While the 12AngryMen wax philosophic on the issues of our time, I thought it would be perhaps useful to forward a bit of knowledge to our dear readers. Let me preface this missive by stating that in a previous life, I developed banking and on-line software for a credit card marketing company. While the company I worked for was not above certain ethically challenged marketing efforts, I assure you that it never decended to the levels described herein. I know — my group wrote all of the applications. One has to, however, admit to a bit of grudging admiration for the deviousness inherent in this bit of subterfuge.
Usually I make purchases on-line using my card and a bit of software called Shopsafe which produces one-time cards with a specified expiration date and a specified credit limit. This is a practice I heartily recommend by the way. Unfortunately other members of my family are not so circumspect. The following is an analysis of what happened and how it happened.
Upon receiving a monthly statement, my wife reviewed the card statement and noticed a charge for $9.00 from a company called WLI.ReservationRewards.com. I immediately recognized the charge as an after-marketing or cross-sell result from some purchase made by my wife. A quick search revealed what I expected. The on-line site my wife visited was eBags.com (which happens to be listed on the previous link.) Intriqued, did a little CSI work and uncovered the logic and process involved. The following is a bit technical, but if nothing else, skip it to the recommendations at the end.
WLI contacts on-line companies with affinity and cross-sell agreements. Basically, no one in their right mind would sign up for this crap (My previous company sold similar enhancements. They had a 98% profit margin.) So in order to get sales, WLI has to make agreements with companies who sell stuff you actually want. They will cut a deal with the company—after you complete your transaction, link to our site for a cross-sell opportunity and we will split any sales with you 50-50. To the legimate company, this is a hell of a deal. Free money even. All you have to do is add some code pages to your web site and in return you get 50% of the till. A lot of profit for no effort.
What actually happens is that instead of linking to the site as a separate session, they link internally as another page in the same session. Why is this important? When you do a credit card transaction, any reputable company will attempt to protect your credit card data. They do this by establishing an SSL session to encrypt sensitive data on-line. Because of the stateless transactions on the HTTP protocol, it is sometimes necessary to store the card data in the event that a transaction does not run to completion. Card data are usually stored in cookies encrypted under the SSL symmetric key. Note that this is actually safe as this data is not usually stored on disk, and even if it is, it is encrypted with a 128 bit symmetric key. When the session ends, the data are automatically purged, and the data on disk is not accessible as the key is toast also. Visa and Mastercard rules state that card data should not be stored, and the CVV, the verification codes are NEVER to be stored. A lot of companies interpret this as stored on disk. So when you end your transaction, and leave your session, your card data is purged. Right? Not so fast!
Remember that the code the cross-sell company added doesn’t link in the normal sense but just continues with the session in an attempt to sell you some useless crap. By continuing the session, the application running (the cross-sell application, not the original on-line store) has access to the card data in the cookie. Most legitimate companies don’t think this through — the money is too good.
Now here is where the sneakiness gets involved. This has to be legal. That is to say, somewhere you have to say that you want to buy the product that they are selling. Further, they have to send you an acknowlegment. This can be immediate (print this page) or usually as a follow-on email. So what happens?
You get to the cross-sell page and see some gobbly-gook and decide this is bullshit and navigate away from the page. You are done with it and gone. Nope! Somewhere on the page there is a box which is checked that says “Send me this crap for $9.00 a month”. This is called opt-out and is a source of great consternation between marketing people and the FTA. [As an aside, organ donors in Europe have to opt-out to NOT become an organ donor, i.e., uncheck the box. In the United States, drivers have to opt-in to become an organ donor. The relative rates of donors in Europe is over 80% verses 20% in the United States. This is the power of opt-out and why marketeers fight for it so hard.] Clever web designers that they are, attempt to hide the opt-in box which of course is prechecked (making it, in effect, an opt-out). This could be buried in a mass of text, but typically is in a place that requires the user to scroll down to see it. A cursory glance at the page shows nothing so the user just navigates away from the page.
At this point the old javascript on-exit() script kicks in. Before the browser exists, it pulls the name, card information and everything that is required to create a new transaction from the cookie left behind by the legitimate store and posts a new form to WLI. Since this is a monthly charge, it sends all of the card data so that transactions can be recurring. This has two effects: 1) you are charged for something you don’t want, and 2) your card data is now on a server somewhere else protected by likely not very much security.
Actually, I am a step ahead of myself. Typically these deals come with a free 60 or 90 day trial period, after which the charges start to appear. To be legal they have to send an acknowlegment. Since you obviously can’t print the screen since you navigated away, they send you an email. (also grabbed from the cookie.) Unfortunately, this is a simple message couched in language such that there is no immediate charge
to catch your attention and usually with a subject line that guarantees that the email will be spam-canned immediately.
After 90 days, the more enterprising send you another email, also likely spam-canned, that let you know that the charges are about to begin and then they hit you up for the $9.00 per month. The other thing is that the fees are kept low so that they are likely to slip in under the radar in a long list of charges. Err what is that – a latte I charged at Starbucks? The billing statements are also listed as obscurely as possible.
A heck of a deal. Don’t bother calling the legitimate on-line store customer service. They are usually completely unaware that this is happening, and the marketing people are not about to draw it to anyone’s attention if they find out because their revenue stream has just jumped up.
As a service to readers I give the following advise:
- Use Shopsafe or some similar software to generate one-time cards. Set the expiration date at minimum (usually 2 months from current date) and the limit at $5.00 over the current purchase (plus shipping and handling, etc.) Scams like this can’t work if the card is invalid (expired) at the end of the free-trial period, or if the absolute credit limit will be exceeded.
- After you complete the transaction (the page will say this) and BEFORE YOU DO ANYTHING ELSE, close the browser. Kill it — and the session data. Then open a new browser to continue whatever you want to do. Never navigate away from a completed transaction page.
- Read your credit card statements.
[Author’s Note: If there is sufficient interest and comments, I will be willing to expose more credit card ethically challenged activities. There are several interesting ones.]
November 1, 2007 at 5:54 pm
My latest beef with credit card companies pertains to the conspiracy between Macy’s and Citibank to “flip” inactive Hecht’s credit card accounts into Citibank Mastercard accounts. Apparently, it’s all technically legal, but it’s decidedly shady as it is likely to bring down a lot of credit scores. Let’s talk about how this works:
1. Macy’s starts with the inactive accounts that it took over from Hecht’s, which incidentally are the ones for which the address information is most likely to be out of date.
2. Citibank sends an opt-out mailing to all of these addresses, informing them that they’ll get a new Mastercard if they don’t contact Citibank and decline it.
3. Because it’s a mailing from a credit card company and it’s likely addressed to someone who doesn’t even live there any more, the mailing gets discarded.
4. The credit card is issued, getting mailed to this still-never-confirmed address.
5. God knows what the person at that address do with the card once he or she gets it in the mail.
6. If the person who got the card is sufficiently unscrupulous, then you (the person to whom the credit card was supposed to be issued) only find out about this a year later when a collection agency comes for you to collect debts racked up by some guy at your old address.
At best, this is a recipe for credit card fraud and identity theft, with a ding to your credit score as just icing on the cake. If Citibank can make more money on unwanted credit cards that are legitimately used than it will lose on credit card fraud that it ultimately has to pay for (after years of inconvenience and permanent financial harm to the person who never knew this card was coming), then the credit card industry has become too lucrative for its own good.
I’m lucky, because my out-of-date address happens to be my parents’ house (and my family is not the sort of one where people defraud one another). If I’d stopped using this card at one of my after-parents-but-before-now residences, I would be completely dependent on the kindness of the people at those residences to NOT steal my card and buy things with it.
Disgusting, if you ask me.
November 1, 2007 at 8:53 pm
Let’s not forget how such snail mail notices are sent and the characteristics of the postal system in this country. First, mail forwarding is only good for a year, and even that is limited to bills, magazines, and birthday cards for the most part. Second, these things are mailed using the cheapest postage possible: presorted standard. In other words, thee get sent to an address and can’t be sent on via the postal system (no return to senders, etc.)
