An irreverent, inclusive, alternative parenting community

When IRL comes and bites you on the ass

I'm sure Madam Ellie has informed most of you via Facebook, but I had some identity theft issues this week. It's been...weird. A couple of months ago, Google informed me that my email account had been accessed from Malta, of all places. I followed their recommended procedures for changing my password, and will probably start changing them on a regular basis.

Then this last week, (on my birthday no less!) I got an automated call from my bank informing me that they had detected fraudulent activity on my account. Sure enough, when I went to check it, there were charges on there for a purchase that I never initiated.

The charges were from USPS.com, so at first I thought my account there had been hacked, but when I double checked my account, I found that I had no bank information stored there, so the leak came from somewhere else. I rarely store my bank information with online vendors, so I'm not sure where it may have occurred. I did what I could to lock down my remaining credit information and thought the issue was finished.

A couple of days ago, I got a call from a woman I have never met, in New Jersey. She had received a package from *me*. Since I had never sent her a package, I let her know that I was having a problem with identity theft, and that she should contact her local police department to handle the package.

Then she said the strangest thing; "I just don't want to get involved!" I thought to myself, Um, lady? You're already involved! I didn't actually say that to her, though. Just to be on the safe side, I then filed a fraud report with the Postal Inspector, and called my local Sheriff's office. The officer I spoke to wasn't sure how to handle an interstate issue like this, but got the number for the lady in NJ, to make sure she had her local police department involved. So far, they have not called me back to file an official report, so I'm unsure what to do at this point.

Anyone have any pointers? Know of any similar postal scams? I'm taking my cues from AlphaGeek on this, in that he doesn't seem to think this is that big a deal - according to him shit like this happens all the time. But it's hard - I'm mildly freaked out, and feel like I don't know when the next hammer will drop. Whoever did this, charged nearly $300 worth of postage to me, which means either really heavy or heavily insured shipping, or lots of packages.

Sometimes real life sucks ass.

0 members like this

< Previous Post

Comment by Herasmus B. Dragon on March 31, 2012 at 11:24am: I hope she didn't throw away the package.

Can you log into USPS and find out more info on the package you supposedly sent? Origin location, size/weight of package, lady's address, etc? It looks like it was all done online, so you should be able to see what the thief entered.

Comment by Boring User Name on March 31, 2012 at 12:48pm: There was a recent breach in which about 50k credit card numbers were stolen. I can't find an article entirely on point, but here's one link about it: http://online.wsj.com/article/SB10001424052702303816504577313411294...

We had a $1 charge to Orbitz hit recently. My husband's thought was "it's only a $1"; I freaked out and said "that's just the test charge. the next one will be for hundreds. call the bank NOW!" So, in other words, I've been known to panic, but I've also know that a lot of the credit card fraud stuff is pretty routine.

And it's seems like I've read about the post office stuff, too. Like the thief send a package to an address, but then try to get there before the actual person picks it up. I read some longreads article recently about the way the hackers get the info and it was fascinating--in how smart they are and also how easy it was simultaneously. If you are interested, I could try to track it down.

But, having your email hacked at the same time is a little freaky. So, basically I have no advice. It sounds like you've done the right things. And likely you and AlphaGeek are both correct. It's relatively common, but at the same time, worth covering your ass to make sure you report everything.

Comment by mightyninjamom on March 31, 2012 at 1:32pm: When I dug through my USPS account, there was actually no information on any packages, so they didn't use that account. They just used my personal info on their own account and probably referred the email stuff back to their own address.

Daria, if it's not too much trouble, I'd appreciate seeing that article.

I like being able to do business online, but this has put a serious damper on things.

Comment by Boring User Name on March 31, 2012 at 1:41pm: I think this was it: http://www.nytimes.com/2010/11/14/magazine/14Hacker-t.html?_r=1&...

And actually, I don't think most of the stolen credit cards come from online. They come from POS (point of sale) machines with poor security (no wifi passwords, same password, etc.) One common trick is apparently that many managers never change the default password, so if they figure out the default password for one TGI Friday's terminal (to use a random business as an example), they can access the information on dozens of Friday's machines. I can't find the exact article I read on the POS terminals, but here's one that kind of explains it: http://searchsecurity.techtarget.co.uk/news/2240147309/Verizon-data...

Comment by ks on March 31, 2012 at 2:34pm: That sucks, hon. Sounds like you're doing everything right, though. Good luck getting it all sorted out.

Comment by Lady Grey on April 1, 2012 at 6:50am: Weird! Did the woman say what was in the package? Did she open it? No advice here, I hope everything works out.

Comment by mightyninjamom on April 1, 2012 at 7:24am: Well, when she called she hadn't opened it. She sounded really scared, actually, which in turn freaked *me* out. I don't know if she ever opened it, or if the NJ police opened it, or anything. So far, the sheriff's office hasn't contacted me back about anything.

When IRL comes and bites you on the ass

You need to be a member of Offsprung to add comments!