General discussion

Credit Card Duped???

Yesterday I tried to sign in on Windows Instant Messenger Service. I have no password, so the "Help Topics" told me that in order to get one, I must type in my email address and CREDIT CARD NUMBER, so that my account status could be verified. After I complied, it said something to the effect that "sorry we were unable to verify your status -- try again later." Did I make a foolish mistake? The whole transaction was done using the Windows displays on the screen. Why would they even want a credit card number? Evidently the messenger service is free and is a part of the subscriber's package. Help!

Discussion is locked

Follow
Reply to: Credit Card Duped???
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: Credit Card Duped???
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
BAD, BAD, BAD

You have been phished, call your credit card company immediately and explain what happen. NO reputable company will ever ask for info like that in either messenger OR an e-mail. I'm sorry to hear that it happened to you.

- Collapse -
Re: BAD, BAD, BAD

roddy32 -- thank you! Thank you much for your quick response to my question about being duped out of my credit card number. I took your wise advice and immediately contacted my bank. Fortunately no unauthorized charges have been made. They shut down by credit card number and will send a new one. If that was a scam, it has got to be the newest and most clever around. I wish there was a way to alert others. Hopefully others will see these posts and take heed. This is a tremendous forum! Thanks again for your help.

- Collapse -
Re: BAD, BAD, BAD

I'm glad you caught it in time. I'm sure the credit card people at the bank said the same thing. This plishing has been going on for quite some time with e-mails. Using messenger programs is relatively new but it's being done. People are recieving e-mails that are SUPPOSEDLY from Microsoft, Pay Pal, Citi Bank, AOL, E-Bay, etc. such to name a few asking people to click on legitimate LOOKING links which take you to a legitimate LOOKING web site where you give you personal info such as SS# , credit card, etc. Those e-mails a plishings attempts. Like I said in my previous post, NONE of these companies will ever ask you for personal info in an e-mail or e-mail you a link and tell you to click on it to verify personal info. Have a nice day and safe computing to you. Grin

- Collapse -
Re: BAD, BAD, BAD

if you ever get an email from yahoo it will have their logo in the front of the subject line. something to remember. if it does not have their logo then it is spam!!!!!!!!!!

- Collapse -
Re: BAD, BAD, BAD

Trouble is, these phishing emails also steal the logos.

I've had them from (supposedly) CitiBank and other banks, and the logos are genuine.

Mark

- Collapse -
Re: BAD, BAD, BAD

I have noted, at least on many occasions, if you take the trouble to read the boring blah blah blah header you can see where the message *really* came from.

- Collapse -
Re: BAD, BAD, BAD

It doesn't matter what email you get and what you see on the email, no company will ask you for personal information in an email, allways call the company to ask what seems the problem before giving any information.

- Collapse -
Re: BAD, BAD, BAD

Maybe we should all stop using the Internet and start chatting via Fax machines, no serious I am glad you caught it, never give out any personal numbers online unless you KNOW where they go.

- Collapse -
Re: Credit Card Duped???

I agree with everything roddy has said, and it's good that you have phoned your credit card company, but I am confused about what happened.

You said, "Yesterday I tried to sign in on Windows Instant Messenger Service. I have no password, so the "Help Topics" told me that in order to get one, I must type in my email address and CREDIT CARD NUMBER".

I am intrigued. Have you ever used Windows Instant Messaging Service before? If so, did you ever have to use a password before?

How did you get to the Help Topics? Where did the Help Topics come from? From your PC Help and Support, (Start > Help & Support), or through Windows Instant Messenger?

If it was from Help and Support on your computer, I don't know how or why that would have been corrupted, by a hacker, trojan virus whatever to tell you give your credit card details.

If it was through Windows Instant Messenger, how could you have gotten the message about the credit card without logging on in the first place?

This confuses me.

Mark

- Collapse -
I am confused as well...