Thankfully, my credit card company does not do this. I should know, as I work for their parent corporation and with some of their employees on tasks.
November 2, 2007 at 6:46 am
I had a similar situation happen to me after shopping on http://www.vistaprint.com. It was then I discovered that VistaPrints isn’t even lcoated in the US! I did get a refund from them to the tune for $77 for months of recurring charges that I did not agree to. I am sure I didn’t Opt-OUT of something. I am much more cautions now. Incidentally, I own an on-line t-shirt shop and would NEVER do this to my customers. Who thinks of these scams?
January 6, 2014 at 2:15 pm
You should try http://www.cheapchecksplus.com next time. Located in Houston, TX. Never had a problem like that with them.
November 2, 2007 at 9:06 am
Not that it’s much of a compensation, but I presume that opt-out really means opt-out, so if you never actually received the mailing, you may have a good court case.
Now, real court requires lawyers and expense and usually going to whatever evil jurisdiction the corporation lives in. But small claims court can mean no lawyers, low expenses, no change of venue, and—best of all—often judges sympathetic to the little guy.
http://www.nolo.com/product.cfm/ObjectID/EE829024-37B3-4FA5-A32D6DCEF421A1A5/104/
http://www.consumeraffairs.com/consumerism/small_claim_04.htm
No guarantees, but since corps are required to send their lawyers to your small claims court venue, and since that’s usually more money than your claim, settlement is common. Not the path to riches, but satisfaction after being cheated may be priceless!
November 2, 2007 at 1:05 pm
Dear Blogger:
Webloyalty.com protects its reputation and monitors the blogosphere to insure information posted on our company is truthful and accurate. Through this monitoring, we found this blog and would like to address your concerns by clarifying that our Reservation Rewards membership offers are not “opt-outs”.
At no time does Webloyalty.com accept credit or debit card information until the consumer expressly consents to the transfer. The consent is given when the consumer either:
• Enters their name, home address, email address, credit card number; creates a personal password and clicks the “YES!” button in the membership registration page; or
• Enters their email address, confirms their email address and clicks the “YES!” button in the membership registration page
In both instances, the text next to the “YES!” button clearly states, “By entering my password as my electronic signature and clicking Yes, I have read and agree to the Offer and Billing Details and authorize Reservation Rewards to use my name, address and credit or debit card information I provided for billing and benefit processing.” If the consumer navigates away from the page without entering their email address twice and clicking on the YES button, the membership is not processed and no credit card information is passed to Reservation Rewards.
We’d like to provide you with a sample of the Reservation Rewards membership offer page your wife accepted to better demonstrate the process through which she accepted the offer. However, we don’t know who you are or what your wife’s name is to locate her membership record. If you would like us to provide you with this information, please contact me at consumeraffairs@webloyalty.com and provide me with your wife’s name and/or email address.
Thank you for the opportunity to post this reply. We hope it helped to address some of your concern.
Regards,
Mary O’Reilly
Webloyalty Consumer Affairs
Reservation Rewards
November 3, 2007 at 8:25 am
One can pretty much tune this out right here, since it begs the question: “Why would a legitimate company providing quality service have concerns about the blogosphere great enough to monitor it?”
In fact come to think of it, most of those we have seen who practice this and post comments like this are scam artists slightly worse than used car dealers.
If in the future you would like to sound a bit more convincing use a little less ‘new speak’. “Truthful” and “Accurate” are words often meaning the users reality, not real world reality. Instead explain that you are pro-actively searching to address customer problems that may not have been brought to your attention. To the more gullible this will look like you care about those you are scamming, and hence make it seem less of a con.
November 3, 2007 at 11:01 am
Seems like you stirred up the scammers. I for one am interested in your insight into other scams online.
November 3, 2007 at 1:21 pm
I for one would like your advice about my Nigerian friend I met a while back. He’s interested in this “cross-selling”, and would like to get started right away…
November 3, 2007 at 2:03 pm
So first, they rip you off for $9, then visit your blog and call your wife a liar? What a great company.
Instead of monitoring the blogosphere for people saying mean things about them, they should be monitoring the front page of Slashdot, you’re on it.
November 3, 2007 at 2:11 pm
As to your question about why a legitimate company would monitor blogs, it is very simple. Any company that sells a product to consumers has to do so. Not to do so invites someone with a grudge to spread misinformation, sometimes actionable.
If the first you are hearing of something like this is when customers start dropping off, it is too late and the company can be in big trouble. PR does not take care of itself. Unless you want your reputation to be in the hands of angry people, you take care of it. Happy people don’t write long articles on the Internet about how happy they are – angry people write and try to convince others.
*****AFL replies: Quality service speaks for itself and has no need of this. Customers are quite protective of the reputation of those businesses which have served them well. Your comments remind one of the old adage about victory requiring no excuse and failure allowing for none. Applied here one might say: Honesty requires no damage control, Con Artistry ultimately cant be masked by it (as evident by the torrent of posters here).*****
November 3, 2007 at 2:20 pm
Good work! I despise these extra offers that add no value to my purchase. Why would I want to insure the cheap items I buy online? Doesn’t that negate the savings of buying online? etc, etc.
November 3, 2007 at 2:25 pm
You might want to correct the ‘in Europe’ part to ‘some countries in Europe’. Organ donation is a major topic and at least in Denmark and Ireland, you have to specifically opt-in.
Nice write-up of cross-selling, though.
November 3, 2007 at 2:30 pm
Just got one found they had been doing it from last October advised we considered fraud they refunded the whole year of charges within two days to the bank. I think it is an interest scam in affect, just add a charge that most people won’t notice in the flood of charges in an online only payment life and take the interest when they complain full refund, and they keep interest.
November 3, 2007 at 2:35 pm
My son just got his first debit/check card, and this article was timely. Vague parental warnings to be careful online don’t impact half as well as a detailed description of what’s going on in the background. More, please!
November 3, 2007 at 2:43 pm
I would like to see the page where the opt-in was clicked. Mary, would you please post an URL to a screenshot?
Thanks, Mike
November 3, 2007 at 2:45 pm
I Find this Very interesting, because with our “NEW AND IMPROVED” ToysRUs Chase cards, they have a similar add on, 90 days (three months) free issues of People Magazine for like 15$ a month (thats like more than 3X news-stand price)and watching people apply for them, they rush through and 99/100 times they don’t even read the EULA agreement.
November 3, 2007 at 2:51 pm
In a quote to pages where it was clicked if you google search wli research people have documenting this for over a year the range of sites is Amazon (most likely third party sellers on amazon) to small sites that focus on single product. I can’t remember the site where my wife got this charge it was an art posters and print site. I am wondering if it is being added to the merchant accounts these people use on the smaller scale without them being aware fully. Again though wli is quick to refund, I just can’t imagine the volume of interest they can generate in this scheme.
November 3, 2007 at 2:55 pm
@Webloyalty Consumer Affairs
Not so fast!
I almost got caught by this *twice*.
The trick that almost got me is the “Continue” button at the bottom of the order confirmation page you get after you complete the transaction. 9 out of 10 people think it’s some kind of confirmation of your original order, but it actually has a very faint (almost the same color as the page background, and very small text, often requiring you to scroll down to see it) disclaimer below it, saying that by clicking the above button, you’re approving the transfer of your information to WLI. You then get another page which asks you to again confirm that you want to exit or something like that. Two clicks and WLI has your approval to start the scam.
In the two cases I investigated, *neither* merchant was aware of WLI’s little tricks. They both said that the “storefront software” was provided to them by the hosting service. I found this to be true…there are companies that sell “ecommerce storefronts”…and you have to option of including “customer loyalty premiums”…which, of course, is an “opt-out” option for the merchant…they have to specifically request that the WLI links be removed from their package.
I don’t know, but I strongly suspect, that the merchants themselves do not benefit from the addition of the WLI links. More than likely, it’s the company that packages the storefront software.
