Capitol Hill credit card fraud wave update: Saturday’s reports, similar crimes in other cities

Capitol Hill residents and business owners continued to file reports of fraudulent credit card transactions with the police department on Saturday as the financial — and irritation — toll from the crime wave continues to mount.

18 more fraud reports were filed by people in the Capitol Hill area on Saturday. With Friday’s reports, that brings the total number of incidents reported to Seattle Police since we first reported a wave of fraudulent activity around the Hill to 41, according to data collected by CHS. The total number of accounts impacted is higher as we’re hearing from some victims who had not reported the fraud to police. If you have found that your account was compromised, contact your financial institution and then report the fraud to SPD at (206) 625-5011 (non emergency line). Note: The non-emergency line appears to be staffed on limited schedule so you may not be able to make a nighttime report. We’re checking on the schedule.

As we’ve been seeing, anecdotes from people who found new fraud over the weekend include shopping at various Hill locations — many on or near Broadway — involve a wide variety of financial institutions and include reports of small test transactions followed by large purchases at stores from around the country and, frequently, the globe.

Here is the map of locations where people filed reports on Saturday. Each green dot represents a report of financial fraud made to Seattle Police.

Again, we’ve included this second citywide view to show how concentrated this fraud wave is. On Saturday, 18 of 20 reports in the city were on or near Capitol Hill.

We are still looking for the first statement on this wave from local officials. So far, SPD has been reluctant to say anything but acknowledge that there does appear to be a highly unusual cluster of fraudulent activity in the area. SPD has not yet said that any of these incidents are skimming. We’re told detectives are busy investigating the situation and have not been available to provide briefings on the situation. Meanwhile, we are also in contact with the Secret Service’s Electronic Crimes Task Force but their Seattle office has not yet confirmed their involvement in the investigation.

CHS commenters have shared details of their experience with the fraud. The major theme from the conversation to date has been scale: This is an amazingly large wave of fraud. We have asked readers to not post local business names due to the harm the speculation can do and the unlikelihood that compiling these lists will show anything more than where CHS readers shop most often. If you disagree with this, we’re open to feedback. For now, we ask that your feedback not include a business list.

We’ve also been looking through news reports from across the country for similar situations. A report by the National Association of Convenience Stores describes the mechanics of fraud waves of similar attributes, size and scale to what we are experiencing:

Skimming is a catch-all term for a range of ploys designed to defraud credit and debit card users. Numerous techniques abound, but the method ref erenced by Wallace is particularly wor risome for convenience store owners in Nevada, Florida, California and Texas, where a high volume of interstate traf fic circulates through a concentrated group of stores.

Thieves compromise fuel dispensers by opening the unit and inserting a memory device between the customer interface and the payment system. The device looks like an open circuit board, two inches square, with ports that con nect to the card reader and PIN pad.

Once the card information has been intercepted, it’s transmitted wirelessly to a personal computer and then either transferred onto a blank credit card or stored in bulk. That fully functioning credit or debit card can then be used for making purchases or withdrawing money from a linked account, as seen in the Las Vegas case.

Once the skimming device is in serted into the pump, it can be weeks or months before it is detected. During that time, every transaction is recorded and stored for criminal use. Dispensers can easily service more than 100 customers each day, so even after a week’s time this adds up to a huge amount of stolen data.

For another example of how this played out recently, here’s a story from August in Gainesville, Florida:

NACS payment consultant Gray Taylor said that several years ago, a waiter or waitress could skim maybe 10 credit cards on a shift, and the information for those cards could be sold online for $50 a card.

“Today the prices are much lower, so (criminals) have been looking for bigger and bigger troves of credit cards and they are looking at places where they can pick up hundreds or thousands — places like gas pumps, parking garage terminals,” Taylor said.

Now, instead of having someone on-site swiping cards with a skimmer, hundreds and sometimes thousands of cards can be swiped with about $100 worth of electronics, Leonard said.

Maynard said the schemes are not the work of a local criminal.

“This is the work of international criminal organizations,” Maynard said. “There have been some ties to China and other countries.”

While gas station pumps have been the target in these scenarios, we have also read reports of similar schemes targeting other point of sale systems. Additionally, we have found examples with situations resulting in more than 100 victims perpetuated by one person with a skimming technology at their disposal.

There is also the possibility of new, more sophisticated attack involving a breach of a data system and collection of payment information. We haven’t found any examples of this kind that struck a local area in a way as focused as this wave — but, given the rate at which these criminals evolve and adapt, nothing seems outside the realm of possibility when it comes to how this information has been collected. The mechanics of the rest of the equation described above — the distribution of the information and execution of the fraud at other locations — definitely fits what we’re seeing on the Hill.

