"Because I had a debit card, I could not have more money withdrawn from my account than how much I had. Therefore, when this idiot tried to keep purchasing 200,000 gold, he/she was stopped. Thank God it wasn't a credit card--the bank would've eventually stopped the transactions from suspicious activity, but who knows how much money could have been taken from my account."
This seems to be a bit naive, credit-cards have far superior fraud protection, so no money is actually taken from your account, and it's easier and quicker to fix by the institutions.
[EDIT] As pointed out below, yes they both have the same fraud protection backed by a credit agency like Visa. However, if it's debit you lose cash and it can take up to several weeks for it to be refunded. That versus being out the amount of credit you can borrow for a few days.
A few years ago, with the debit he would have been at risk for possible overdraft or insufficient fund charges.
I keep a low-limit credit card($500), that would have the exact same characteristic that he is claiming makes the debit card better. This is the one that is used for the majority of my transactions.
As a rule, I only use credit cards. I have a debit card for the sole purpose of using ATMs.
In the case your card is lost or stolen, you aren't liable for any fraudulent purchases and the most important thing - you haven't actually lost any money; only the credit card company has.
I'd hate to have to jump through hoops and wait a month to get my money back. For a large percentage of the population, losing a couple grand quite literally means they can't eat or pay the rent that week/month.
For many card transactions the credit card company would issue chargeback in the case of fraud for the merchant, which will end up losing money and paying additional fees. So the losing party is frequently not the CC company but the seller.
Losing credit can be a problem too, especially if one has regular bills coming through credit card, which are not problem regularly, but if part of the credit is frozen by the fraudulent activity, this may become a mess. I'm not sure how all banks behave during a fraud dispute, but they very well may reduce credit by the disputed amount until the dispute is resolved, even without the owner having to pay anything.
I'd argue that having a blocked credit card is FAR more manageable than a blocked debit card and this is precisely why I almost always only carry credit cards (I also move my income into an investment account from my cheque account as soon as I'm paid, less expenses expected in the next week).
Firstly, most recurring billing systems are built with credit card failures in mind - the card can expire or be listed as a hot card, for instance, and needs to be updated. This has happened to me and you are not penalised in any way. I've also, once or twice, gone over my limit without the card being rejected - the bank seems to give me some sort grace credit. This is fine by me since any fraudulent transactions on a credit card are claims against me that the bank needs to prove. I can switch to another credit card if that card gets marked as a hot card.
Secondly, a debit card is usually linked to a cheque or savings account. If it's a cheque account you could end up incurring overdraft charges which totally screw you over and mess up your standing with the bank; if it's a savings account, you're screwed out of your savings while the bank investigates and returns your money (bank I worked for until recently stated that it takes SIX WEEKS to investigate when a friend's debit card was cloned... that's a lot of lost interest).
It's not a really a "myth". Both have zero or a small amount of fraud liability (i.e., they give you back all of the money, or all but say $50 of the fraud). But! If you have fraudulent activity on a credit card, you're out that much credit until they remove the charges. If they do that much fraud on a debit card, you're out that much cash out of your checking/savings account until they credit your account back.
I'd much rather have one of my credit cards less usable for a day or two than have the account I use to pay a lot of bills from drained for a day or two
Totally agree. I know it's a different situation in Europe/Asia in regards to debit vs. credit card usage, but I transact almost exclusively on credit unless it's under $5 because:
1) Cash Back - I get about 3-5% back on all of my purchases which adds up to a few hundred dollars a year in cashback money.
2) Fraud and Price Protection - I've had my card stolen twice and in both cases, I just reported the lost card and I had zero liability. I also have AMEX that gives you price protection and a longer warranty for free on things you buy.
3) Credit Building - You need to build credit so having at least two credit cards in good standing with a long account history is important. This makes financing a car/house much more easily later in life.
However, if it's debit you lose cash and it can take up to several weeks for it to be refunded.
I know this is true in theory, but is it true in practice? I've had two debit cards used for fraudulent transactions (one a Visa debit issued by a local bank, the other a MasterCard debit issued by PayPal) and in both cases the money was returned within hours of my reporting the missing cash.
I don't know what it's like elsewhere, but here in Australia my Visa Debit card has exactly the same transaction protection system as a Visa Credit card.
Tagged does not need to respond to you, and there is not a single thing they can say or do that will make the situation better for you even if they did. You've contacted your bank, opened a dispute, and now the issue is between Bank of America and Tagged (unless BoA contacts you for additional info).
Having your money stolen sucks dude. Keep your cool and everything will work out for you. Most of all, just try to remember you are not a unique and special snowflake - this happens thousands of times a day and everyone except you involved has established procedures for dealing with it. Let the fraud investigation and resolution run its course.
Maybe not for him but there's a lot they can do for themselves if they act fast - freeze the ill-gotten funds and make a profile of who they went to. Wouldn't direct contact with victims be faster and more rewarding for Tagged than waiting for business hours credit card industry processes?
This is correct. It's not tagged that stole money from you - tagged is just a merchant that someone purchased gold at with your stolen wallet. You did what you're supposed to do and filed a dispute with your card issuer. Tagged most likely will end up losing the money due to the chargeback, so your anger is being directed at the wrong person.