To their credit, the owners of the two merchants I contacted promised to investigate and remove the WLI linking. I’m not sure about one of them, but the other was a Yahoo Shopping storefront. I also suspect that a merchant desiring to set up a Yahoo storefront is probably presented with a “one-click configuration” option, which installs one of these storefront packages.
And, as a kicker, the WLI “benefits” are basically junk…not worth the $9.95 a month or whatever. Stuff like “roadside assistance ” plans that are limited to daylight hours, one gallon of gas and one usage per year. If you needed any other indication that this is a scam, WLI will cancel the service immediately if you call them on it, and refund 90 days charges (I think that’s a legal requirement) but will do no more.
Do a Google for WLI and take a look at what people have to say about them. Not a lot of good feelings out there towards these folks and their “innovative marketing”.
November 3, 2007 at 3:02 pm
Here’s just one website of a “satisfied” (not) WLI client:
http://adam.rosi-kessel.org/weblog/the_man/webloyalty_aka_wli_reservations_is_a_scam.html/
November 3, 2007 at 3:09 pm
We got scammed by this. One of these “Interested in Saving $10” links on movietickets.com. Did NOT re-enter credit card info, name, e-mail, address. In fact, they did not even have an address, or the correct name. At no time did anyone click “Yes” to sign up – where Mary is lying is that the “Yes” you click on is a “Yes, I’m interested in saving $10” before the terms are presented to you. After you read the terms, this blog nails it, they charge you without you agreeing with the terms.
Sorry Mary – glad you read the blogs so others can find out about you, but after getting my money refunded from this scam, I have to call “BS” on you.
November 3, 2007 at 3:55 pm
Wow! The search argument at Google is
wli fraud
That returns over 23000 hits!
Thanks for the tip!
November 3, 2007 at 4:00 pm
Your technical explanation is little better than gibberish to anyone that knows what they are talking about in regard to web development.
Let’s take just one incorrect sentence:
“Card data are usually stored in cookies encrypted under the SSL symmetric key. Note that this is actually safe as this data is not usually stored on disk”
Cookies are in fact always stored on the client’s disk. They are certainly not encrypted by SSL. SSL is for over-the-wire encryption and has nothing to do with cookies.
Second example of how you’re wrong? Even if a merchant links to WLI’s server “in the same session” (as you put it which in this context is meaningless from a technical standpoint), it would still not have access to any cookies that the merchant stored. Why is that? Because browsers will only return cookies for domainX.com if domainX.com is requesting the cookie to be returned. It has nothing to do with “sessions” as you put it.
Every one of your technical points is incorrect, I won’t even bother to explain the rest.
November 3, 2007 at 4:00 pm
My blacklist of spammers, phishers, etc.
includes:
0donnell.com
hotel-values.com
one-time-offer.com
reservationrewards.com
shopperdiscountsandrewards.com
travelvaluesplus.com
webloyalty.com
wlelmsford.com
and will of course also include any other domains
that trace to them as soon as I’m aware of
their existence.
November 3, 2007 at 4:01 pm
Oh – forgot to mention… I have no doubt that WLI is a dubious company and you were scammed in some way. I was only refuting your technical mumbo-jumbo which is frankly laughable.
November 3, 2007 at 4:11 pm
I love how they ask for your name and info rather than direct you to complaints page or opt out page. All the better to set up a slander suit..
November 3, 2007 at 4:21 pm
You may be able to join a class action against Webloyalty.com.
http://www.lawyersandsettlements.com/case/webloyalty.html
Mary might enjoy some of the (minimal) screen shots in the filing:
Click to access complaint.pdf
… and some of the quotes:
“… Customer Service ‘escalated’ the call to the Lead Customer Service Representative to better explain to the customer how they became a member. This former employee explained that most callers to the customer service center ‘were not aware they
were members.’ If customers visited Classmates.com or Fandango.com, for example, and clicked
on something, they automatically became members. In addition, this former employee asked people
at Webloyalty how people signed up for Webloyalty programs, and was told that people signed up
without realizing it.”
But of course, Mary should already be aware of this because, “‘99% of the people calling were calling to cancel their membership’ because ‘[a] lot of the people didn’t know they were going to be charged.'”
November 3, 2007 at 4:31 pm
Shopsafe is only available through BofA, is there a stand alone compnay that you know of thatt does the same?
November 3, 2007 at 4:31 pm
I had this same problem with jc whitney I bought some air bags for my truck, lo and behold 60 days later I see charge on my credit card for $9.00 from shoppers reward. I call and cancel get it refunded. 60 days later shoppers paradise, same process, it’s only been 30 days since that one. Different company name same charge same recording, same voice tree, same hold music.
November 3, 2007 at 4:38 pm
I had this happen to me from fandango, same deal, you have to click the option to opt out rather than click it to opt in. I notice a 9$ charge one month and then looked back and it was a few months of charges. I called AMEX asap and they removed all charges and invested the company for me. In most cases you dont have to fight it your self, if you have a good cc you can have them fight the fight for you.
January 26, 2011 at 12:35 pm
בגדי עבודה
November 3, 2007 at 4:42 pm
One reason to return fund immediatly on request, is if the Credit Card companies track complaints, and blacklist charges from companies once they have to many chargebacks.
November 3, 2007 at 5:01 pm
John Crissman
We appreciate open and honest discourse here at the AMB, and as such welcome your insight. If you would not mind, could you please explain how this process really works. While it may require technical detail, if at all possible keep that to a minimum so the rest of us can understand :p
If you could write it up in such a way that it could be tagged to the article I am sure that we would consider doing so. Thank you for your interest and concern, hope to hear from you again soon.
November 3, 2007 at 5:05 pm
@John Crissman: about your 2nd point: I’d guess that’s why the original merchant has to install that “storefront software” on _his_ server. So it can stea^h^h^h^h borrow the cookies.
November 3, 2007 at 5:21 pm
John Crissman, Thankyou for your correction of one of parts of the technical description of the process. It made sense then. However, if you acknowledge that WLI is a dubious company and that a scam was perpetrated, perhaps you should take the trouble to give a full correct description of the process so that the rest of us are armed with the facts when dealing with this unethical operation.
November 3, 2007 at 6:00 pm
Whether or not the technical description of what happens is correct is irrelevant. What is relevant is the fact that I could be charged an additional $9 a month for a service that I did not specifically request.
I don’t use a credit card – I have a debit card, and monitor my account online regularly, but even this does not sound like I’m being vigilant enough.
Thanks for the heads up!
November 3, 2007 at 6:00 pm
I would definitely like to hear more about the credit card scams. This is all new and interesting for me.
November 3, 2007 at 6:06 pm
That set up sounds so illegal its not even funny. To say that you did not opt out is a joke. Did you dispute the charge and get your money back?
November 3, 2007 at 6:54 pm
@21 John Crissman
Why is that? Because browsers will only return cookies for domainX.com if domainX.com is requesting the cookie to be returned. It has nothing to do with “sessions” as you put it.
HFS!! Ever hear of XSS? I feel bad for your clients.
November 3, 2007 at 6:56 pm
Sorry, that was supposed to be @23, and for those of you don’t know what XSS is, it’s Cross-Site Scripting. Its when an attacker gets a trusted site to run its javascript (exactly as was described in this article) which grabs the cookie and sends it via POST/whatever to the attacker’s site.
Talk about Web Security 101, jeez!
November 3, 2007 at 7:03 pm
Gahhh!
More BS!
@23
Cookies are in fact always stored on the client’s disk.
BZZZT! This is up to a) the server, and b) the browser. “Allow for Session” means they NEVER get saved to disk. And setting the expiration to “0” the server also means… THEY NEVER GET SAVED TO DISK.
They are certainly not encrypted by SSL. SSL is for over-the-wire encryption and has nothing to do with cookies.
BZZZT — sorta. True they are not encrypted, HOWEVER cookies can be marked as “secure” by the server so that they are never sent over an encrypted connection.