That sequence of events is strange indeed. Maybe the poster will clarify what has happened. Confused

Glenn

- Collapse -
Re: Credit Card Duped???

I'm still learning the computer. On the wallpaper I noticed the icon to click on for Instant Messenger. Curious, I clicked it on and noticed some interesting available features, e.g., instant messaging, a "white board," etc. I clicked on to the "sign in." A window appeared instructing me to type in my email address and password. I had no password. The window said if you have no password, or forgot your password, to click on help topics. I did that. Next, it instructed me to enter my email address AND credit card number. I did that. Then a message appeared in the window saying in effect, "Sorry, we are unable to verify the status of your account at this time. Try again later." Later on I started to wonder why Windows would even want to know my credit card number -- I wasn't trying to buy or charge anything? It's a mystery to me too. Test it. Give it a try. Click on your instant messenger service and tell them you forgot your password, and see if it takes you through the same drill. Let me know. Thanks.

- Collapse -
Re: Credit Card Duped???

I don't use messenger myself anymore but I assumed when you first asked the question that it was somebody trying to dupe you and you were actually confused as to what happened but I didn't question that because I knew you were already upset. I can't possibly imagine why Microsoft would ask you for your credit card. I used messenger for years and never have even HAD a credit card, never mind being asked for one by Microsoft.

- Collapse -
Re: Credit Card Duped???

Mark and Roddy, Well, I just went through the whole Windows help topics drill again. Since I don't even have a password, I clicked on "reset my password." The display window instructed me to enter some stuff like "who is your favorite singer," email address and the password you want to have. Then it says if you have a paid subscription associated with this account, please enter your billing information below. Click to continue. The next window asks for your email and credit card number. Needless to say, I wasn't about to enter my credit card number this time. But, that's what they ask for ... your credit card number. And what do they mean anyway about having a paid Microsoft subscription? It says at the beginning of this drill, that the message service is free. Well, anyway, that's what happened. Go through the drill. It only takes about a minute. They'll want your credit card number. I want to thank all of you for your responses and help.

- Collapse -
Re: Credit Card Duped???

You're welcome. I've got messenger disabled about 5 different ways because just one way wasn't working so I'm not going to do the test but it is definately the first time I've heard about that. Sorry if I scared you but I would still never put any kind of identifying information on something like that.

- Collapse -
Re: Credit Card Duped???

Here I am, back again. I just discovered among the "All Programs" on this computer, that it also has an MSN Instant Messenger. (This is a computer that my son left when he moved away, I'm using it to explore and learn). I went through the whole sign in drill again on the MSN messenger. It's basically the same procedure as Windows -- yep, it asks for a credit card number also. I'm beginning to think that all of this is probably actually legitimate. How could a hacker tune in on a domain featured by Windows and MSN? But why they would need a credit card number is still a big mystery.

- Collapse -
Re: Credit Card Duped???

Maybe it is legitimate, like you said, I have no idea why they would ask for a credit card but in all the years when I WAS using Messenger, I was never asked for a credit card and I lost my password more than once LOL. I guess it's another one of those mysteries of life, The important thing(S) are that you have not lost anything in this whole experience and also, under these same circumstances, if it were me, I would NEVER give out the kind of info unless I was absolutely positive who I was giving it to and it was completely secure.

- Collapse -
Re: Credit Card Duped???

Stranger and stranger.

I still agree with roddy that you did best wannalearn.

You were immediately concerned that you had given out your credit card details and sought advice, and you contacted your credit card company.

You may be disadvantaged for a while without a credit card whilst your card company sends you a new one, but I have heard of so many people who have done similar things and lost thousands of dollars or pounds, or whatever, in similar circumstances.

You did good, Happy

I notice you said this was a PC your son left you. I wonder if he has any idea what this icon on the desktop is?

Mark

- Collapse -
Re: Credit Card Duped???

