Mechanical

Don't fuck with Ovid -- the long version

This morning, I found out that thousands of dollars of charges had been made on two of my credit cards in the past two days. Now, the identity thieves are sitting in jail. This is how it happened. It involves identity theft, a careless thief, one pissed-off Ovid and lots of luck.

I mentioned earlier that it took me less than an hour to find them, but it really depends on when you start counting. Maybe two hours is more accurate. Eh, who cares? They're caught. And where I have times listed, these are the times pulled off of my cell phone.

8:02 AM. I get a call on my cell phone from a number I don't recognize, but I didn't get to the phone in time. Calling back gives me a recorded message informing me that "the subscriber you have dialed is unavailable or has traveled outside their service area." That seemed odd because they had called me a few seconds ago.

~10:00 AM. I receive a call on my home phone. I almost didn't answer it, but it turns out it was the Discover Card Fraud Unit informing me that $2100.00 in charges had been made on my card in the past two days and had I made them?

Well, no. I typically don't go on spending sprees like that, but Discover was very helpful and honestly, I didn't even think about calling the police. I was actually just happy that Discover was treating me fairly (I gotta say, Discover's always been good to me) and I assumed that this was some online scam the police couldn't do anything about.

11:04 AM. My cell phone rings. It's that strange number again. Turns out that it's a Visa fraud unit calling me and thousands of dollars in charges had been made on my card in the past two days and had I made them?

Well, no. But this time I know I could be serious trouble. We start talking and they told me that Costco.com put through charges on my account despite the fact that the expiration date was wrong! (Note that in my earlier rant, I was confused about the expiration dates. Now I know what's going on.) They also mentioned something very interesting. It seems that just this morning, the thieves made a purchase at a Denny's Restaurant at zip code 97232.

Now I'm pissed. In fact, I'm so mad about this that the obvious doesn't sink in for a bit. I have interesting information. You don't have breakfast mail-ordered. These thieves were at that restaurant and that's a local zip code. Since my 'net connection went down this morning, I called pdx42 and asked him if he could look up that Denny's for me. He did. I know exactly where that Denny's is and it's not far from where I live. pdx42 told me to call the police right away and perhaps I should have, but I also know that speed is everything. Whoever served the food might be hopping off shift. If they're still at the restaurant, maybe they'll remember the order. It's a longshot, but it's the best I've got.

12:00 noon. I hop in the car and drive down to Denny's and ask to speak to the manager. I apologized for bothering him during the lunch rush and then explained what was going on. I pulled out my Visa. "This card was used here this morning. Someone has seen the thief. I know your registers store the day's credit card transactions. Is there any way you can look up this number and tell me who served them?"

The manager, Pat, said he'd be happy to help. As I sat and waited, I called the police. They said they'd have someone call me. Great. In Portland, the police department is so strapped that unless it's a person-to-person crime, it's pretty low priority.

Pat came back and told me he found the order. It seems that it was a phone order for carryout so he didn't have a signed receipt. However, he had something better. He gave me a description of the guy who picked up the order. He was a skinny blond kid, early twenties, t-shirt, dark-colored slacks and maybe 5 and half feet tall. Did he have any tattoos or other distinguishing marks? No. Were there logos or anything on his clothes? Don't remember. Did he say anything, have an accent? Not much and no. Pretty normal.

Great. This guy has described half of Portland's youth. Nothing. Is there anything else you can remember? "Oh, yeah. He said he was staying at the Red Lion."

I looked out the front window. There was the Red Lion Inn. Could my thief really be that stupid? I knew this was a dead-end, but again, I had nothing else. I thank Pat, walk towards the Red Lion, and then remember I forgot a crucially important question. I ran back to the restaurant.

"He was here when we first opened. 6 A.M."

Getting to the Red Lion front desk, I quickly explain what's going. They tried looking my name up to see if I was registered as a guest, but nothing came up. I described the guy but no one seemed to remember him. I asked if there was anyone there who might remember what their customers might look like that early in the morning. They called the lady who worked the morning shift and put me on the phone. I described the guy. No, she informs me. That describes tons of people who were there. She doesn't remember anyone who specifically might match that description.

I thanked her and was about to hang up when she said "sorry. We were pretty busy last night."

"No. He would have been here this morning. 6:00 AM."

"Oh! I know who you're talking about. He has a roommate and they're in room 327."

How the hell this lady remembered the guy and which room he's in, I'll never know, but I'm completely blown away at my stroke of luck. Do I have my thief?

The people behind the desk start rooting around for information and we get the smoking gun. They have a registration through hotels.com for the guys in room 327. The room is in their name. The billing is in mine.