Heh… It must all sound like “technical mumbo-jumbo” to you, since it’s clear you haven’t worked with any of these technologies much at all.
November 3, 2007 at 7:08 pm
I’ve never heard of WebLoyalty.com before this, but if you’re still monitoring this blog, Mary, you should know that your message convinced me beyond any doubt that you company is fraud mill. If I ever see a charge on my VISA from “Reservation Rewards”, I will refer it to my state attorney general.
My company provides communications equipment to police departments and federal agencies all over this country, so at any given time, I’m about two calls away from finding an ambitious young prosecuting attorney who would just love to give their careers a boost by hanging crooks like you out to dry.
Have a nice day.
November 3, 2007 at 7:10 pm
Webloyalty Named In Class Action Lawsuit
By Melissa Campanelli
September 18th, 2006
Customers of several popular online retailers, including Fandango.com, Priceline.com and Staples.com were victims of an alleged Internet scheme in which their credit cards were charged a monthly fee for a “discount club” membership they had never requested, according to a class action lawsuit filed last week in US District Court in Massachusetts.
The lawsuit accuses Webloyalty.com, an online marketing services company based in Norwalk, CT, of engaging in a “coupon click fraud” scam in which credit card information was automatically transferred to Webloyalty by its dozens of online business partners — such as Movietickets.com, Petco.com, and FTD.com — without consumers’ knowledge or consent. The lawsuit seeks an injunction on the claims, compensation for consumers and other remedies.
In a statement published last week, Webloyalty.com announced that the lawsuit is without merit. “The lawsuit is frivolous,” said Rick Fernandes, CEO and co-founder of Webloyalty.com. “It completely misrepresents the manner in which Webloyalty.com conducts its business. We intend to vigorously defend ourselves and expect to prevail.”
Webloyalty supplies more than one million subscribers with reward, discount and protection programs. Webloyalty clients, which include more than 120 e-commerce and travel businesses, benefit from increased revenue and repeat purchases. Consumers benefit from high value subscription services that match their needs and interests.
The lawsuit said when customers bought from one of Webloyalty’s partners such as Fandango and clicked on a pop-up window offering a $10 coupon on their next purchase, their credit card information was automatically transferred to Webloyalty and they were unwittingly enrolled in its “Reservation Rewards” loyalty program.
The complaint says that once enrolled in the program, which promises rewards such as movie tickets and shopping discounts, consumers’ credit cards are billed up to $10 each month.
“Hundreds, if not thousands, of consumers have complained to Webloyalty and local, state and federal consumer protection agencies about the deceptive nature of its sales of its ‘Reservation Rewards’ discount club product and its unauthorized access to their credit card information,” the complaint said.
The plaintiff named in the lawsuit, Joe Kuefler, bought movie tickets from Fandango and was unknowingly enrolled in Webloyalty’s rewards program.
The lawsuit also claims that Webloyalty and Los Angeles-based Fandango, a codefendant in the case, violated consumers’ privacy rights by disclosing and using their credit card information and are engaging in deliberately deceptive business practices, illegally netting the company substantial sums of money from the consuming public.
The lawsuit filed by law firms Lerach Coughlin Stoia Geller Rudman & Robbins LLP, Lee & Amtzis, P.L., and Phillips & Garcia, LLP, alleges violations of the Electronic Communications Privacy Act, unfair and deceptive acts and practices, unjust enrichment, invasion of privacy, money received and civil theft.
November 3, 2007 at 7:17 pm
Just ignore the stuff about sessions, cookies, and SSL. The rest of this is correct. You sign up for A, give your credit card information to pay for A, and they trick you into buying B. You don’t realize you are buying anything because you don’t have to enter any information again. That’s the way the scam works.
November 3, 2007 at 7:26 pm
Great post. Very interesting stuff. Naturally the ethics of this has to be questioned, and it appears that they are walking a very thin line, whilst not illegal, may eventually end up that way.
November 3, 2007 at 8:21 pm
[…] https://12angrymen.wordpress.com/2007/11/01/caveat-emptor-use-of-credit-cards-on-line/#comment-4675 […]
November 3, 2007 at 9:46 pm
@John Crissman: you’re a little off on your understanding of the situation… they DO have access to your cookies (the shady cross sell companies are having you install software on the other ‘host’ company’s server, so you are accessing the cookies via their url, not your own sites), and they aren’t always stored on disk… persistent cookies are always stored on disk, but some implementations of browsers do not use the disk for session cookies. You’re right though SSL is for encryption on the wire, and you’re also right that the original author does misinterpret some of the details, and I would also agree that it is important to the discussion that the facts be correct, even if some of the readers don’t understand them. Techno-babble or not, it’s how you determine whether or not you’re able to be ‘screwed.’ Just like ‘the fine print’ determines whether or not you can be sued, even if you don’t understand it.
November 3, 2007 at 11:22 pm
“What actually happens is that instead of linking to the site as a separate session, they link internally as another page in the same session.”
Reputable cross-sellers provide links to their own (the cross-sellers’) storefront or ecommerce software. The concept of cross-sell, as one comment states, is just to provide an opportunity to continue the transaction, since the prospective buyer is already susceptible to on-line marketing (or he wouldn’t be there). If you buy a widget from widget.com, and see an offer from thingie.com, and you click through to thingie.com, then fine. All is well and good.
The potential for problems arise when, as another responder wrote, you are using third party storefronts, or when, as in the posted case, the legitimate storefront has compromised their own storefront by adding code provided by the subject douchebag. In this case, all HTTPS activity is between legitimatevendor.com and the user’s browser. During the time I was doing this, third party storefronts were providing just the basic transaction software and not the offer pages, so I didn’t address that concern.
Why is this important? When you do a credit card transaction, any reputable company will attempt to protect your credit card data. They do this by establishing an SSL session to encrypt sensitive data on-line. Because of the stateless transactions on the HTTP protocol, it is sometimes necessary to store the card data in the event that a transaction does not run to completion.
As one responder wrote, the thing to do is to write the card data to a database. We generally tried to avoid this. In the case of recurring payments, this is necessary. In one-off transactions it is best not to store card data anywhere, because of the liability accruing to the company if the card data is exposed (hacked).
SSL is the line security protocol. Good security usually uses a 128 bit key. SSL uses symmetric keys. Assuming that the certs validate, you can be sure that no one (except maybe the NSA) is monitoring the actual data and that the storefront is legit.
Two things. The card data is usually stored briefly because if the authorization does not complete, the storefront would like to be able to have the user correct the data and re-attempt authorization without the user re-entering his entire data set.
Card data may be stored in session variables. Card data may be stored in non-persistent cookies or may be stored in persistent cookies (as a function of browser setting, etc.) Anytime card data is written to disk it should be encrypted.
Card data are usually stored in cookies encrypted under the SSL symmetric key. Note that this is actually safe as this data is not usually stored on disk, and even if it is, it is encrypted with a 128 bit symmetric key. When the session ends, the data are automatically purged, and the data on disk is not accessible as the key is toast also.
Yes Yes Me bad. Not encrypted with SSL key. Usually with a different key if necessary. Confusing session variable with cookies on that one. A problem with writing faster than thinking.
Visa and Mastercard rules state that card data should not be stored, and the CVV, the verification codes are NEVER to be stored. A lot of companies interpret this as stored on disk. So when you end your transaction, and leave your session, your card data is purged. Right? Not so fast!
Check out the Visa and MC rules.
When a credit card is used to buy something, there is always the possibility of a chargeback. A merchant can be charged back for the amount of the original card settlement if the charge is contested, found to be fraud, or a few other reasons. This period is at least 30 days and may be as long as 90 days. I seem to remember it being 90 days.
So if a chargeback occurs, the vendor needs to know the transaction in order to back it out so his books balance. The authorization process handles this by sending back a transaction id number which is the hash of the card number, expiry date and a few other elements. It is unique. The vendor need only store this transaction ID, which cannot be reverse engineered to find the card number (yet), in order to back out the specific transaction. The issuing bank always knows the card number and can recreate the transaction ID if necessary (it never is). This means that for one-off transactions there is no legitimate reason to store card data persistently.
