Scam of the day – November 24, 2015 – Woman pleads guilty to data breach at Michaels

Some of you may remember the 2011 data breach at Michaels, a national chain of craft stores in which 94,000 debit and credit card numbers were stolen along with the PINs for the debit cards.  Recently, Crystal Banuelos, the apparent mastermind of the scam, pleaded guilty to charges of conspiracy to commit bank fraud and aggravated identity theft.  Sentencing is scheduled for February 23, 2016 in the Federal District Court for New Jersey.  Unlike the notorious data breaches at Target and Home Depot, in this case, Banuelos and her co-conspirators physically went into 80 Michaels’ stores around the country posing as service technicians and swapped out legitimate card processing equipment for machines controlled by them that would capture the credit card and debit card information along with the PINs used with the debit cards and transmit that information electronically to Banuelos, who then used that information to create counterfeit debit cards which they used with the stolen PINs to steal $420,000 from their victims’ accounts through ATMs.


While PINs are encrypted in a fashion that makes it all but impossible for hackers of legitimate card processing equipment to capture PINs, the use of their own equipment enabled Banuelos and her cohorts to harvest PINs as well as credit and debit card information.  However, the new EMV chip card processing devices will not be as easily manipulated to steal this information in the future.  Again the lesson for consumers is that you are only as safe as the places with which you do business that have the weakest security so it is important to regularly check your bank account and credit card accounts for evidence of any fraudulent use and report that use as soon as possible.  It is also important to refrain from using your debit card for retail purchases because if your information is compromised, your rights under consumer protection laws are not as strong as if your credit card information is compromised

Scam of the day – April 22, 2014 – Postmortem on the data breach of Michaels

Arts and Crafts store Michaels recently issued a new report telling us all what we already knew, which was that between May 8, 2013 and February 27, 2014, Michaels and a subsidiary named Aaron Brothers were hacked by cybercriminals who stole credit and debit card information of 3 million of their customers.  At the end of 2013 and the beginning of 2014 we became aware of similar data breaches at Target and Neiman Marcus as well.  Although these are the large data breaches that made the news, the FBI has indicated that more than twenty retailers were hacked and there may be more that we have not even discovered yet.  In fact, many hackers now are focusing their attentions on smaller retailers whose security may not be as good as larger retailers.  In the data breaches of Michaels, Target and Neiman Marcus the malware used is called POSRAM Trojan which is a memory scraper that steals the information from the magnetic strips of credit cards and debit cards when it is swiped through the terminal before it is encrypted for transfer.  In the Target breach and many others, investigators are finding that the malware is put into the victim’s computer systems through initially hacking into the computers of third party vendors that have access to the computer systems of the larger stores.  In the case of Target, it was their heating and air conditioning company that was the victim of the initial hacking that enabled the hackers to, in turn, get access to Target.

So what can you do?  How do you defend yourself?


The first thing to remember is to limit your use of debit cards to ATM machines.  Debit cards do not provide the same consumer protection from liability that credit cards do and even when they do, it is more time consuming and inconvenient to straighten out your debit card account when you are the victim of a hacking.  When retailers finally get around to implementing the EMV chip technology used everywhere else around the world, the type of hacking we saw used against Target, Michaels and Neiman Marcus will no longer be effective, but until then, you have to recognize that regardless of how careful you are when you use your credit card, you are in danger of identity theft.  Make sure that you check your credit card balance often to recognize early on if you have become a victim.  Meanwhile, retailers have got to start doing a better job of isolating the parts of their computer systems that deal with processing credit and debit cards.  Presently they are just too easy to hack.  Finally, retailers have got to get better at educating their employees about clicking on links and downloading attachments in emails that promise games, videos, music and pornography that entice employees to download the malware used to effectuate these hacks.

Scam of the day – March 7, 2014 – Another major retailer hacked – what it means to you

Sally Beauty Holdings, a multi-billion dollar beauty products retailer with 3,300 stores around the world including 2,600 in the United States has announced that it has suffered a security breach which appears to have compromised the credit cards and debit cards of hundreds of thousands of its customers.  Unlike the  recent data breaches at Target, Neiman Marcus and Michaels, it appears that Sally Beauty’s own cyber defense technology may have detected the intrusion at the same time that a number of banks identified Sally Beauty Supply as being a victim of a data breach.  In the Target, Neiman Marcus and Michaels data breaches it was banks that monitored credit cards that first noticed the pattern of stolen cards being tied to the particular retailers.  Recently, on black market criminal websites large numbers of stolen credit cards and debit cards tied to use at Sally Beauty were being offered for sale.  Investigators are now theorizing that it is the same criminals that are behind all of these recent retail breaches and we all should expect more retail breaches in the upcoming days and weeks ahead.


