Well after all these years it happened, I got hacked!

I checked my email this morning and was surprised with an email titled, "Thanks for your purchase." I haven't made an online order since the titans shirt. The body of the email included, "Payment fee received: 1 Quantity Payment for Url_Extractor_X_RP, US 45.00" and all my shipping info. Besides having no clue what a Url Extractor is I have no clue how this happened. Fearing the worst I check my bank account online. Nothing taken out of checking. How about the credit card. BAM! Pending transaction: $2,475! HOLY #*%@! The transaction says it was made through Paypal. So I log in and there we go...6 transactions totaling $2,676.45. Semi freaking out I call Bank of America's credit card division (didn't really know who to call first). The guy informs me since the transaction is pending they can't really do anything yet, but Paypal and possibly the actually company could. He gave me the Paypal number and I gave them a ring. Got a hold of a guy that was super easy and helpful, issued a dispute on all charges and insured me I'd get 100% of my money back. He also was able to track the IP address to Simponville, NC right outside Asheville. That's a little close, so I'm thinking they used some sort of IP scrambler.


On top of "hacker wit" he/she seemed pretty smart. Ordered the lower priced items with my debit account and the larger priced item with my credit card. Ironically enough the $2,475 purchase was Adobe Creative Suite which is a grouping of programs used for digital art and programs I use every day at work. Sorta strange eh?

Back to dealing with this little issue. Since the 5 smaller amounts were charged to my checking account Paypal can't do anything without the companies whom payment was sent to interacting. Mr. Paypal said I could possibly catch them with Bank of America. I call the checking account division. I'm informed they see what I see online and since there are no transactions or pending charges I have two options. Freeze the account (only able to reopen at a local branch) or sit it out. Freezing the account for a little over 200$ doesn't seem logical to me so I decided to wait.

I then recalled I have a folder in my entourage (email program) that grabs all my Paypal emails. In this folder we have 6, "your payment has been sent" emails. I find the email (from the German paypal) regarding the credit card charge naming the company as Digital River. Also there was a shipping address to CA. The address was a dummy. Well, I searched for a phone number for this company. After an unfortunately longer than anticipated search I found it and give them a call. I'm connected quickly and speak with a very nice gentlemen who submits the matter to their dispute department and insures me no charge will be assessed to me.

I have since received confirmation that 3 of the 6 disputes are resolved and the transactions has been reversed. This included the large credit card charge.

All of the purchases were software and 5 of 6 seem to be from the actual company that developed them. Their programs are just downloaded straight off their site, so there is no actual hands on product. Meaning the hacker was able to grab them instantly. I can't help but wonder if they are out their software or what happens for them. They were scammed just as bad as me. Fortunately I was sent the product serial number for one of the products, so Mr. hacker is out that program at least.

After some research and changing my password to almost a sentence I have discovered there really is no hiding. Simple password, hard password, change it every week, if a hacker locks in on you, you're going to get hacked. It just makes me smile a little that it probably took the hacker 4 times longer to actually hack me and purchase items then it took me to counteract his work. Four phone calls = mission foiled.