But programmers are human and there are many ways to hold the data temporarily. Maybe not so prevalent now, but try using a text editor on a few cookie files and see what you find.
Remember that the code the cross-sell company added doesn’t link in the normal sense but just continues with the session in an attempt to sell you some useless crap. By continuing the session, the application running (the cross-sell application, not the original on-line store) has access to the card data in the cookie. Most legitimate companies don’t think this through — the money is too good.”
Think session variables, maybe as well as cookie (for lazy programmers). The point being, if you a) didn’t reenter the card data for the cross-sell; and b) you were billed for the cross-sold product; the card data had to come from somewhere. Languages such as PHP allow you to establish, encrypt and manage cookies as session variables. (PHP4 at least). By adding in ‘page code’ to display the cross sell into the original application, they have access to the session data, variables and managed cookies. Consequently, they are able to post a transaction for their product without the user ever reentering the card data.
So I write for our normal non-technical audience. If I knew I was writing for you esteemed readers of slashdot, I would be much more precise. Consider me chastised.
November 4, 2007 at 12:17 am
John Crissman,
There are two types of cookies. Session cookies and “the other kind” (no special name for them; let’s call them “permanent” cookies). Session cookies are stored until their expiration time or until the browser quits, whichever comes first. Permanent cookies are stored until their expiration time.
Since permanent cookies have to persist across browser restarts, they are stored in a cookie file (which is often written when the browser quits). Session cookies are not stored on disk at all in many browsers.
I would certainly hope that anyone storing credit card information in a cookie would be using session cookies.
I would also hope that they don’t store said number in plaintext. I agree that using the transport-layer SSL key to encrypt the cookies would be a little difficult to do. But generating a symmetric key server-side and using another session cookie to retrieve said key from the server’s database would be easy. Then this key can be used to encrypt cookie data on the server when generating the Set-Cookie header.
November 4, 2007 at 1:13 am
[…] 0. https://12angrymen.wordpress.com/2007/11/01/caveat-emptor-use-of-credit-cards-on-line/ 1. […]
November 4, 2007 at 2:14 am
IMHO the best way to deal with this would be to do roughly what Kaenneth at #30 said – to challenge the debit to your card by your bank. It is then up to the charger to prove the debit is valid or drop it. I doubt they will try to prove it, so they will probably drop it. If there are enough challenges the bank and/or credit card company will ban them.
The thing to remember at all times is that it is your bank and your card. If they hesitate in supporting you then changing banks is a good option.
November 4, 2007 at 3:15 am
All this technical talk about cookies and sessions is obscuring the author’s key — and still completely valid — point: when you give your credit card information to a vendor, it is possible that they could relay it to another vendor without you realizing that you are “authorizing” an additional purchase.
The author’s contribution here is to expose how this relay-authorization can be obscured with vague language, pre-checked opt-out boxes, and other tricks.
I certainly hope that most honest vendors would never dream of relaying my credit card information, but I have seen examples of what the author is describing on web pages. The links certainly looked fishy to me at the time, and I never clicked on them, but now that I am more aware, I will probably write an email to the trusted vendor asking them to remove them.
November 4, 2007 at 6:15 am
Caveat Emptor – Use of Credit Cards On-Line (12 Angry Men Blog)
Για να μην πέσετε θύματα του cross-selling: “After you complete the transaction, close the browser. Kill it — and the session data. Never navigate away from a completed transaction page”. Απλό, ε;
November 4, 2007 at 7:40 am
[…] 4th, 2007 interesting kind of clever credit card fraud, and this shopsafe thing sounds interesting if it’s […]
November 4, 2007 at 11:03 am
IMO American Express is a great company for this. I seem to recall them having the option of providing the 1-time use numbers for purchasing online, but also any time I’ve had any kind of issue on my card, I’d contact them and they would take care of it. Citibank, on the other hand, puts the burden on your shoulders to dispute charges. It took me 7 years and a huge ding on my credit rating to dispute some fraudulent charges on my account, ending up in a pre-trial court meeting with a judge. We had a charge for $9 once a year or so ago, probably due to some of the free stuff my wife signs up for, and AMEX took the charge off immediately without any questions, and then investigated the matter themselves.
May 19, 2009 at 3:28 pm
Amx is the IN door through which the Web Loyalty charges flow. Remember that this is an Amx-authorized merchant! Free money? You bet!
This is still going on. Here is a current, albeit soon-to-expire, class action against Web Loyalty:
http://www.classcounsel.com/news/webloyalty.html
November 4, 2007 at 4:13 pm
I like your article, but you are wrong about organ donor opt-outs in Europe. Yes, some countries may have it, but some have not. We are not the United States of Europe; our laws are not the same.
November 4, 2007 at 6:25 pm
Great post, Angry Political Optimist! Thanks for the heads-up!
How do I avail of ShopSafe?
November 4, 2007 at 6:28 pm
[…] Caveat Emptor – Use of Credit Cards On-Line « The 12 Angry Men Blog […]
November 5, 2007 at 7:43 am
It is so funny that you mention Reservation Rewards. I just got taken in by this scam. And, I got linked to it from usairways.com. I was under the impression that this was free, free as in beer. I guess I should have read the fine print. So, today, I get an email saying that I will be billed on the 17th of this month for a service that was disguised as free. Well, fortunately for me I cancelled prior to having my CC charged unknowingly.
November 5, 2007 at 12:42 pm
Inayat Shiva Said:
“Shopsafe is only available through BofA, is there a stand alone compnay that you know of thatt does the same?”
One-time numbers must be issued by the same entity (usually a bank) that issued the original credit card. Discover and American Express both have such a service.
November 5, 2007 at 2:01 pm
The legitimization of massive finiancial operations’ shady practices continues (re comment #1 about citibank).
http://www.cjr.org/the_audit/tale_of_two_citis.php
November 5, 2007 at 2:11 pm
[…] a description of how the scam works, see Caveat Emptor – Use of Credit Cards On-Line linked from a slashdot article posted on Saturday November […]
November 6, 2007 at 2:28 am
Something almost identical happened to my wife while buying from lastminute.com. She was redirected to highstreetmax.com and we started getting charged £14.95 per month! That’s a lot of money, but I managed to get it back because I know someone who used to work, high up, at lastminute.com. He said that if I hadn’t known him, there’s no way I would have (easily) gotten my money back.
November 7, 2007 at 10:04 am
@Robert Dobbs:
Since you seem to like to correct everyone else, and be rude while you’re at it:
“BZZZT! [Storing cookies on the client’s disk] is up to a) the server, and b) the browser. “Allow for Session” means they NEVER get saved to disk. And setting the expiration to “0″ the server also means… THEY NEVER GET SAVED TO DISK.”
You contradict yourself. First you say storing is “up to … the browser” and then “they NEVER get saved to disk.” If it’s up to the browser, how do you know what it’s doing, and should you trust it?
Only the first part is right. I’m fairly sure you haven’t checked *every* browser in existence to verify it doesn’t store session cookies to disk. There’s nothing that stops browsers from doing *anything* they want with any cookie, including saving them to disk or sending them to your Aunt Matilda. Sure they don’t *have* to save session cookies, and there’s no reason for them to do so, but there no *law* to stop them.
Trusting browsers to not save them, as you seem to do, is just plain *stupid* from a security standpoint.
So stop being such a rude know-it-all.
November 19, 2007 at 1:12 pm
Thanks A.P.O.. I would like to read about other tricks/scams. EMA
November 20, 2007 at 7:39 pm
Thanks for posting this. I recently had to have my debit card changed because of one of these offers. I am still trying to figure out which evil on-line vendor handed over my card info, because I am very careful about which sites I shop with.