About the only reason I've ever heard of any messenger service requiring a credit card was for age verification.
Even then the only instance I've seen of it was when my little cousin had to get me to help her register for Yahoo Messenger.
It's easy to replicate. Just attempt to create a user account for someone under 14, it gives you a 'Please get your mom or dad!' message. Then use a user account that hasn't been verified (With a credit card, heh.) anywhere on Yahoo before. It'll give you a page to create the account and at the bottom it'll have a credit card field.
It doesn't bill to the card, simply uses it to prove that you're an adult.
Sometimes the stuff really is genuine.
Sadly enough, these days the only way to be safe is to assume fraud until you can prove otherwise, though. Sad

- Collapse -
Re: Credit Card Duped???

> Even then the only instance I've seen of it was when
> my little cousin had to get me to help her register
> for Yahoo Messenger. It's easy to replicate. Just
> attempt to create a user account for someone under
> 14, it gives you a 'Please get your mom or dad!'
> message. Then use a user account that hasn't been
> verified (With a credit card, heh.) anywhere on
> Yahoo before. It'll give you a page to create the
> account and at the bottom it'll have a credit card
> field.
> It doesn't bill to the card, simply uses it to prove
> that you're an adult.

Wow! I know about these age verification schemes, but I never met a kid in my life who actually entered a correct date of birth if that meant all this extra trouble. I also don't know any kids who wouldn't click on "Yes, I am 18!" when asked to confirm this before entering a porn site. Interesting to hear such kids still exist.

- Collapse -
Re: Credit Card Duped???

Hi wanna, I noticed tbat you mentioned having "wallpaper" and I haven't yet noticed anyone else picking up this point, so ....

What wallpaper and where did you get it from?

Maybe it includes spyware.

Try running Spybot S&D if you have it - get it anyway, it's free - but don't use advanced mode until you are more familiar with things, just let it run.

Maybe just delete that wallpaper anyway.

Hope everything works out for you.

- Collapse -
Re: Credit Card Duped???

Hi wannalearn,

I am in Australia and don't know where you are and if Microsoft/MSN services are more or less the same everywhere, but here goes ... but first:

I previously asked about the wallpaper I think you said you have ... it could contain spyware, or some other nasty.

As for Microsoft/MSN:

Yes, here at least, one can be subscribed as we are to "ninemsn Premium" (for instance), but we are NEVER asked up-front for any financial details, but we can access our account when we log-in using the username, password and so on ... you should only be asked a "secret question" if you make a mistake logging on and need to retrieve some details.

I don't recall the question you got asked, but you say it is your son's computer (I think),so check with him if he has a Microsoft/MSN account.

If he does and if you are not logging on correctly, then that is why you are being asked the question.

In short: this could all be legit in fact. And your inability to get into the account/services could be due to a layer of defence which Microsoft/MSN uses to prevent fraud.

Hope this might help resolve the confusion ... pending anyone adding to and/or modifying what I have suggested.

- Collapse -
Re: Credit Card Duped???

Curious..Ive never used that service before..But dont you have to have a "username or login name" already established before applying a "password" for messenger services?? Just wondering,,In the Past,i have used MSN messenger,ICQ,and Yahoo.. always had to establish a "username" first then choose a password.
Possible this messenger service just uses your "Email" as the "UserName"??

- Collapse -
Re: Credit Card Duped???

If you get an paypal message(ebay).
Start with dear paypal member and they wanted more information to update your account and your cr.card #.This is a scam also.
Paypal start always with your name they have your cr card # they never ask you again.
And you can always seen if the side is o.k.look at http: it have to be https: the s is for secure side.

- Collapse -
Re: Credit Card Duped???

There is a new software file you can download that tells you if you are on a real website or a fake one. It is called Spoofstick. It is for IE and Firefox and it is free. you can get it here. http://www.corestreet.com/spoofstick/ it is very useful if you get one of those suspect emails from Pay Pal, CitiBank, Ebay etc.

- Collapse -
Re: Credit Card Duped???

