May 29, 2017
Well, it was bound to happen. The statistics say that one out of four people you know will get cancer. No I don’t have cancer, but I’m not me anymore. I’ve been hacked. Again.
It all started on May 18th. At least, that’s when I became aware of it. Angie was just checked her into the hospital. I’d not come prepared and had only a few bucks cash on me, no toiletries and no clean clothes. No problem, I’ve got a couple of credit cards with me. Wrong!
My plan was to buy a few things to save me an hour plus trip home and back that night. Wrong!
At my first stop, my credit card was declined. My second cc was denied. I figure somethings up. At my next stop, I decided to call the cc companies to sort this out and move on. Wrong!
I only had a little cash on me and at my next stop, to get food, I decided to call the cc companies before ordering. My own version of distribution of wealth. I was parked in a lot outside Panda Express. It was warm and instead of sitting in the hot truck I got out to enjoy the cool breeze while I had a conversation with someone from the cc company that could help. Wrong!
What I got was a tele-screener-Indian-or-something-or-other representative of the cc company.
It seems that my cc account (here I refer to the singular but that is only for convenience of writing) has been blocked. I was asked my name, address, last 4 digits of my ss#, mother’s maiden name, what and when the last purchases were that were made to the account (who the hell remembers that?) and… . Nothing satisfied them that I was who I was claiming to be.
“Yes, thank you very much sir, I can help you with that, just if you give me your cell phone number I will text you a special ultra secrets code that will allow me to open your account without further pain, and solve your problem today sir.” Wrong!
See, the first thing a thief does when they steal your cc account is to change the address, phone number and security questions. You won’t get in. I didn’t get in. I haven’t gotten in. I’ll never get in.
OK, no problem. I’ll conserve my cash, go home for more cash and a couple of ultra secrete cc I keep in the drawer that I hardly ever use just for this presumed-never-to-occur event. Wrong!
I settled for McDonald’s. Say what you like, bad or good, about McDonald’s but its fast and relatively cheap. Think, the dollar menu and change in the ashtray.
But, I had to wait for that because I had hit the lock button on the truck before I closed it and left the keys in the ignition. No problem, just call a speedy, trusty locksmith to come open the door for me, like magic! Wrong! Locksmiths want a cc or cash to do their magic.
“Luckily” the tool box in the bed of the truck was unlocked and I had a crow bar in it. It is surprisingly easy to slip the end of the crow bar under the edge of the rear window and pop it. One of those windows that fold out about an inch out with a toggle handle. Those toggle handles that are made of ABS plastic. The same ABS plastic that the dash of most cars made since 1978 have used. Those dashes that are all cracked because the sunlight and heat affect the ABS chemical structure and cause it to become as brittle as a 3 day old taco shell that was overcooked to begin with. But, I got into the truck and the St. Joe police weren’t around to arrest me for breaking and entering.
I did make it home, got some cash, found 2 relative virgin cc and made it back to the hospital by about midnight. Did I mention that I’d had 4 hours sleep in the previous 48 hours?
As I told Jim, it was a really, really bad day.
And, it gets worse. The story gets worse not the day because the day was long over.
What happened was that my e-mail account that I’d had for about a thousand years was hacked. Microsoft decided that I was a spammer. Well, there is more to the story. Microsoft did block the account because of the fear of my being a spammer, but there is another issue. I had my phone set up to link to the e-mail account and I was getting notifications of attempted logins every few minutes on my phone. I set that up so I could know when I got e-mails, logical right? But, I was being notified every few minutes that a “login failed”. That meant that someone had set up a program to try to break the password of my e-mail account and hack into my e-mail account. I can only hope that Microsoft has better security in blocking that account than they do on anything else. To fix the nuisance of notifications every few minutes, I un-setup my phone to notify me that I had new e-mail for that e-mail account. I just deleted/removed/nuked the program that linked my phone to igfiddles@hotmail.com. I no longer had a link to any e-mail account on my phone. That should do it. Wrong!
My phone, like a dying Zombie and the Eveready Easter Bunny, just keeps on notifying me that someone is testing a new password on my old e-mail account.
So then I notice that my phone is acting strange. The battery accepts a charge, sometimes, but holds the charge for varying lengths of time. So, what, my dear Watson, does that mean? My phone from being plugged in on the wall charger it came with might last for 24 hours at the 90-95 % charged level or it might last for 20 minutes at the 34% charged level. There is no rhyme or reason for the varying levels of use of the battery. I thought it might be a dying battery but Angie and I got our phones at the same time and hers is acting fine. Like new in fact. I open my phone and I find new apps that I haven’t, I wouldn’t ever have installed, installed. I have notification tones that I have never heard and that I never installed cropping up. I find my apps on different pages than I last left them. I find new settings selected on the phone. I sure am glad I have a smart phone. Wrong!
Now let me give you a brief take on my opinion of cc security. At least it wasn’t a debit card. Why? Read the fine print. With a debit card, if stolen (in fact or by just getting access) the thief has access to every penny in that account and there is no protection. You loose. With a cc, you are financially responsible for only the first $50. Period. Now, granted, the loses the cc company incurs are rolled in to the cost of doing business and yes we all pay in the end, But the loss is spread over millions of customers and not just taken out of our bank account. Another kicker is that businesses that accept cc mark up their products to pay for the convenience of using a cc. Those costs are not the same for debit cards, but businesses still charge debit card and cash customers for the surcharge of using a cc. We’re like fish on a hook. Helpless.
So I called one of the cc companies. I go through the same rigmarole in attempting to identify myself as me as I did on the 18th. I had received a letter from the cc company notifying me that on May 11 (received in the mail on May 24) that my address of record had been changed to somewhere in Brooklyn, NY. So, the cc company would not recognize me as the owner of the account or my address as the address of the account. But the same cc company saw fit to mail a letter to me (the non-owner of the account) at the address that they did not recognize as existing to notify me (the non-owner that didn’t own the account) that it’s address of record had changed. You see why I get confused at times?