At any rate if you see anything with Value Plus (mine was WC*Value Plus) on your card, you can bet it’s a rip-off. They are affiliated (or owned) by Damark International, and a total scam. I got my money back through my credit union, and changed the number, but what a hassle. They actually BLOCKED my home phone number after calling them three times in three months when the fraudulent charges kept appearing.
http://www.ripoffreport.com/searchresults.asp?q1=ALL&q4=&q6=&q3=&q2=&q7=&searchtype=0&submit2=Search%21&q5=WC+value+plus&Search=Search
I’d love to hear more from you. Thanks for posting this.
July 27, 2011 at 11:14 am
It deals a lot with internet marketers using those very landing pages to grab your information to sell in massive list’s to other companies, spammers, or even each other for re-use.
There is money to be made in this big bad cruel internet and someone is going to find a way to exploit sadly the only thing you can do is watch your statements, activity, and make sure you are on an “official” site.
November 20, 2007 at 7:41 pm
Ah, WLI Reservation Rewards! I just recently went through some fun with them. Movietickets.com is another ‘session sharer’ it seems.
I went so far as to file a complaint with the BBB against them. They sent me a very thoughtful, carefuly worded, documented (with lots and lots of dates for…everything – they keey METICILUOUS LOGS!) and a print-out of the page that i “had to” have clicked to subscribe.
Now – a bit of background. I’m an IT manager for a stock market and have been in IT for longer than the internet was around. I’ve been ON the internet since it’s inception and know well enough what not to click on, what pop-ups to close automaticaly, what installers to ignore or bypass. In short, I would never *ever* agree to the scam charges knowingly.
Of course WLIRR disagrees. They already credited back my money (confirmed it – these companies are notorious with saying and not doing) so I’m not too interested in following up with the BBB. Since no one ever willingly does business with a company like WLIRR there’s not much point in further degrading their poor BBB rep. I just hope some DA decides he’s going to run for mayor and needs a good case to drag in front of the media some time soon. This one is easy press!
November 20, 2007 at 8:21 pm
Ironically, Citi offers a ShopSafe-like service as well.
November 20, 2007 at 8:23 pm
The Seamonkey browser allows you to set it to only accept cookies from the originating server, and there are some other interesting options in the Prefs, such as not accepting cookies from websites that gather personal info without your permission or have no privacy policy.
Interesting to see how many transactions suddenly cannot go through with it set that way. It’s not uncommon to shop on one URL (business)and buy from another (processor). So in some cases the processor may be more at fault.
November 20, 2007 at 8:41 pm
I just called them to ensure I’m not on their list. I have never received a charge (fortunately), but I figure I can burn up some of their $ through 1800 usage and CSR usage, just to ensure I’m not being charged.
Maybe I can get some sort of reverse answering machine to call them monthly to ensure this!
November 20, 2007 at 9:35 pm
[…] Here is a description of a credit card scam the author was hit with. […]
November 20, 2007 at 10:40 pm
Interesting! I’d never heard of this scam. By all means, I would like to hear about all the other things those sneaky bastards are up to so that I don’t run into these scams.
November 20, 2007 at 10:54 pm
Plus one for “sufficient interest” – have subscribed to your RSS feed.
November 21, 2007 at 12:39 am
FYI –
One-time use numbers (aka, ShopSafe at Bank of America) are also available from PayPal as well, via the PayPal Plug-In (previously called the PayPal Virtual Debit Card), and can be generated to wrap ANY bank account (from ANY bank), in addition to PayPal balance and the PayPal credit card / credit line.
November 21, 2007 at 12:52 am
In California, any company which accepts a credit card number without first disclosing the “actual name and address from which the business is conducted” is guilty of a criminal offense. (B&P code section 17538). That’s not well known, and might apply in this situation.
November 21, 2007 at 1:51 am
[…] BUn buen consejo. […]
November 21, 2007 at 2:28 am
Is there anyone who regulates credit card companies that u can report company abuses to?
November 21, 2007 at 2:44 am
[…] 12 Angry Men have a follow up to their piece on the cross-sell scam credit card companies have begun using. Their new article concerns another evolving scam being […]
November 21, 2007 at 2:47 am
Sounds to me like your wife bought some pretty handbag and didnt realize that when she clicked yes to “id like the free knick-nack” she signed you up to recieve a knick-nack every week.
The best defence is to not let your old lady use your cards , i dont know how many cartoons or sitcoms have used this senario to get a laugh, or how many times ive had to listen to someone gripe about it.
I did find the article very informative, and i do belive these companies use very shady practices that are just on the edge of legality.
November 21, 2007 at 6:34 am
About a year ago I purchased something from Overstock.com and subsequently found a $10 charge on my credit card for some service I never agreed to. I immediately called and canceled the service but was out the initial $10.
November 21, 2007 at 8:41 am
[…] Angry Men did an awesome write-up on a new type of “scam” used by shady marketing companies to automatically opt-you-in […]
November 21, 2007 at 12:51 pm
(x) Yes, I want Crazy Eddie’s super online reputation monitoring program! A monthy fee of $9,123 applies plus per use fees.
November 21, 2007 at 12:54 pm
Two important things when this happens:
If you know, inform the merchant who is profiting from this scam that you will never shop at their site again because of it.
Instead calling the shady marketing company’s phone number on your statement to get a refund, call your CC company and do a charge back. The shady marketing company’s merchant account provider will hit them for a fine in addition to the amount they have charged to your card. It also affects what kind of percentages they have to pay when processing charges and could lead to them getting blacklisted.
November 21, 2007 at 9:41 pm
Ryan:
You don’t get charged with a fine for chargebacks unless you exceed a ‘reasonable number’, and there are very specific limitations as to what can be charged back. However, having said that, I’m certain that WLI has exceeded the limit (no matter how high the limit may be set).
Glen:
The regulatory oversight for a card issuer (bank) depends on what type of bank charter. Most types of charters are regulated by the Office of the Comptroller of the Currency (OCC). Credit Unions who issue cards are regulated by National Credit Union Administration (NCUA) — as an example.
Joe Cool:
My ‘old lady’ uses her own cards, and suffers the consequences. At least she reads the statements closely. I have her trained pretty well but some of these douchebags are REALLY sneaky.
November 21, 2007 at 10:30 pm
(Yes, the opt-out scheme is a shame…) Useful post and useful advice, thank you!
November 21, 2007 at 11:33 pm
[…] Caveat Emptor – Use of Credit Cards On-Line « The 12 Angry Men Blog (tags: security shopping) […]
November 23, 2007 at 7:10 am
[…] just read a very scary post about the dangers of using credit cards online. The author describes are disreputable companies are using sales through legitimate companies to […]
November 26, 2007 at 9:26 am
Two thinks to mention here.
1. I have heard that you should never use a debit card to purchase
items on the web. With a credit card you can dispute a charge. With
a debit card, the money is debited to your checking/savings account
and is thereafter gone forever. Debit card transactions are unretrievable.
(However, see an interesting comment at post #72 ‘PayPal One-time use
numbers – can be generated to wrap ANY bank account’)
2. I had a problem with an unauthorized charge in the past (I can’t
remember the details) so I called and had the card number changed to
prevent the charges from continuing. The bank graciously changed the
number, but afterward the agent fortunately mentioned that changing the
number may not work. The bank might automatically carry the unauthorized
charge over to the new number. ZILCH! I therefore decided to called
and cancel the card the next day.
This was a most interesting and informative article with lots of
interesting comment. Also now know the purpose of ‘one-time card
numbers’ and will use them from now on with my BofA credit account.
November 28, 2007 at 5:32 am
This is a bit offtopic, but still needs to be said, as this sort of postings and news fuel all sorts of horror stories and blatantly wrong visions about things in Europe.