It sounds more and more like you are trying to sign up for MSN? If MSN internet service is installed and MSN Messenger was activated it would certainly try to connect to the internet and verify your credentials to use the service. Perhaps you could send us a screen shot of the page where you are prompted for credentials?

- Collapse -
Re: Credit Card Duped???

For general information, I use msn messenger and have never had to use a credit card number. If you're signing into the messenger services, there has never been any such thing as a paid subscription. Now, that icon might be MSN internet access. Read closely. If not, then you best make sure you scan with antivirus, spybot S&D, and Adaware, right click the icon, click properties, record the info on paper and let us know what it says. Trojans are common and could send your info anywhere(including Russia). MSN Messenger and Windows Messenger are free. Good luck.

- Collapse -
Re: Credit Card Duped???

Common sense needs to be applied to ALL activities on the Internet. Everyone needs to be ever careful when receiving e-mails or cummunications asking for your name, ssan, account numbers and even your address and phone numbers.

There are so many people trying to make a buck on you out there. This can be a VERY damageing experience for you, one that could ruin your financial status. I often get asked for my SSAN when trying to access my banking account by phone. Flat NO! I tell them that is not going to happen over the phone. Hardly ever do I ever give out any account numbers over the Internet.

I limit my Internet buying. I figure that if they wish to sell me their product, they, the seller will provide an anternate way for this purchase to happen, like a phone transaction. Look for a contact number on that site. Call them and inquire. Recently there has been reported a scam from Citibank asking person to verify their account number, name and other information. Well, Citibank NEVER placed that ad or sent the e-mail.

I suggest you cancel that account and withdraw your funds if any and reestablish another account just for your own personal safety. Always ask yourself questions about these kind of sites or e-mails. If you don't know the sender or the Institution, don't open the mail or delete it without taking action.

- Collapse -
More phishing info..

I have done a substantial amount of research and checking on received phishing emails. I thought I would pass on some of the things I've found and some of the steps you can take to help stop it.

First, pay attention to the comments made elsewhere in this post. Your financial institutions, on-line services AKA ebay), etc., and all do not ask for you to "confirm" your information via an email and link.

There's a pretty fast way to check it's authenticity if you are an Outlook or Outlook Express email user. When you place your cursor over the link which is supposedly to take you to the site of the institution for the verification, even though the link may actually say www.suntrust.com, etc., an actual link comes up at the bottom of the email program frame. In a phishing email, that link will usually bear no resemblance to the link in the email. Even if the link is the same as in the email, if it looks different than the real institution, i.e., real address is www.suntrust.com but the email address reads www.internet.suntrust.com is a whole different URL and is a scam location.

You can aid the affected institutions by forwarding the email to abuse@"institution".com where institution is the identified company such as suntrust, ebay, USBank, etc. In the forwarded email you should include the email header information which you can copy and paste from the properties menu entry under "Files" in your menu bar.

I'll be happy to answer any other questions including how to locate the actual servers responsible for these and other information. Remember never follow one of these links, forward the email and header info to the company's abuse group and then delete. Never give your credit card, Social Security # or financial information to anyone you yourself did not initiate.

- Collapse -
Re: More phishing info..

Besides, your bank/company will always adress you by your name.

I've received many mails supposedly from Pay-pal, but they always start as "Dear customer". Those mails obviously are not from Pay-pal.

- Collapse -
Re: More phishing info..

If you want to get the instant messenger from msn...all you need to do is log onto msn.com. From their homepage there is a link for the instant messenger. Click the link and it will download it for you free of charge. You will have to establish a hotmail account and this will be your login name. This is where you would also create a password that you would use for logging in...They will not ask you for a credit card unless you want to use more than the free space that is given for your emails. I created a hotmail account which is the account I use to keep spam from my real email account. This also allows me to have the use of the messenger when I want it.. Hope this helps.

CNET Forums

Forum Info