You should be directing your anger to the individual who stole your Google wallet and made fraudulent charges. Did you turn on 2-factor authentication for your Google account yet? Did you at least change your password?
I am trying to find out the identity of the person who made the fraudulent charges--that's why I contacted Tagged. Tagged should be able to quickly identify which user used my card information to purchase goods from their website. I sent them three separate requests as a follow-up of the three separate transactions made through Google Wallet, but did not receive a response for any of them.
Yes, I do have the 2-factor authentication and yes, I change my password quite frequently (and changed my passwords for all my accounts on various sites as soon as I found out about this).
They should not and likely will not tell you anything about who made the purchase. One alleged illegal act does not make another legal -- they can't violate their privacy policy, privacy protection laws of various countries, and the payment data protection regulations of their merchant account acquirer.
Fraud like this is rarely that transparent anyway -- it's often part of a multi-step process to launder money (buy something with stolen money, sell it for legitimate currency) -- and you'll end up with the IP address of a proxy in Romania that's of no use to you or anyone else. It's also unlikely the person that used your card is the one that stole your card -- the numbers are stolen then sold in bulk on forums for $1-2 a card.
What you are going to find is some poor kid who asked his mom to buy him Tagged gold for his birthday, and she went online to some random buy-tagged-gold-now.com website.
There is no bearded Ukrainian drinking his vodka and showing off how much gold he now has to underaged girls. He is long gone with his ill gotten gains.
there is not a single thing they can say or do that will make the situation better for you even if they did.
In his case, even a form letter response saying how they generally respond to chargeableness would be make that situation better.
just try to remember you are not a unique and special snowflake - this happens thousands of times a day and everyone except you involved has established procedures for dealing with it
Did he really have to come to HN to find that out? Wouldn't it have been better if Tagged had told him that in the first place?
I'd like to know if Mr. Woo had two-step authentication turned on for his Google account. (He mentions only that they, "gained access to my Google account.") It's the potential for this sort of damage, or much worse, that prompted me to turn it on and incur the slight nuisance of generating new keys every 30 days.
Is it even that much of a nuisance? Last Pass and two factor auth are no brainers for me. I ALWAYS have my phone with me so two factor is a given and Last Pass has mobile apps and lets me have a unique password for every single site. I honestly have a hard time taking people seriously if they're too lazy to use something as simple as Last Pass, etc.
First, thank you all for your comments--I just recently opened my first checking account so I am new to this whole credit/debit card business. It's great to receive feedback from people who know a lot more than I do about these issues.
Tagged contacted me today at noon (Sunday Feb 12), but NOT as a response to the direct contacts I made. They responded after reading my blog post (which I'm pretty sure they saw through HN or through Twitter). Interesting.
I have screenshots of all the transactions, which include the date/time of transaction and the order ID, and I sent this information to Tagged. They responded within 20 minutes saying that they are "looking into [their] systems to gain some clarity."
$200 of the $300 has been restored to my checking account, and I am still waiting for the final $100 to be returned. However, regardless of having the money returned quickly, I wanted to (and still want to) find out exactly who did this. That is why I contacted Tagged on top of Bank of America (which responded very quickly). Google Wallet advices to contact the seller directly about the orders, which I did.
To answer some of the common questions among the comments: yes I do have 2-step authentication for Google, yes I changed my password, and I rarely log onto my Google account on shared computers.
An IP address is not a person. Tagged doesn't know who did this, so they can't tell you. Even if they wanted to, they'd be violating data protection laws, their own privacy, and possibly their merchant agreement by giving out that information.
Not an IP address--the user. A user account had to use my card info to purchase the goods. If Tagged can't tell me who did it, at least they can shut down that account for fraud.
I'm looking through Tagged's terms of service and privacy policy right now to see what their terms are on issues like this.
Undoubtedly they will do so when they receive the chargeback, without your help. Not that it will be of any consequence to you or the actual person that opened the account.
thanks (i was confused by the word "school" - the uk and us terms for school, college, university, etc, differ, and so i thought this was what a university rather than a high school).
1) Have you been using a shared computer?
2) Did you have a weak password?
3) Do you use same password (or a small pool of passwords) for most sites and service?
Answering yes to any of the above and you really should not be posting on HN
I should add "Have you been accessing sensitive sites such as your Google accounts" on a shared computer." The HN reference was to distinguish if the poster's complaint was worth of a discussion or is it one of 100k+ people a day that get caught by keyloggers/phishing/social-engineering through their own stupidity (like accessing Google wallet on a shared computer)
This seems to be a bit naive, credit-cards have far superior fraud protection, so no money is actually taken from your account, and it's easier and quicker to fix by the institutions.
[EDIT] As pointed out below, yes they both have the same fraud protection backed by a credit agency like Visa. However, if it's debit you lose cash and it can take up to several weeks for it to be refunded. That versus being out the amount of credit you can borrow for a few days.
A few years ago, with the debit he would have been at risk for possible overdraft or insufficient fund charges.
I keep a low-limit credit card($500), that would have the exact same characteristic that he is claiming makes the debit card better. This is the one that is used for the majority of my transactions.