(…)As an aside, organ donors in Europe have to opt-out to NOT become an organ donor(…)
I am not sure about the source of your information, but it’s not European wide: in The Netherlands for instance, people are considered NOT a donor until the person has stated that he wants to be a donor. Every person in The Netherlands who reaches the legal age of 18 gets an official letter from the government stating that in order to become a donor he or she has to return the included form, stating that he/she wants to become a donor. The form has several options: the first one is “not to become a donor” the second one is to become a donor (and you can say which sort of organs are allowed to be taken, like “not the heart”). The third choise is to leave it up to the family. Then partner, parents of children (if old enough) are asked for donorship, but only after a patient has been declared dead (oh, and before the letters come in: there are rules about declaring somebody dead to prevent the unlikely event of declaring death to early). Incomplete, unreadable or wrongly filled in forms are considered “no donor” and are resend. Not responding at all results in keeping you on the “non-donor” list as well.
In fact, a survey done quite a while ago showerd that an opt-out system would actually lower the amount of donors, as most people would act and opt-out in anger with the government ‘taking their organs before death’. I am pretty sure this is European wide: Europa struggles with a chronic shortage of donor organs, just like America. Talks about having an opt-in system have been going on, but are useless, because ethically it is not sound to ‘posses’ organs of people and therefore these talks are dismissed immediately.
However, all of your stories (and mine) show that opt-out has no real purpose in life but scamming, unless it is about handing out free bread or something like that, which is not very likely to happen. Governments should regulate opt-out options very strictly, but it’s hard to control sites that are not based in your own country.
Common sense is the key here: check for the reputation of a site, only proceed if a site directs you to the official site of the payment system (like paypal) and check your bank receipt regularly.
December 2, 2007 at 1:33 am
[…] – This is older, but Google Checkout added a “Oops! Undo that purchase” option. For up to 15 minutes after a purchase, you can undo that purchase. Speaking of payment stuff, I like that PayPal started offering a service to generate a one-time MasterCard number. I’m not whether Checkout offers this, but it would be nice. And still on the subject of credit cards, I thought this was an interesting post. […]
December 10, 2007 at 1:43 am
Ho, Ho, Ho tis the season to try to NOT go into credit card debt. I agree with your post to watch your credit card spending and maximize those sweet credit card rewards. Before you go broke this holiday season, check out this site http://www.financeglobe.com for real credit card reviews.
December 11, 2007 at 4:15 am
Thank you for advice! I have never used my credit cards for shopping oline as I always was afraid of fraudsters. But I will try Shopsafe, hope it is really safe.
March 27, 2008 at 2:48 am
kmFLZs sd89f984q34slf
April 12, 2008 at 4:53 pm
Unfortunately, I don’t see the annoyances that we as card carriers experience going away anytime soon. Credit card companies are going to continue to make that extra buck at any price, especially considering the current economic state of this country.
April 30, 2008 at 12:00 pm
Zachary…
Six Apart started a working group in February 2006 to improve the Trackback protocol with the goal to eventually have it approved as…
June 21, 2008 at 12:34 pm
[…] Caveat Emptor – Use of Credit Cards On-Line The 12 Angry Men BlogNov 1, 2007 93 Responses to Caveat Emptor – Use of Credit Cards On-Line.. running (the cross-sell application, not the original on-line store) has […]
December 12, 2008 at 1:51 pm
Thanks for the Information
April 2, 2011 at 5:32 pm
thank you very much for imfo.i agree with paul
January 22, 2009 at 9:31 am
Check This Out!
Looking for a better credit card provider? Check http://www.whichcreditcard4me.com. This is the place to find the best credit cards offers available online. Select the best credit card for you.Try to read the information about Privacy Policy and Terms of Use.
February 24, 2009 at 7:46 am
Feel free to check out my blog, which will help you reduce your credit card debt in regards to the current financial depression.
– Scott
February 25, 2009 at 5:10 pm
Credit card abuse is more of a problem in public than online.
May 22, 2009 at 9:49 am
I applied for and got amex gold card.
$125 a year fee. Not due for one year.
I did not activate card. Within 2 months
of getting card I get bill for $125 fee.
Am I liable ?
June 30, 2009 at 4:57 am
Is there anyone who regulates credit card companies that u can report company abuses to?
October 30, 2009 at 6:00 pm
I had this aBS pulled on me last week. Paypal scam and i entered my card number.
January 31, 2010 at 10:50 pm
Let me know if I can help out. http://www.linkedin.com/pub/jason-evans/19/a19/462
October 27, 2010 at 3:16 pm
קידום אתרים באינטרנט
November 2, 2010 at 11:37 pm
Sounds great
Thanks
קידום אתרים
November 16, 2010 at 2:46 am
looks like very interesting post thanks a lot for sharing
משחקים ברשת
November 21, 2010 at 5:30 pm
I would definitely like to hear more about the credit card scams. This is all new and interesting for me.
November 24, 2010 at 7:23 am
thanks a lot for sharing (-:
November 24, 2010 at 9:24 am
very interesting information i will save more carefully my credit card details from now on.
thanks a lot for sharing
November 26, 2010 at 3:32 am
Thanks for the information. Indeed it was useful knowledge.
December 1, 2010 at 3:08 pm
I;d like to join the party and say thanks as well. Please do expose some more credit card ethically challenged activities 🙂 I think there’s already enough comments here.
מתכונים
December 29, 2010 at 8:25 pm
Really sounds great!
thank you.
December 31, 2010 at 8:55 am
http://www.views.co.il/
December 31, 2010 at 8:56 am
סרטים לצפייה ישירה
December 31, 2010 at 8:14 pm
great posting appriciate the effort.
January 2, 2011 at 4:10 am
posting appriciate the effort.
January 8, 2011 at 11:11 pm
great posting appriciate the effort.
January 8, 2011 at 11:18 pm
enough comments here.
January 8, 2011 at 11:21 pm
I would definitely like to hear more about the credit card scams. This is all new and interesting for me.
January 8, 2011 at 11:27 pm
thanks a lot for sharing (-:
January 8, 2011 at 11:39 pm
thanks a lot for sharing (-:
January 8, 2011 at 11:41 pm
thanks a lot for sharing (-:
January 8, 2011 at 11:42 pm
thanks a lot for sharing (-:
January 8, 2011 at 11:45 pm
thanks a lot for sharing (-:
January 8, 2011 at 11:46 pm
מערכת ניהול לידים
January 10, 2011 at 10:16 am
Credit card companies are going to continue to make that extra buck at any price, especially considering the current economic state of this country.scrow them.
טלפון לכבדי שמיעה
January 10, 2011 at 10:17 am
Credit card companies are going to continue to make that extra buck at any price, especially considering the current economic state of this country.scrow them.
מהלב המרכז הישראלי לטכנולוגיות תקשורת מתקדמות
טלפון לכבדי שמיעה
אוזניות לטלויזיה
מכשירי שמיעה
אוזניות אלחוטיות
מערכות הגברה ניידות
January 11, 2011 at 11:36 am
You completed various nice points there. ציורי קיר
January 15, 2011 at 3:31 am
I think the article is Mconeinat enters
Very important components in
Hope this will affect anything …
January 18, 2011 at 5:49 am
thanks for sharing the information with us…
January 22, 2011 at 12:57 pm
thanks again this a great post
January 23, 2011 at 2:41 am
Great post, really helpfull!
ויזה לארצות הבריתשגרירות ארה”באייפון 5</a
January 25, 2011 at 5:49 am
I really afraid of using credit cards online but this post seems great and helps me eager to use cards online.אינסטלטור 24 שעות
February 17, 2011 at 9:38 am
this website is my breathing in, really good style and perfect subject matter.
February 17, 2011 at 6:42 pm
That set up sounds so illegal its not even funny. To say that you did not opt out is a joke. Did you dispute the charge and get your money back?
it is so hard for me to beilive in it, realy hard
March 1, 2011 at 7:16 am
I like your site. Amazing information.
April 1, 2011 at 7:52 am
nice post – thnaks y
May 4, 2011 at 6:38 am
I like your site. Amazing information
May 4, 2011 at 6:49 am
I’m impressed by this.