Believe me, I tried to argue logic and common sense. I tried to point out that for every minute that they argued that I couldn’t access the account and that I couldn’t close the account they were incurring a very large amount of debt. I will not be responsible for that debt, they will. I’ve argued with cats with more success.
To establish my bona fide, I must send photocopies of my driver’s license (to establish my address), a copy of my ss card or a pay stub showing my ss# and name (to prove my existence in the Social Security System) and a copy of a utility bill with my name and address (to link my address with my name) to them by USPS. Then, if they decide to accept my bona fide, they will give me access to the account and correct all the wrong-doings. Wrong!
The cc company is asking me to send them physical evidence that would allow anyone possessing said physical evidence to steal my identity by one of the most financially fragile companies in the world over which there is no control by me or them and which will take another 5-7 days to deliver if I elect to not use return receipt signature required mail. Wrong!
It’s not over. It has just begun. Angie just rolls her eyes. But, let me continue.
I had used igfiddles@hotmail.com as a mini-cloud. If I was at work and typed a Weary or collected interesting links to here or there, I would put it into a notepad document and attach that to an e-mail to myself. I could then access that from anywhere using my or their computer or cell phone. I had about 500 contacts in my contact list. All lost to the world unless this hacker gains access to Microsoft’s blocked e-mail account that used to be igfiddles@hotmail.com. A rhetorical question for you. What company’s software is the most successfully hacked in the world?
Almost every state and federal agency, state and federal society, association, licensing bureau, company, institution, etc is linked to me by the characters “igfiddles@hotmail.com”. Every website I visit on any kind of regular basis, everyone I’ve had Internet contact with for the past umptine years is linked to me by the same. There is no way in hell that I can round up half of those. I have trouble remembering my name on some days, much less what store I opened an account at back in 2004.
I’m sorry, I took off on a tangent rant. Well, this whole post is a rant but I was going to give you a take on cc security.
I am not a conspiracy theorist. A conspiracy requires 2 people to agree and that is impossible, IMHO. And experience.
But consider this. Identity theft is a nonentity. It is a made up liberal witch hunt by cc companies, not necessarily in collusion.
Follow the money!
Who gains if there is a National panic attack about cc identity theft? A lot of companies, not the least of which is the cc companies. Life-Lock and all the follow-ons. Companies that eventually collect on the fraudulent charges made to an account. Police and other law enforcement agencies that investigate the crimes allowing them to swell their budget and staff. Businesses, books, software and the like that must be used to “prevent or recover” from these crimes. The list goes on and on. A cc company is able to reissue a cc to everyone that takes their stolen identity concerns to an appropriate level. That is a lot of credit card accounts and a lot of people using their cc to purchase new items with their now safe new cc. There is no loss to the cc company for all this theft. It is a mirror of insurance companies. Losses are diluted to the customers in such a way that the customer never notices the increase in their fees and interest. This is a basic principal of financial warfare. Like taxes. If one has to pay income taxes out of pocket as opposed to payroll deduction, they are much more likely to be aware of how much they are paying and object. If one pays off a long term loan up front they suddenly realize how much they really paid for that house/car/refrigerator than if they make monthly loan interest payments over the life of the loan.
Then I took notice of a letter I had received a while back. Something about the letter caught my attention and I put it aside to look at later. Later has come and I read it. It was one of those innocuous style that look like/are mass mailings from your investment broker or someone. It has bar-codes and scan images (officially called QR codes (for Quick Response), Mobile Tags, and 2-D Bar Codes) and the signature is printed not signed. You know the letters that most of us don’t read but just throw away. Wrong!
This letter was from someone called IHG. I’d never heard of them. It seems that they own and operate hotels and resorts like, but not limited to, Holiday Inn Express. And the gist of the letter was that during the months of September through December of 2016, a hacker put malware into their software system. I quote the letter, “the investigation identified …operation of malware designed to access payment card data from cards used onsite at the front desk… . The malware searched for tract data (which sometimes has cardholder name in addition to card number, expiration date, and internal verification code) read from the magnetic stripe of a payment card as it was being routed through the hotel server. There is no indication that other guest information was affected.” Wrong!
I am here to tell you that other information was obtained. It might not have been through the same malware, but it was the same place and event. These crooks hijacked a lot of goodies. Like cc account information and e-mail account information and probably a lot of other stuff.
And, I am now aware that our cc companies put all the information needed to steal a cc account in digital form on the magnetic stripe on the back of the very same card (or in the RFID chip, now commonly used). It is part of their attempt to protect us from identity theft. Wrong!
I am not a prepper.
I am not a conspiracy theorist.
I am not a moon beam.
I am a recluse and I am a curmudgeon.
No phones except a prepaid phone but without GPS, text, video, e-mail, facebook…
https://www.walmart.com/cp/No-Contract-Phones-Plans/1072335
No credit cards except a prepaid credit/debit card for things for which cash isn’t convenient or possible. On-line purchases, car rental and the like.
http://www.consumerreports.org/cro/prepaid-cards/buying-guide
Cash for most daily expenses.
https://en.wikipedia.org/wiki/United_States_Department_of_the_Treasury
No mass e-mailings. Look for a blog that requires you to take action if you want to hear from grumpy.
https://en.wikipedia.org/wiki/Blog
Always wear a hat.
https://en.wikipedia.org/wiki/Tin_foil_hat
http://www.alcoa.com/global/en/home.asp
From your grumpy Uncle/Brother Dave.
Fool me once, shame on you; fool me twice, shame on me.
A fool at 40 is a fool forever.
A fool and his money are soon parted.