I have a bank account I only use for diy supply's and two months ago I was hit with some fraud charges. Now this week it was hit again. I have only ordered from 4 vendors since I received the new card. I'm not going to disclose who I ordered from because I have no idea how/who is leaking my card info. Just wondering if anyone else has had this issue in the last several months?
https://gitlab.com/gwillem/public-snippets/snippets/28813
6000 known compromised websites. A couple vape websites on there. Article about the hacks
Thanks a lot for this, i've searched for "ecig" "vap" and "flav" through it and relevant vaping sites are (probably not complete list) :
- a1vapors.com
- cloudvapour.co.uk
- dfwvapor.com
- electronicecigstore.co.uk
- ecigaffiliate.com
- ecigarettelobby.com
- planet-vapes.com
- mambaecigstore.co.uk
- myvapors.com
- vapedevil.co.uk
- vapejuicecatalog.com
- vapeonline.ca
- vapersjuice.com
- vapingdiscounters.com
- vapourtastic.co.uk
- flavorwest.com
edit : site added
A: This is why you should always use a credit card when shopping online; your protection is much stronger and unauthorized charges will never affect your personal or business cashflow.
B: I personally setup a secure message and text message from my bank (Chase) any time my credit card is used so that if an unauthorized charge is made I will be able to report it immediately.
Same happened to me! I think we need to disclose which vendors we've ordered from so we can try to figure out who it is and inform them
The vendors are: bullcity, heartland, TFA, and ecig.com
> ecig.
As in EcigExpress? Sorry just signed up to this sub and am not sure if that's a common term referring to them. Also, I am concerned because I just ordered my first set of DIY supplies from them last night. :/
Do you have these sites save your CC info? I've used 3 of the 4 you've listed and thankfully haven't had this happen. But I type my info every time. Just wondering if this might be a way for others to avoid any problems.
Hey, Goldie. I'm sorry to hear it happened to you, too. In my case, it happened twice at exactly the same time frames as OP's, and I can narrow it down to either ATF, BCF, ECX, or Reddit (buying gold). Heartland Vapes was also suspect the first time, but I haven't been back there since my card was replaced.
It's not a huge deal since I got a new card and the money refunded. In the last two months I've ordered from ECX, Heartland, select vape, and lightning vapes. No idea if one of those vendors are compromised, but it's a real possibility since there are quite a few of us with fraud issues :(
Could it be ECX?
Yes, my bank is a good one and they were very quick to refund my account and replace my card. They also let me know that if there were any overdraft charges caused by the theft, they'd refund those as well. Not everyone has such helpful banks though, this shit could have serious consequences for some people.
It sounds like ECX since that's the one place we've both shopped. I hope not, because I'm totally going to shop there again on payday and cross my fingers that it doesn't happen again. Great prices, fast shipping, friendly service, nice selection, JF and FE flavors. I've gone from being a devoted BCV/F customer to falling in love with ECX lately. I would hate to see them lose any business over this, I think I'll go let them know right now that they should take a look at their security.
It wouldn't surprise me. My card got hit there a year or two ago, and it was the only place I'd shopped online. They tried to tell me it couldn't have been them because they had just upgraded their security and don't keep any CC information, but dozens of other people got hit at the same time and the only common denominator was their site.
They were scraping the CC information directly from the form fields when the purchaser hit 'submit' rather than intercepting it in transit or hacking the CC processing system, and the changes to their security wouldn't have touched that part as all the security improvements were all on the CC payment processing side.
That, along with sending me the wrong item and making me pay shipping to send it back and get the one I'd actually ordered, made me never go to their site or order anything from them ever again.
My debit card number has been stolen 4 or 5 times this year. All of the fraudulent charges were online, several to the Microsoft Store. Sadly the banks retreive the money from the merchant and no real investigations have been done. That lead me to compare all of my transactions to each time they were compromised. I had only shopped online at one vendor within 2 months of each occurance. Every time I bought from cloudscape vape (csvape.com), within 4 days I had fraudulent charges. It appears to be an issue with their payment processor, which many ecig vendors use. I emailed them and heard nothing back. Its upsetting. I always scored out their "deal of the day", their 120ml Cereal Milk were At most 45 bucks, but they had regular sales of 20% off juice and always free shipping no minimum. I only wish I could clone that one, its the only one I was still buying. Live and learn I guess.
It could just be some rotten employee that thinks they're getting away with it. Unless you report it they won't stop.
I wish there was a law where companies cant keep the debit/credit card on file. the businesses will probably take a hit but we need to protect consumers more i believe through these changing times where its getting easier for people to be scammed. I dont know the specifics but fuck literally almost everyone i know has gotten scammed somehow
I got hit the day after ordering from ECX late last year.
That sucks hard ! What's the amount of the fraud compared to your orders ? I understand you don't want to disclose but it's also a good way to encourage shops to do something about it instead of just ignoring it
They get right to work on draining the account until the card is shut down. Results may vary.