12:19 PM. I call the police again. They want to know how I know the guilty part is in the room. I explain that I don't, but I have proof that he's registered as a guest. They tell me they'll send an officer. I go back to the front desk and am waiting, chatting with the folks there and trying to get more information. It seems they frequently use the computer in the hotel lobby, one of them had a Minnesota birth certificate faxed to him there and the hotel staff thought they were strange. They were also repeat customers, but it turns out they registered under different names, previously.

Then the conversation fell silent. I knew something was up and a young man walked past me to get to the computer. The manager on duty frantically pointed at him as he walked past and I knew this was one of them. It was all I could do to stop myself from turning around and confronting the guy. Instead, I asked if they had any literature about convention rates.

The manager whispered to me that if I want to make a quiet call, I can use their office. I followed her and walked past the guy sitting at the computer. His back was to me, so he didn't notice anything.

12:41 PM. I call the police again. I ask when the officers would get there and explain that at least one of the thieves is accounted for. At this point, the manager returns to the office and tells me the other one is in the lobby. One of the other front desk people takes my phone and gives a long description and pace nervously for quite a while. Meanwhile, the thieves leave the lobby and head back to their room.

~12:50, I poke my head out in time to see police officers going up the stairs. The head maintenance man tells me that he's stationed people near the exits to see where the guys go if they flee. As it turns out (I found out later), as the officers were heading towards their room, one of them walked out and was trying to leave at just that moment. The officers stopped this person and entered the room. There was drug paraphernalia (needles) lying around and in searching the room, they found yet another piece of damning evidence. Credit card companies will sometimes send out "checks" that you can use to make a cash advance. One of them had one of my Visa checks in his pocket. Signed.

Shortly afterwards, the police led the two thieves by me. They were in handcuffs and I had the biggest grin on my face. Dumb luck and persistence paid off.




Interesting side notes:

One of the thieves looks very familiar. It's bugging me, but I can't place him.

One of the police officers gave a maintenance guy a plastic Coke bottle filled with syringes to dispose of. Isn't that supposed to be evidence?

Update: I am told that a police report should be ready by Monday. I'll get it as soon as I can, scan it and post it.

Update2: to "droop": sorry about deleting your entry about syringes. I'm on a laptop and the irritating trackpad and I don't play well together. Just to address your concerns, though, I'd like to mention that the hotel informed me they had proper sharps disposal, so no needles were being thrown in the trash.
  • Current Mood: happy happy
Good Compnanies
I recently had an excellent experience with an online merchant Allspec.com. They not only verified the account information by ensuring the billing address was correct, they called me because the bill-to and ship-to addresses were different, after verifying the number used with the bank :) Warm fuzzy feelings abound for this merchant.
Re: Good Compnanies
I've actually encountered a few online companies now that insist on new orders being mailed to the billing address. Quite a good way to put off the fraudsters, I think.
Re: Good Compnanies
It does help a great deal, as few thieves do go to the trouble or danger of stealing from the home address. It has happened though, and it would be remiss not to mention it.

All that being said, any company that takes reasonable precautions does everyone a favor: the billed party, the card company, and themselves. Perhaps we should have an online repository of good practice merchants :)

There probably is one, but I do not know of it.

---
"The trouble with the world is that the stupid are cocksure and the intelligent are full of doubt."
-Bertrand Russel
Re: Good Compnanies
Prior to last year, I ran a webhosting company that offered an online purchase and signup. For the record, I found a few things that may help anyone reading this, and running an ecommerce shop (at least, relating to webhosting/domain registration):

1. Fraudsters nearly always go for the most expensive thing available. Out of all the various domains and hosting packages I had available, the fraudsters nearly always went for the 300 a year domain name with the 150 a year hosting package. I put in a simple check for anything over 100 to be manually vetted, and nearly wiped out the fraud.

2. MaxMind offer a fast lookup that converts IP addresses to ISO country codes. If a person from Thailand tried to use a US credit card, they got flagged for manual vetting (which happened fairly often). This pretty much wiped out the rest of the fraud that I was seeing, except for one or two occasions where someone in the US, used a stolen US credit card to register a few plain .com's with no web hosting.

3. Lastly, I used a company called Worldpay for the actual credit card transaction. They offered a service whereby suspect payments went to a seperate system that did not immediately take money from the person's card. That with the above 2 things meant that when the checks decided the person was deeply suspect, meant that we didn't get smacked with refund charges and whatnot.

One thing has occured to me about this though, and that is that most credit card fraud is gotten away with because the owner of the card doesn't find out usually until his monthly bill comes in. In this case, the perps made a couple of large purchases and triggered the alarms at Visa.

How hard would it be, for the credit card companies to send out an email or better yet an SMS, every time a purchase was made on the card? It wouldn't cost much to do, and the owner would get an immediate notification as soon as the scammer attempted to use the stolen details (which they do sometimes... test the card by buying something costing a few bucks to see if the number is valid or not).