Subscribe and support CHS Contributors -- $1/$5/$10 per month

25 thoughts on “Capitol Hill credit card fraud wave update: Saturday’s reports, similar crimes in other cities

  1. It’s a tough call j.

    As much as I would like to know what businesses are involved, I don’t want to see neighborhood businesses unnecessarily harmed until the situation is more fleshed out by authorities. I am thinking it may not matter where you shop/eat/drink — every business and every consumer is vulnerable. Unfortunately, they are targeting us for our density and our attractive consumer habits.

    I am checking my financial accounts daily as are my friends.

  2. Well said. Although for me personally, I believe the businesses are as much victims as those of us who have had our cards compromised and I wouldn’t not shop there because of it. I’d just pay in cash or write a check.

    However, I’m not sure there’s anything much to be gained by posting business names at this point. We’ve already heard enough chatter to have a few viable suspects and I doubt any further comments will really help narrow/break things down. For one thing, I think people are mainly focusing on transactions they’ve done in the past few weeks/months, but it’s entirely possible the information has been stolen over the course of a year or more.

    Checking your accounts vigilantly is the best strategy.

  3. FB is buzzing on this topic as well. I think the number of people who have had card problems is much larger than any “reported” number…. much larger. If you have reported theft to the SPD in the past, yu know how little they care…. and the banks are now getting very good working with clients to do new accounts and get the money back which was stolen at once.

    As to naming names …. all are victims including the businesses. Why not just be honest and open? The many comments here are like a series of non edited interviews, 30 or 40, great reading. I have little interest except for the personal narratives of local people.

    This type of fraud is not new, tons of material out there. The interest is, wow, it has hit our enclave. Community blog, let the community speak in their own words.

    I have not sensed any malice to merchants at all, just frank and direct communication. We all know no business on the Hill is a partner in this fraud, just part of the story, and, another victim.

    Mike – accounts OK, have checked on line every morning for years….no fraud, but several mistakes by the bank.

  4. This blog is the epitome of what is wrong with “journalism” today. You are fear-mongering based on hear say and not on facts. How about you just report actual facts instead of hunches. Let the police finish their investigation and then write an article based on facts please. This article just makes you another source of incredible information, much like the Stranger and the Seattle Gay News. Just a useless rag.

  5. I have found a small transaction for a “STD Solutions” that I believe is a test charge. Makes my blood boil to think some low-life-scumbag-thief has my information.

  6. I’m not saying this isn’t real…
    But I’m just going to leave this here:

    Whether there’s some group think going on or not here the problem of CC fraud is real.

    I haven’t had the pleasure of having my cards compromised in this round but a couple years ago I visited Portland for a week and the next month someone was buying McAfee anti-vir with an address in Mexico.

    Now I have a debit card unlinked to my regular accounts and I dump what I need on it for daily use.

    So yeah. No. Your comment is not helpful or cogent. At all.

  7. Puzzled. The comments posted here at site by real people, who have been defrauded, aren’t those the same reports the police will use?

    First person isn’t a good source? I think the posts have been amazing, first person, intimate, the real stuff. What the police will say at some point is the conjecture. Since this is national and international fraud, SPD may have little role or little expert evaluation. Oops, speculation. I suspect the Secret Service, which does this work, will make a bigger splash, meaning a bigger role in investigation. Damn, hunch again.

    ‘Course posting comments on a blog is NOT the editorial content prepared by the blog editor in charge, thus can only be the opinion of the poster. It seems one reads the blog comments for what they are worth …. Non?

    Disclaimer: I read all the alternative press in Seattle, print and on line. There is a wealth of good information, opinion and filler. The PI and Times are the week points, now, in Seattle…. IMHO

  8. We just got off the phone with Chase fraud prevention. Several charges for several hundred dollars went through before charges started getting denied. Like a lot of the others, the first suspicious charge was from “STD Solutions DE” for a small amount and then a credit for the same amount. After that, hundreds of dollars spent in Delaware, New Hampshire and New York clothing stores. Several more were attempted, but the account was too depleted, and so the charges were denied. Chase finally clued in after something like eight attempts (four of which were successful).

    A quick scan of the comments in the earlier story on CHS
    shows many similar stories to mine. Check your account statements on line. I just looked at mine two days ago and saw nothing unusual, now this morning my account is almost empty and though I know I’ll be reimbursed eventually, it’s not going to happen soon enough!

  9. I don’t know how this is done, but criminals have also been installing skimming devises on AMTs outside of bank branches in Western Washington. My understanding is that with these type of skimming criminals, banks are aware that it has happened. So, my thinking is these skimmers are removed pretty quickly.

  10. O.K., first of all, it’s a blog dude. Lighten the frack up.

    Secondly, what the hell are you talking about? There have been 41 reports to the SPD about fraud in recent days. That is a FACT. In an earlier CHS story they passed on a KOMO news report that “BECU acknowledged ‘about 100 cases’ of fraud reported by customers ‘in the Broadway area'” all within the last few days.

