2.25.2011

google.com/ch is fake

Got a call from my bank today about some odd charges on my card. There were two charges of about $70 to crappy games site gpotato, and a $1 charge from 'google.com/ch ca'. I haven't used my card in months, so I went down to get a new card and fill out some claims dispute forms. Luckily they were able to cancel the transactions before any major damage was done, and I've been spending the afternoon changing all of my passwords for any sites that have my card info stored (big thanks to Lastpass for making this process MUCH easier, bee tee dubs!) just in case.

But the real thing to remember here is what to look for on your statement, in case you have a bank that doesn't really care enough to call you about odd transactions. Any charges made by Google on your statement will show up as "GOOGLE * Store Name" (source). If you see anything else, such as my "GOOGLE.COM/CH CA" you should immediately contact your bank and get a new card issued. Because it was from fraudulent charges, they didn't charge me for the new card. It also looked like the initial fake Google charge was to test whether the card info would work before they started purchasing things. Many identity thieves make small purchases in the hope that they will go unnoticed, so be wary of any odd purchases, even if they are small.

I asked the person I spoke with at the bank about how this had happened, and he gave me a short explanation. Here is how it is supposed to work:
1. You make a purchase with your bank card at a store or online.
2. The merchant stores your card info long enough to send it to your financial institution and request payment.
3. Payment is processed, and the merchant deletes your card info.

But here is what sometimes happens:

1. You make a purchase with your bank card at a store or online.
2. The merchant stores your card info long enough to send it to your financial institution and request payment.
3. Payment is processed.
4. Merchant doesn't really ever get around to deleting you card info.

In this situation, your data becomes open to hackers or dishonest employees. Really you haven't done anything wrong, but you can still be vulnerable. The best defense you have is to be vigilant about your statements, and check up on ANY charge that looks abnormal.

5 comments:

Anonymous said...

Thanks for the info. Apparently "Wells Fargo" can't get their shit together, as this is the SECOND time we have been hacked (the last time was 1700, but we got it back). I have never had anything stolen from my account with my credit union...they even stopped letting me use my card when I allowed my son to buy a game online! My hubby needs to get with it and change banks or risk losing our money! Thanks again! We're on it!

Anonymous said...

My wallet was stolen with all my debit cards and credit cards. After I closed my cards with the bank, four days later my bank statement listed a charge of 1.00 from "GOOGLE GOOGLE COM CH". I find it insane that my debit card was still processed even after I closed the cards through my bank, WF.

Kimberly Palocsay said...
This comment has been removed by the author.
Anonymous said...

Thanks to your post I was able to quickly cancel my card.

Angela McKichan said...

Thank you for this blog, I discovered on my visa statement escalating charges all from Google.com/Ch gbr which I have never even heard of, any way my visa company were very helpful and have stopped my card and started the process of persuing these frauds, hopefully I will be reimbursed asap, quite shocking but a lesson to all to be extra vigilant with pass words, statements etc thanks for site, Angie