Scam of the day – September 6, 2014 – Dairy Queen hacked

Largely lost among the news of recent data breaches at companies such as Home Depot, Supervalu and UPS was the announcement by Dairy Queen that a number of its stores suffered data breaches leaving customers’ credit card and debit card information in the hands of identity thieves.  Unlike Home Depot and Target, for example, Dairy Queen franchises are independently owned, however, the extent of the hacking appears to include stores in Florida, Alabama, Indiana, Illinois, Kentucky, Ohio, Tennessee and Texas.  The discovery of the data breach followed the same pattern as found in recent data breaches against Home Depot and others in that it was banks monitoring fraudulent credit card and debit card usage that found the common link being usage at Dairy Queen franchises.  This is not unusual because it appears that the same, difficult to discover Backdraft malware about which I have warned you repeatedly in the past and about which the Department of Homeland Security warned retailers in a July 31st alert was used.


We can expect this scenario to continue to be repeated, however this is no reason to stop using your credit card.  It is reason enough to stop using your debit card for retail purchases because the consumer protection laws for fraudulent use of debit cards are not nearly as strong as those that apply to the fraudulent use of credit cards.  In addition, even if you discover the misuse of your debit card immediately, you will temporarily lose access to your bank account to which the debit card is attached while the bank investigates the crime.  This can delay your access to your own money and can jeopardize automatic payments that you may make from the account, such as mortgage payments.  As for your credit card, you should regularly monitor its use for any unauthorized use and report it to your card company immediately upon discovering any misuse in order to minimize the inconvenience.

Scam of the day – September 3, 2014 – Major data breach at Home Depot

According to the old saying, “fool me once, shame on you, fool me twice, shame on me.”  Reports have surfaced of yet another major data breach similar to the kind we first saw with Target and repeated regularly since then.  As usual, it is not the company that is discovering the loss of data on credit  cards and debit cards used at the store, but rather banks that monitor the sale of stolen credit and debit cards on black market websites noting the common thread of the cards having been used at Home Depot.  First indications are that the data breach may have affected every one of Home Depot’s 2,200 stores throughout the United States.  The potential loss of data may well be far greater than suffered by Target.  It also appears that the breach may have been done by the same Eastern European hackers that stole data from Target, P.F. Chang’s and others using the same “backdraft” malware that I have warned you about for a long time and about which the Department of Homeland Security warned retailers on July 31st.  This will not be the last major data breach as retailers are still not doing enough to protect the security of their data or the privacy of their customers.  In addition, the loss of credit card data could have been avoided had retailers seen the writing on the wall when the Target data breach occurred and advanced the switch over to smart credit cards with computer chips that generate a unique code each time the card is swiped thereby thwarting hackers and identity thieves who would be stealing a number that was worthless for further use.  Present regulations put no incentive on retailers to switch to these cards which are used throughout the world, but not in the United States, until October of 2015.

So what do you do?


For starters, do not use your debit card for retail purchases.  Limit its use to ATMs.  There are strong laws to protect you from fraudulent use of your credit card, but the laws protecting you from liability in the event of fraudulent use of your debit card are not strong and you potentially risk losing your entire bank account to which the card is attached.  In addition, even if you report the fraudulent use of your debit card immediately, your bank will freeze your account while it investigates the breach which can be very inconvenient if you need immediate cash or have bills automatically paid from your account.  Another thing you should always do is monitor all of your financial accounts regularly for fraudulent use.