@Remedios the detective that investigated all of our back to back fraud issues last summer said they tell ppl to not use Paypal (for debit card fraud) and don't store our cc's on Walmart, Amazon and somewhere else (for cc fraud).  Reason being is he sees this all the time and those are the main ones.  I didn't read through all of your posts (yet, I will) but before I forgot just wanted to let you know about that.  Btw, once I deleted all cc's stored on those sites we haven't had a problem since.  There were many instances in our household in a short spell.  So maybe it worked; I couldn't begin to prove it was by removing those numbers because we were issued new cards but haven't had anymore fraud.  Good Luck with all that, it's so annoying.

---

@Remedios wrote:

Okay, so last security check on the phone was run at 2:45 am, and it appears scans are done daily.

 

I haven't used laptop in forever plus two weeks, because I'd be using my son's "old" Alienware, and that thing gets hot, in addition to looking extra tacky. 

 

🤷‍♀️

 

 

---

Wouldn't hurt to buff and polish that PC with an antivirus scan, antiscumware scan, OS patching, browser patching.   You know, stuff that teenagers often don't want to be bohered doing...

If it were me and I cared I would dump the transaction records from each of the compromised cards and look for overlap.

I haven't ever had a problem with cards stored on Amazon or PayPal to my knowledge, usually it was something more prosaic like where I ordered soccer referee kit from that was laughably lax with their database and stored credit cards directly in them.  Whoops.  I find that police anecdotal statement a little suspicious since big giant companies have to comply with big giant regulations, some of which smaller cats simply don't given the lack of legal penalties to PCI for example, or the fact that PCI audits for smaller businesses are nothing like the one I sat in for a Fortune 500 bank.

Modern WiFI is reasonably secure.  Most online transactions are done over HTTPS.  If you see a warning on a certificate be extra careful.  It's basic security but when it comes to fraud it is likely either physical swipes or some company's database got leaked.

There are also RNG submissions too that sometimes get unlucky but this many cards in short order for a single individual probably wasn't this and just have to find the pattern.

        

I would definitely subscribe to the "there is likely a common link" theory.  If they were all used at one merchant, that is a very likely suspect.  As for replacing your cards that have no been compromised, there's not really anything wrong with doing that.  I personally wouldn't ask for replacements unless a card was compromised, but the short time spent doing so could outweigh the longer time spent dealing with fraudulent charges.

---

@Remedios wrote:

I've gone for years without a single instance of CC fraud.

Then, in April, Chase sent me a text asking if it was me buying $100.00 worth of flowers from ProFlowers.

Nope, not me, I hate flowers. They send a new card. 

Not even a week later,  someone in Tokyo orders a pizza. Amex let's it go through, despite the fact I used physical card mere two hours before. Okay, fine. 

I still wasnt terribly alarmed, stuff happens, right..

 

A week after that, I'm watching five notifications come through, five Lyft holds on Cash+. Color me extra paranoid now. 

I had US bank replace both Cash+ and AR. 

After that, I locked CSR, because I was using it, hold times were horrible, and I couldn't request a card with new number via app. 

Then two days ago, I get email telling me a transaction was blocked, something like $6.00 for some construction company 🤦‍♀️

 

The only thing that I can think of is all those cards being used on the same website, then card info sold.

Because I cannot isolate which one with certainty, does it make any sense to preemptively ask for replacements on all cards used for online shopping. 

 

Pay no attention to label below, it's making me use one, and none are applicable 

---

The only cards that need to be replaced are those that have fraud on them. Even then it depends on the type of fraud and the merchant. I have had cases that fraud occurred and it was the merchants fault and just blocking the merchant was enough. In other cases it was the issuer being too sensitive and I had to approve one of my own charges. My favorite was when new card was getting a charge attempt before even activation. Basically just using a card is signing up for someone else to try to do fraud on it. This is why credit cards matter so much as they offer a buffer by the bank. I recommend considering it as a cost of doing business.

TU:816 12/19/24 Bank of America--EX: 809 01/03/25 Experian--EQ:836 01/06/25 myFICO--Gardening since N/A
Active:
Bank of America (Customized Cash Rewards VSC, Unlimited Cash Rewards WMC{PT}), Capital One (Discover It DC, Savor WEMC), Chase (Amazon Prime VSC, Freedom Flex WEMC [x2]), Citi (Custom Cash WEMC, Dividend MC), Citizens GreenSense WMC, Curve WEMC{S}, FNBO Ducks Unlimited VSC, GBank VSC, Imprint Rakuten AC, PenFed Pathfinder Rewards VSC, Santander Ultimate Cash Back WMC, Synchrony (OnePay Walmart CashRewards MC, PayPal Cashback WMC), UMB Simply Rewards VSC[Milford Federal], US Bank (Cash+ VSC [x2], Kroger Rewards WEMC, Pick n Save/Metro Market Rewards WEMC, Shield VC)
Wishlist: AAA Daily Advantage, AOD Signature, Aven, Bellco Colorado Rewards, Nusenda Platinum Cash Rewards, PCMCU Platinum Rewards, Redstone FCU Signature

Look at it this way, at least you have a good excuse for replacing your cards.

I literally haven't seen my CSR for two months now, finally requested a new one. 

        

This sounds to me like malware, and not website specific. Your computer probably has malware that intercepts your card info as you type it (like a keylogger). I would have your computer checked, and possibly fixed.

(If this is the case, even getting a new card will not solve your problem if you try using it again.)