I know most have noticed in the negative reviews certain vendors being called out for credit card theft or fraud, or people complaining about their info being stolen after using a certain vendor. I myself have posted my concern.
We all get the same reply "I/we/they don't get access to your credit info". Or when someone questions the security of a vendor "you have a rootkit, your computer has been compromised by someone or something", the later usually coming from the fanboys.
Well it has happened again and again from a highly regarded vendor whom this has happened with many times to many people. Now they will not listen to me, nor anyone who has had this happen directly after making a purchase from their site, but instead give one of the excuses I stated above....
Now I myself expressed my concern, as well as my thoughts as to how this is happening and who is to be looked into for the breach of security. But I was assured they were secure after all how do the get those nifty security jpegs to display as your shield of safety? But I took it upon myself and at my expense to investigate my theories and allegations to see if quite possibly what i think is happening and where the breach is coming from was in fact true. With no help from the vendors in question (because of course they will fail to believe that it is possible a service they are using could be an issue, hell they have their word they are secure) here are my findings. Now mind you this investigation was done by me, myself and I , with my own money at risk. Although now enough evidence has been gathered that the credit card company (Visa) is most likely launching their own investigation. The process and outcome of that is unbeknownst to me.
Using as much logical thought I could muster, I started looking into what these companies had in common, companies being those that have had complaints posted here about unauthorized credit card purchases being made, usually within 24 hours after someone made a purchase with them online. Where the people who complained lived (to make sure it wasn't possible they were in fact the same person, or the same local area to rule out compromise happening locally) also remember I too have posted a complaint/concern to a vendor about this issue, so I am including myself in this "investigation". And also checking other vaping related forum for other such claims to include those companies in my investigation.
After a couple months of looking into this I have come to some conclusions. One, out of all the people I have seen that has had this happen to, none of them lived in the same area, most lived in different states(this means compromise most likely didn't happen locally). All had placed an order, and within 24 hours had fraudulent credit card transactions appear on their accounts. With most this was the only purchase made with said account within that 24 hour time.
Most have some sort of security software running at all times on their computer, the ones that didn't have Mac's or run Linux (I don't know how that makes them feel safe, but whatever some people accept false security) but nevertheless, I can assure that it is not viruses, rootkits, malware etc...reason being the possibilities of so many people having the same security compromise on all of there computers at the same time, shopping at the same vendor and having the same issue is really slim to none...really think about it (yes I am talking to you fanboys)....
So where does the finger point to? Well it isn't only one vendor, it isn't only one or two or three people that have had this happen, it boils down to finding out where the security or lack thereof lies. So I went about gathering evidence. How I did it was went to my bank and opened a couple extra checking accounts that all came with the Visa Check Card and begun a shopping spree. I shopped at many vendors sites including the ones that have been mentioned here before with complaints of security issues. OF course each account had a set amount of money put into it, so if I did get nailed they wouldn't get my life savings if I failed to catch a breech in due time. Now some may say that the more cards I use the better my chances of getting compromised, well yes this is my point of doing so.
Out of 20 places I made purchases (not all vaping vendors either, wanted to cover bases on my theory) I had cards compromised 6 times. 6!!!! Amazingly all 6 showed unauthorized charges within 24 hours of purchase, some more than one charge others one but either way all unauthorized. Now I didn't have this all happen in one day, these were purchases I made over a period of three months. I also made my purchases on different computers, not twenty different computers about five, Windows, Mac and Linux machines a couple owned by me, one at work, a neighbors and even the public library. Again wanting to cover bases here, wanting to make sure that at least something wasn't in common. But wait why are you babbling on and on?....get to the common thing.
Ok, out of all the purchases I made, out of all the vendors I used (remember not all were vape suppliers) there was only one thing in common with the credit cards that were compromised, one thing..... 3Dcart.
Yup, all the card numbers I had compromised were used at a vendor using 3Dcart shopping cart. All six companies and all one thing in common. Coincidence?
Now I went to 3Dcart themselves voicing my concern, and I have been assured that they are secure, well of course you are why would you admit your not? And as when I went to the vendor and expressed my concern, again fallen on dead ears....no one wants to admit that the security measures they put in place may be vulnerable, hell I don't even trust my own security that is why I used multiple computers to do my investigation.
So what is my point here? Well best advise is check your accounts on a daily basis, the only way to prevent getting ripped off is you. The vendors don't care as long as they get your money, and of course the company providing secure checkout methods don't care because they are getting their money and most likely more.
Some may say this is a post with a strong accusation, yes it may be, but I have gathered enough personal evidence to stand behind my statements and this post is made by me to warn and inform other fellow vapers to be aware of the risks of online shopping.
From here on out I will not do business with any company that uses 3Dcart, unfortanatly that means I won't be dealing with a couple of my favorite vendors anymore.
tldr: Companies utilizing 3Dcart shopping cart up your chances of getting your credit card info compromised. Be vigilant and be smart.
