Trying figure out how this works. Bought some gas yesterday and afterwards the pump wouldn’t issue a receipt. Had to go into the store to get a receipt from the cashier. Today I get an email from Capital One asking if I made a charge in a fast food place 1000 miles away. Looks like someone made a dozen charges at fast food/casual restaurants today. Got the card cancelled but how does this work? Did they get my card number from the gas station? And why are they making purchases only for fast food?
This is an automatically-generated Wiki post for this new topic. Any member can edit this post and use it as a summary of the topic’s highlights.
The receipt probably has nothing to do with it. Happens all the time when the dispenser runs out of receipt paper.
The most likely scenario is the card reader on the gas dispenser had a skimmer on it. Read all about it here:
The fast food may have just been a quick validation test. They could have also used it at gas stations to buy gas or gift cards, etc. It’s also possible that small restaurant transactions don’t get red flagged by the card issuers as quickly.
Also possible the gas station transaction has nothing to do with it and your card number was just sold to/discovered by someone from a previous breach.
Unless you never use this card, and just used it at this gas station for the first time yesterday, there’s no telling when the scammers got your info.
For instance, I never use my Schwab ATM card except for ATM transactions out of the country. I went to Italy and used it at an ATM a couple times in September of 2015 - literally the only times I have ever used the card. In January of 2016, my account got drained fraudulently. The skimmer got my card info and likely sold it months later when the scammer used it at 3 ATMs scattered around Chicago. (Pretty smart to put a skimmer on a machine frequented by international tourists - keep an even sharper eye out when in tourist areas folks).
I have no idea what ATM I got skimmed at, but I know it happened in Sept 2015 in Italy only because that is the only time I used the card. If I had bought gas the day before it got drained and the receipt didn’t print out, I might think that had something to do with it, but that would have been false.
P.S. Schwab contacted me about the fraudulent charges before I discovered them and refunded all my money. A+ service from Schwab.
I don’t know about that. Only used the card twice that day. At a grocery store where the card reader is right by the cashier, and this gas station where the pump is 2 islands from the store on the other side. The dozen fraud charges happened soon after. Would make sense if a skimmer was at the gas pump, it might interfere with a receipt being generated.
My point was that it could have been from a skimmer or data breach months ago. If you didn’t discover a skimmer and use the card regularly, there’s no way to know.
Why would a crook wait months to use the card number, especially if the breach is all over the news and victims likely will cancel their cards soon?
Because scammers that do large breaches or professional skimmers like to put the card info up on the dark web for sale, often in batches, for a flat price per card (guaranteed money for them and less of a chance of getting caught). The crooks that steal the card info are often times not the crooks that use the cards. The crooks that use the cards are taking more of a risk, but better individual payoff when it works. There can be hours/days/months of lag time between when the info is stolen and when the stolen info is used.
Exactly. It’s the same reason why no current identity theft doesn’t mean your identity won’t be stolen as a result of the Equifax breach.
And to answer the “why” it may also be because its harder to track when the breach occurred. If scammers stole cards and immediately used them, investigators would only have to look at recent transactions which would make it much easier to track down the skimmer.