If you have shopped at Sally Beauty Supply in the last few months and used a credit or debit card, you should monitor the use of your card carefully for evidence that your card was among those stolen.  You may wish to change your credit card and debit card in order to be ahead of the game.  This is also a good time to remind you that you should not use your debit card for retail purchases.  Limit its use to ATM withdrawals because you do not get the same consumer protections if your debit card is breached that you would have if your credit card is stolen.  The inconvenience to you even if you do not actually lose money as a result of a debit card data breach is far worse than you would suffer with a stolen credit card.  You also may wish to protect yourself further by putting a credit freeze on your credit report so that even if an identity thief manages to get access to your personal information sufficient to gain access to your credit report, they will not be able to use the credit report because it will be PIN protected and frozen.  You can find instructions as to how to put a credit freeze on your credit report on the right hand side of this page of Scamicide.

Scam of the day – February 5, 2014 – Marriott, Hilton and Starwood hotels hacked

White Lodging Services Corporation, which is a company that manages 168 hotel franchises including Marriott, Hilton and Starwood hotels in 21 states has become the latest company to disclose that its data including credit and debit card numbers of its customers has been hacked and the data is in the possession of identity thieves.  Similar to the recent hacking and data breach that occurred at the retail crafts chain, Michaels, the breach was discovered , not by the company itself, but by major banks that noticed the fraudulent use of credit cards and debit cards and were able to trace the source to a hacking of White Lodging.  Initially it appears that the hacking may have happened between March of 2013 and the end of December 2013.  Once again, this illustrates that the security measures being used by many companies to protect our sensitive data is not up to the task.  It also again reminds us that regardless of how careful you are in protecting the privacy of your personal financial data, such as credit card numbers, you are only as safe as the store or agency with the weakest security measures that hold your information.


Because of the stronger consumer protection laws in regard to fraudulent credit card use compared to the laws regarding fraudulent debit card use, you would be well advised to limiting the use of your debit card to ATMs and not for retail purchases.  Also, it is important to check your payment statements for your credit card thoroughly and regularly each month or even more often online.  If you find irregularities, regardless of how small they may be, you should report the irregularities to your credit card company and consider closing the card and getting a replacement card with a new number if your card’s security has indeed been breached.

Scam of the day – January 28, 2014 – The untold story of the hacking of Michaels

This past weekend, Chuck Rubin, the CEO of Michaels, the country’s biggest arts and crafts stores issued the following statement: “We are concerned there may have been a data security attack on Michaels that may have affected our customers’ payment card information and we are taking aggressive action to determine the nature and scope of the issue.” Thus Michaels becomes the third large national retail store chain to become involved with a major hacking of its credit and debit card data following Target and Neiman Marcus.  What Michaels’ short statement did not indicate is that the company is still not even sure that it has been hacked although every indication is that it has been.   As in the case of the hackings of both Target and Neiman Marcus, it was not the company that discovered that its security had been breached, but rather the banking industry which discovered a pattern of fraudulent purchases using credit and debit cards recently used at Michaels.  So although the evidence is pretty strong that Michaels has been hacked, security experts and Michaels have still not been able to identify how the hacking occurred, which is indeed troubling because it means that newer and even more advanced malware was likely used to perpetrate the hacking.  As I told you just a couple of days ago, you can expect to hear this story again and again in the new year.


Once again, I want to advise you that you should limit your debit card’s use to ATM machines.  Do not use it for retail purchases because the consumer protections provided to you by law just are not as great as they are for fraudulent use of your credit card.  Also, as I advised you previously, you may wish to consider putting a credit freeze on your credit report at each of the three major credit reporting agencies to protect you from an identity thief getting access to your credit report in order to use your credit to make large purchases in your name.  you can find detailed instructions as to how to put a credit freeze on your credit report by clicking on the link designated as “credit freezes” on the right hand side of this page.  Finally, for your own protection of your computer, smart phone and other electronic devices, you should make sure that you have installed anti-virus software and anti-malware software.  You should also make sure that you keep this software current with the latest updates as soon as they are available, however, as the situation with Michaels illustrates, new strains of malware are always at least thirty days ahead of anti-malware software to protect you from those malware programs so you should always be wary of phishing and other techniques used to lure you into unwittingly downloading malware.  You can learn in detail how to protect yourself from phishing and other threats by reading my book “50 Ways to Protect Your Identity in a Digital Age” which can be ordered by clicking on the icon of the book on the right hand side of this page.