Im quite sure this info has allready been discussed for I am still under the newbis status ( smile )

So my question is how safe is it to purchase items off of Ebay, Amazon, Sears, JC Penny ( in other words recognized companies not those pop up ad companies )

Holla Back especially those who order on line via credit card now

Thanks a mil

Im quite sure this info has allready been discussed for I am still under the newbis status ( smile )

So my question is how safe is it to purchase items off of Ebay, Amazon, Sears, JC Penny ( in other words recognized companies not those pop up ad companies )

Holla Back especially those who order on line via credit card now

Thanks a mil



well ladyA, i shop ebay.com, half.com, oldnavy.com and a few other online sites literally every week. IT IS VERY SAFE. did you know that most identity theft and credit card theft doesnt occur online. those online sites use encryption, rory most likely can tell you all about it. most credit card theft occurs in the real world when people shop at a store that leaves the entire credit card number on the reciept (bahamian stores famous for this, thats why i stopped using my cards when i am in nassau), when you throw your credit card statement in the trash, when you use it over the phone, when your purse is stolen etc. i have noticed that most bahamians are terrified of using their card online, when in actuality if you are on a encypted site it is one of the safest places to use a card. also does your bank offer no fualt protection?

I shop on amazon. No problems.

Nothing is safe online ... but then how safe is it in the real world also ..?

Basically Ebay is the main one to worry about, not for CC theft but for sure about getting ripped off ... many of the companies on Ebay operate shady online stores on yahoo, and others ... so just beware of Ebay .. just check the seller and make sure the product is legit. In CCTV we dont even talk to anyone that goes anywhere near Ebay when it comes to CCTV related equipment .. most CCTV products on Ebay are knock offs or stolen products so we stay far far away from them ..

If they dont have a legit domain name website, email, etc, stay away from them, if you really want to stay a "little" safe .. in other words if their email is Hotmail, Yahoo, Netscape, Gmail., any free email server, stay away from them. Ofcourse alot of legit web sites dont show their email on their web site for the reason of getting uncontrolable spam. We order from companies we find online all the time, but we do so over the phone .... and only after we have a physical address for them, as well as real feedback from other clients, but then we deal with tens of thousands of dollars per order.

Online banking is a bigger problem anyway, havent you got the emails asking you to verify your user and pass to them ... even if you dont have an account with that bank :-)

Basically encryption is just another reason to crack something ... its like rules, and to some, laws... a criminal doesnt care whether he goes to jail for stealing a fistful of money from a bank, or if they goto jail for using your CC stolen to buy useful things .. jail is jail and both land them around the same time .. internet can just cause them to think they are more invincible ..

Rory

Thanks so much for the info, helpful helpful helpful

reading rory's post reminded that i forgot to mention to be alert when shopping on ebay. there are alot of scam artist and thieves on that site. i still shop there but i make sure go through the sellers history and feedback with a fine toothcomb. also dont feel comfortable becuase ebay and paypal be talking all that hoopla about how they stand behind you and will help resolve issues etc. when i got in my scrapes i had to basicaly battle it out all by my lonesome. also even though half.com is owned by ebay i find it to be a better site and i never had an once of trouble when buying from there. if you want cheap DVD Movies, half.com is the place to go.

Thanks so much for the info, helpful helpful helpful

Another point which I think is very important is to look at the address bar when you reach the window to enter your credit card info.

You know the familiar "http". Well instead of only "http" it must be "https". The "s" on the end indicates that the site is secure and safe.

If there is not that "s" after the "http" am NOT entering my credit card info on that page period!

Another point which I think is very important is to look at the address bar when you reach the window to enter your credit card info.

You know the familiar "http". Well instead of only "http" it must be "https". The "s" on the end indicates that the site is secure and safe.

If there is not that "s" after the "http" am NOT entering my credit card info on that page period!


still crackable ... there is still a database online somewhere storing your CC info ... thats what they are after :-)

Another point which I think is very important is to look at the address bar when you reach the window to enter your credit card info.

You know the familiar "http". Well instead of only "http" it must be "https". The "s" on the end indicates that the site is secure and safe.

If there is not that "s" after the "http" am NOT entering my credit card info on that page period!



thanks for the post, i didnt know that. like rory said you credit card isnt safe any where. The best thing to do is make sure you have no fault protection and take some precuations like the one you just posted.

i also forgot to address the fishing scams rory mentioned. they are these scams that send out millions of email pretending to be citibank, ebay, half, master card, amazon and other companies they know pretty every body deals with. they will say something is wrong with your account and you should enter your login id, password, social security number (for americans) and maybe credit card information. i almost feel for one becuase they look exactly like the company they were posing as (in my case it was ebay). the key thing to remeber is those companies will never ask you for your password or credit card. also become familiar with the format of you companies emails

still crackable ... there is still a database online somewhere storing your CC info ... thats what they are after :-)

Ok Rory, I read somewhere that when there is https even the company/person you are paying would not know your credit card #. I am not sure whether this is the situation presently or just used to be one time ago!

Also, recently I noticed a company I was paying online had both https and the Lock Symbol at the bottom right of the screen. Once ago, it was said that just the Lock Symbol indicated sufficient protection.

So with both the lock and https, will the CC info still be crackable?

Ok Rory, I read somewhere that when there is https even the company/person you are paying would not know your credit card #. I am not sure whether this is the situation presently or just used to be one time ago!

Also, recently I noticed a company I was paying online had both https and the Lock Symbol at the bottom right of the screen. Once ago, it was said that just the Lock Symbol indicated sufficient protection.

So with both the lock and https, will the CC info still be crackable?



Well where do you think that CC is going ...a database somewhere, and most web stores unless they are a huge company, are simply going to store it in a database on their own server, or if they are using a 3rd party merchant account service thats not hard to crack into with the username and pass and get what they want, and even if they are encrypting it, nothing is uncrackable. When you find out what web server they are using, file structure and OS, then its pretty easy to get in and grab that database then crack it, some harder than others but not impossible .. :-) Not that im doing that just saying ... but alot of people do that for their living and stuff like that is easy for "them"..

Well where do you think that CC is going ...a database somewhere, and most web stores unless they are a huge company, are simply going to store it in a database on their own server, or if they are using a 3rd party merchant account service thats not hard to crack into with the username and pass and get what they want, and even if they are encrypting it, nothing is uncrackable. When you find out what web server they are using, file structure and OS, then its pretty easy to get in and grab that database then crack it, some harder than others but not impossible .. :-) Not that im doing that just saying ... but alot of people do that for their living and stuff like that is easy for "them"..

Thanks Rory.

yall wanna see how unsafe certain databases on the web are. Go to http://johnny.ihackstuff.com and check out the Google Hacking Database . Dude shows how you can use a simple tool like Google to expose database and password exploits/vulnerablities.

There use to have been this exploit where you type in something like visa and then a range of numbers, and then it showed you pages of person's credit card info containing names, numbers, addresses, banks etc etc.

Makes you think twice about using your credit card online.