credit card that you use to buy things online with and have as small of a limit as you think you can get away with. Also, destroy the card every six months or every year and get a new card/number issued.

aqwut · 03.19.2008, 06:42 PM

I'm not worried about C.C. Fraud.. I just make sure my Credit Cards are maxxed out... I always use PayPal.... they covered my butt a few times already...