We all get the same reply "I/we/they don't get access to your credit info". Or when someone questions the security of a vendor "you have a rootkit, your computer has been compromised by someone or something", the later usually coming from the fanboys.
Well it has happened again and again from a highly regarded vendor whom this has happened with many times to many people. Now they will not listen to me, nor anyone who has had this happen directly after making a purchase from their site, but instead give one of the excuses I stated above....
Now I myself expressed my concern, as well as my thoughts as to how this is happening and who is to be looked into for the breach of security. But I was assured they were secure after all how do the get those nifty security jpegs to display as your shield of safety? But I took it upon myself and at my expense to investigate my theories and allegations to see if quite possibly what i think is happening and where the breach is coming from was in fact true. With no help from the vendors in question (because of course they will fail to believe that it is possible a service they are using could be an issue, hell they have their word they are secure) here are my findings. Now mind you this investigation was done by me, myself and I , with my own money at risk. Although now enough evidence has been gathered that the credit card company (Visa) is most likely launching their own investigation. The process and outcome of that is unbeknownst to me.
Using as much logical thought I could muster, I started looking into what these companies had in common, companies being those that have had complaints posted here about unauthorized credit card purchases being made, usually within 24 hours after someone made a purchase with them online. Where the people who complained lived (to make sure it wasn't possible they were in fact the same person, or the same local area to rule out compromise happening locally) also remember I too have posted a complaint/concern to a vendor about this issue, so I am including myself in this "investigation". And also checking other vaping related forum for other such claims to include those companies in my investigation.
After a couple months of looking into this I have come to some conclusions. One, out of all the people I have seen that has had this happen to, none of them lived in the same area, most lived in different states(this means compromise most likely didn't happen locally). All had placed an order, and within 24 hours had fraudulent credit card transactions appear on their accounts. With most this was the only purchase made with said account within that 24 hour time.
Most have some sort of security software running at all times on their computer, the ones that didn't have Mac's or run Linux (I don't know how that makes them feel safe, but whatever some people accept false security) but nevertheless, I can assure that it is not viruses, rootkits, malware etc...reason being the possibilities of so many people having the same security compromise on all of there computers at the same time, shopping at the same vendor and having the same issue is really slim to none...really think about it (yes I am talking to you fanboys)....
So where does the finger point to? Well it isn't only one vendor, it isn't only one or two or three people that have had this happen, it boils down to finding out where the security or lack thereof lies. So I went about gathering evidence. How I did it was went to my bank and opened a couple extra checking accounts that all came with the Visa Check Card and begun a shopping spree. I shopped at many vendors sites including the ones that have been mentioned here before with complaints of security issues. OF course each account had a set amount of money put into it, so if I did get nailed they wouldn't get my life savings if I failed to catch a breech in due time. Now some may say that the more cards I use the better my chances of getting compromised, well yes this is my point of doing so.
Out of 20 places I made purchases (not all vaping vendors either, wanted to cover bases on my theory) I had cards compromised 6 times. 6!!!! Amazingly all 6 showed unauthorized charges within 24 hours of purchase, some more than one charge others one but either way all unauthorized. Now I didn't have this all happen in one day, these were purchases I made over a period of three months. I also made my purchases on different computers, not twenty different computers about five, Windows, Mac and Linux machines a couple owned by me, one at work, a neighbors and even the public library. Again wanting to cover bases here, wanting to make sure that at least something wasn't in common. But wait why are you babbling on and on?....get to the common thing.
Ok, out of all the purchases I made, out of all the vendors I used (remember not all were vape suppliers) there was only one thing in common with the credit cards that were compromised, one thing..... 3Dcart.
Yup, all the card numbers I had compromised were used at a vendor using 3Dcart shopping cart. All six companies and all one thing in common. Coincidence?
Now I went to 3Dcart themselves voicing my concern, and I have been assured that they are secure, well of course you are why would you admit your not? And as when I went to the vendor and expressed my concern, again fallen on dead ears....no one wants to admit that the security measures they put in place may be vulnerable, hell I don't even trust my own security that is why I used multiple computers to do my investigation.
So what is my point here? Well best advise is check your accounts on a daily basis, the only way to prevent getting ripped off is you. The vendors don't care as long as they get your money, and of course the company providing secure checkout methods don't care because they are getting their money and most likely more.
Some may say this is a post with a strong accusation, yes it may be, but I have gathered enough personal evidence to stand behind my statements and this post is made by me to warn and inform other fellow vapers to be aware of the risks of online shopping.
From here on out I will not do business with any company that uses 3Dcart, unfortanatly that means I won't be dealing with a couple of my favorite vendors anymore.
tldr: Companies utilizing 3Dcart shopping cart up your chances of getting your credit card info compromised. Be vigilant and be smart.