What ? Really ? Ok i know what i'll do this week-end then, checking my accounts ! Thanks for the info !
Is it possible to know how is the fake order labeled from you and others ?
It wasn't a 'fake order'. It was fraudulent charges brought about by CC info falling into the wrong hands. I had all kinds of wonderful charges from Uber in CA and Dunkin Donuts in NY mere hours apart. The most hilarious was a $42.50 charge for Taco Bell...who eats that much Taco Bell?!
Wow we need more information . It's not like it's a rumour you have been scammed and I would love to know the company's so I can avoid them until things are fixed. I am a father with not alot of income if they take my money and I cannot pay the rent and the bank is himhauling on the credit to my account I will be homeless. Of course this is worse case scenario but rather be safe than sorry. Thanks in advance can pm me
Upvoted for posterity. This is information that consumers as well as businesses need to be made aware of to ensure it gets resolved quickly. OP, I hope you've done more than post to reddit about this.
I wasn't sure if it was a site I ordered from for diy until this last time I was hit. Now I know for sure it's one of the four. I found out late last night. Heading to the bank to dispute the charges after work and then writing an email to all four explaining my situation.
I'd like that my bank has a future in its app that allows me to turn my card on and off ever since I started using it I haven't had any problems
That's actually super cool. I would love this. One thing though. I have pretty much all my bills on auto pay. Would I be able to add exceptions for things?
Even though I don't have auto pay for any of my bills there is a way to make an exception I remember seeing I don't trust companies automatically taking money out of my account each month so I pay my bills individually
I had my card compromised twice as well. After calling my bank I'm 99% certain of which vendor it was considering where the charges were and the location of the vendor, I emailed the vendor explaining to them what was going on and they told me "it wasn't us". Without definite proof I won't disclose the name either, just stopped using them even tho they are highly recommended. This was about a month and a half ago.
I had the same credit card number for over 20 years and ordered online with it all the time without a single problem. Since I started vaping (and expanded my online shopping to vape gear and juices) I've had it hacked twice already in the past couple of years. No idea what the source was. Most likely an online vendor had their order database hacked and probably had no idea it occurred.
Can anyone suggest a good card to use for online purchases? I was thinking about using a PayPal Card.
Anecdotal, but I've been buying all of our DIY supplies with a Paypal debit card and haven't seen any fraudulent transactions yet (we mainly buy from Bull City, with the occasional ECX purchase here and there). Definitely keeping my eye on our Paypal even harder after reading this thread though.
I just had this issue. But at the same time I don't only order DIY stuff with this account and I have a friend who doesn't DIY that had the same thing happen.
Part of it is fraud has been increasing pretty much every year in the last few years, and it's always worse in the last few month of the years as the holidays come around.
I just had about 1200 worth of charges hit may amex that weren't mine. Easily resolved. But not really sure what site I used it on that may have caused it.
I used it once with BCV back in april. I mostly use a different card with them, and there was some fraud stuff on that card a couple of months back. So it's possible.
The state of the vaping market has been pretty discouraging as of late. Didn't want to deal with shady tabacco stores and the 9 out of 10 pompous assholes at the local Vape shops. So I start buying online and mixing. Now I've gotta worry about all the problems with companys who do the same things. Unfortunately ecigexpress really hasn't been taking customer concerns legitamely, on variety of types of issues. Guess no more JF flavorings for this guy : /
Just combed through my debit card statements from the last 3 months, sure enough there was an $80 withdrawal from an ATM in a state I've never been to back in early August. Thankfully the card doesn't allow transferring funds at an ATM or they probably would've gotten more, the fucking leeches. My bank is usually obnoxiously vigilant when it comes to suspicious activity so I've fallen out of the habit of checking this stuff, if it wasn't for this thread I probably never would've caught the charge so thanks for the heads up.
Only companies I use that have been mentioned in this thread are BCV, ECX & Ecig.com, but only the BCV & ECX purchases predate the fraudulent withdrawal so I'm going to assume one or both of them are the problem. Sucks because they're my go-to flavor sources :/
Mine was just hit recently. My primary debit card that is linked to my primary account. The assholes did a balance check on my account at an ATM in NY before withdrawing everything they could. My bank didn't even catch it. I only saw it because I was balancing my budget.
I ordered from BCV and ECX on the 22nd. I've ordered from BCV with no issues in the past, but this was my first ECX order.
Point to remember is that these vape suppliers are looking at a 24 month time horizon b4 the FDA puts them under. So they will prolly NOT be putting any large sums into beefed up security. So we all need to be super careful about who we are buying from.
Authorize.net, one of the largest credit card processing companies in the United States, experienced an issue on October 17th and 18th that caused a subset of transactions to be settled again, resulting in some duplicate transactions.
We have worked with Authorize.net to identify duplicate transactions, and they are in the process of issuing refunds. If you would like to check for updates, please contact Authorize.net directly at 1-877-447-3938. There is an automated message on the greeting with updates to this issue.
We apologize for any inconvenience this has caused. To my knowledge, it effected millions.