    The recent reports are a huge spike in credit/debit fraud for our area and that doesn’t even include all the reports coming in from Chase, BoFA, and others. If you read the comments in the first story written two days ago, you can see at least 20-30 more people also reporting they’ve been hit, and lucky me. I am one of those people. I am not hearsay. I am an actual person who had money stolen from me, I Googled “STD Solutions” (the first suspicious charge on my account) and found the earlier CHS story and then this one. I found them both very helpful.

    This a community news and sharing board, not the fricken New York Times. I think of it like a bulletin board at a coop, except online. I come here to find out about news and events in my neighborhood, and I think CHS does a great job of presenting them. I’ll continue to read CHS to find out about what’s going on in my hood.

    If you don’t like CHS, either figure out a way to make it better, or don’t read it. Problem solved.

  11. We got a call from Chase fraud this morning. Unlike BECU, Chase was pretty damn slow on the draw. If we’d have had more money in the account the charges would have topped $2000. As it was, they depleted our account and kept trying to charge, eventually triggering the fraud indicator.

    After checking our account online (something I did just two days ago with no indication of a problem) I saw a charge from “STD Solutions” for $5.60 and a credit back for the same amount. After that there were hundreds of dollars spent at clothing stores in NY, New Hampshire, and Delaware.

    Sure, Chase will credit us eventually. In the meantime we’ve got to use our credit card for everything, because our cash account is gone. Thank gawd we /have/ a credit card. Hopefully that won’t get hacked too!

    We really need to switch to BECU.

  12. Really? Cause I’d imagine if there’s reports of people getting hit with CC fraud, more people are going to check, and more people would find it.

    Didn’t say it wasn’t happening. But reports of it happening in a certain area could definitely trigger MORE reports of it happening in a certain area. That’s definitely pertinent.

  13. I’ve been traveling for the last two weeks. My credit card company called me to let me know of the fraudulent charges, and canceled the card. (Yes, with that same SFD Solutions charge.) I didn’t realize it was a neighborhood thing until just now. Will call the SPD in the morning.

  14. – most the fraudulent charge incidents being reported here happened recently. This doesn’t appear to be a case where people are suddenly becoming aware of some background level of fraudulent transactions that have been going on unnoticed for some time.

    – many of the victims here first became aware of the fraud when contacted by their bank’s fraud department.

    Both these would suggest that this the fraud wave is a specific incident separate from the usual amount of background fraud that occurs all the time, and isn’t simply a result of increased awareness.

    One thing that is interesting is that this is so capitol-hill focused: one could wonder if that’s just because the audience for this blog is also CHS-focused; for all we know, people could be getting equally dinged in Redmond but not reporting it here since they don’t read CHS. So far, though, not seeing mention of this on other neighborhood blog sites (West Seattle Blog, MyBallard).

  15. …this happend to myself and a friend this week too. i wouldn’t have known to report it or have been aware that it could be linked to a larger problem if i hadn’t seen this article.

  16. Since it’s Halloween, figure I’ll add this scary story. Last December 23rd (or thereabouts) receive a call from Citi, they left a message advising me to contact them immediately. When I got home, I did. Turns out, someone in California used my card to charge about $700.00 in merchandise. Citi didn’t ask me if I’d made the charge – they knew it was fraudulent. How? The crook had hacked into Citi’s system and changed the address on the account. The charge was made either by phone or online with the merchandise being shipped to the cardholders (fraudulent) address. Found it interesting that the charge was made at the height of the holiday season, when the systems are probably maxed out. FWIW, close your account IMMEDIATELY if you suspect fraud. Ask the CC company to provide you with another card with a different account number. Since your call may be routed to customer service overseas, it’s important that you communicate your intentions very clearly. Contesting any charges should be done in writing to protect your legal rights.

  17. I noticed a charge for $500 in Baltimore 4 days ago. Since my roommate and I don’t live on the Capitol Hill I am worried that the problem might not just be contained there, and may be in the larger Seattle area somehow.

  18. as one who is involved with tracking fraud online.. local merchants absolutely should be part of any first person narrative, in my opinion. It helps determine whether the problem is local or national, whether single operation or international multi person. To the would be censor do gooder crowd, you do more harm than good trying to hush things up. If all we wanted was police reports and “official word” we could wait six months and more people could become victims during that time.

  19. The map seems to indicate that this is happening in small businesses and maybe gas stations. Is that others’ take? I don’t think I need to know exactly where, but the general idea would be handy — like should I avoid using my credit card at grocery stores, coffee houses, gas stations? Or is there a pattern after all. I had my wallet stolen a year ago and I’m still fighting the credit card fraud, so I’m shy about this.

  20. The map marks the approximate location where people made the report to SPD from, not where the fraud occurred or where the information was stolen.

  21. The card I had fraud problems with recently is one that I almost never use and only had 2 charges for the entire month of October.

    Unless it was swiped in September, in which case the number of possible places it could have happened jumps to 5. Only one of these places is in Capitol Hill.