May 4, 2011 at 6:50 am
Hey there! I’m a 1st time reader of the webpage…needed to allow you already know that its very informative and to keep up the good do the job! Searching forward to your future posts!
May 4, 2011 at 6:53 am
I really afraid of using credit cards online but this post seems great and helps me eager to use cards online
May 4, 2011 at 6:56 am
I would like to see the page where the opt-in was clicked. Mary, would you please post an URL to a screenshot?
May 4, 2011 at 6:46 pm
That is one of the things that led to the las financial crisis here in the us
May 9, 2011 at 1:35 pm
Get this free offline marketing report | http;//gr8estdeals.com/offline
May 19, 2011 at 12:31 pm
Great, thx for putting it out there!
May 25, 2011 at 4:32 am
Thanks for the concepts you are sharing on this web site. Another thing I’d like to say is getting hold of of your credit profile in order to scrutinize accuracy of the detail may be the first action you have to perform in credit repair. You are looking to thoroughly clean your credit reports from damaging details faults that mess up your credit score.
May 29, 2011 at 6:56 pm
Thanks for the concepts you are sharing on this web site. Another thing I’d like to say is getting hold of of your credit profile in order to scrutinize accuracy of the detail may be the first action you have to perform in credit repair. You are looking to thoroughly clean your credit reports from damaging details faults that mess up your credit score.
June 6, 2011 at 9:24 am
Thanks, I have recently been searching for information about this topic for ages and yours is the best I have discovered so far.
June 7, 2011 at 1:16 am
транспортные перевозки הובלות
June 10, 2011 at 7:21 am
I just now wanted to let you know how much my partner and i appreciate every thing you’ve contributed to help enhance the lives of individuals in this subject material. Through your current articles, I have gone out of just an amateur to a skilled in the area. It can be truly a gratitude to your efforts. Thanks
June 12, 2011 at 7:12 am
wow ndo
June 20, 2011 at 7:52 pm
certainly like your website but you have to test the spelling on quite a few of your posts. A number of them are rife with spelling problems and I in finding it very troublesome to tell the truth nevertheless I will definitely come again again.
June 23, 2011 at 3:10 am
very important – thank you
June 25, 2011 at 12:04 am
Thanks for sharing excellent informations. Your site is very cool. I am impressed by the details that you’ve on this web site. It reveals how nicely you understand this subject. Bookmarked this web page, will come back for more articles. You, my friend, ROCK! I found simply the information I already searched all over the place and just couldn’t come across. What an ideal website.
June 26, 2011 at 9:18 am
I really love your blog, your a genius, keep writing such posts.
June 28, 2011 at 8:44 am
This site is really a walk-via for the entire data you wished about this and didn’t know who to ask. Glimpse here, and also you’ll positively discover it.
July 3, 2011 at 12:51 am
I’ve been browsing online more than 3 hours today, yet I never found any interesting article like yours. It is pretty worth enough for me. In my opinion, if all web owners and bloggers made good content as you did, the internet will be a lot more useful than ever… train angry dog
July 4, 2011 at 6:23 am
really love your blog, your a genius, keep writing such posts.
July 5, 2011 at 6:50 pm
It is really amazing to see there is a lot of bullcrap commenting going on on the web these days. You have to ask yourself what really is the goal of thse robots who are doing this. It can be quite a mystery.
July 6, 2011 at 12:23 am
making it easier for us
July 11, 2011 at 4:06 am
I’m curious to find out what blog system you are working with? I’m experiencing some minor security problems with my latest site and I’d like to find something more safe. Do you have any solutions?
July 25, 2011 at 7:06 pm
Audio started playing when I opened up this web-site, so annoying!
July 28, 2011 at 11:03 am
Callinout, le 1er centre d’appel à Fès (Maroc) domine l’international de par son expertise en outsourcing. Nous proposons des solutions de gestion de la relation client à distance: Multilingue (français, anglais, allemand, espagnol, néerlandais…) – Multiservices: réception d’appels (accueil, service consommateur, help desk, assistance…) et émission d’appels (enquêtes et études, prise de rendez vous, télévente BtoB et BtoC, télérecouvrement…) – Multicanal: téléphone, email, chat
August 12, 2011 at 1:48 am
I found this is an educational and interesting essay, so I think it is very benificial and knowledgeable. Many thanks for the efforts you have made in writing this write-up. I am expecting the various excellent work from you next time as well. actually your creative writing ability has inspired me.
August 13, 2011 at 10:11 pm
I agree with your Caveat Emptor – Use of Credit Cards On-Line The 12 Angry Men Blog, superb post.
August 18, 2011 at 4:40 am
Not all transactions done online are safe. We should be aware that scams is really in on the internet and there are persons who takes an advantage just like what had happened. Thanks for the very nice idea and experienced you have shared. It helps a lot!!
August 24, 2011 at 10:44 pm
I read this blog everyday and sent a link to all my friends. This topic is important to me and I can’t wait for more… keep them coming
August 25, 2011 at 2:46 pm
I must express some appreciation to you for bailing me out of this particular incident. Right after checking throughout the search engines and meeting thoughts that were not pleasant, I believed my life was well over. Living without the presence of strategies to the problems you’ve fixed by way of your write-up is a critical case, as well as the ones that would have badly damaged my entire career if I had not encountered the website. Your good skills and kindness in taking care of all areas was priceless. I am not sure what I would’ve done if I had not come upon such a solution like this. I can also at this point look ahead to my future. Thanks for your time very much for this reliable and sensible guide. I won’t hesitate to endorse your web page to any individual who should get care about this subject matter.
August 28, 2011 at 3:57 am
???? ??????? ??? ???????
August 29, 2011 at 4:22 am
Looking at the title of your blog makes me interested to read it. And I learned a lot of things through reading the whole story. Thanks for sharing your experiences to us.
August 29, 2011 at 5:37 pm
These days everyone is paying bills, making online purchases and even managing financial accounts such as bank accounts, stock trading account as well as charge card accounts. There are those that feel that all this online information puts them at risk for identity theft. Using a credit card online is also considered risky behavior for some.
August 31, 2011 at 12:09 am
you should know that your message convinced me beyond any doubt that you company is fraud mill
September 1, 2011 at 8:40 pm
ÿþI
September 1, 2011 at 8:43 pm
ÿþI
September 2, 2011 at 8:51 am
Really cool theme mate. Is this wordpress?
September 3, 2011 at 6:18 am
Music video HD
September 9, 2011 at 7:43 am
Line With Forex, the item typically communicates the velocity of one money up against an alternative. This is whats called a subscriber base in distinct. Take the example of buying and selling typically the EUR / USD found in January 10, Next year: “EUR And Dollars Equals 3.4307.In All of us convert this approach quote while “1 ruskies equals A.4307 U.South. $.In .
September 14, 2011 at 1:27 pm
I do consider all the ideas you’ve presented in your post. They’re really convincing and can definitely work. Nonetheless, the posts are very quick for newbies. May you please extend them a bit from next time? Thank you for the post.
October 8, 2011 at 11:26 pm
HCG Levels in Early Pregnancy Thanks for writing this, it was very handy and helped me quite a bit…
Thanks for writing this, it was very handy and helped me quite a bit…
October 24, 2011 at 1:17 am
I just like the valuable information you supply on your articles. I will bookmark your blog and take a look at again here regularly. I am reasonably sure I will be told lots of new stuff proper here! Best of luck for the following!
October 25, 2011 at 10:32 pm
[…] marina panerai orologi panerai pam 0063 panerai prezzi panerai price list panerai price list 2011 panerai radiomir panerai replica panerai replica watches panerai review Filed under: […]
November 9, 2011 at 11:31 am
free wow accounts…
[…]Caveat Emptor – Use of Credit Cards On-Line « The 12 Angry Men Blog[…]…
November 13, 2011 at 9:50 am
What is really the real score about American Income Life insurance scam?
November 16, 2011 at 2:16 am
A good option would be a Business Cash Advance. It is based on your average monthly sales, not credit, so bad credit is ok and approval rates are 98%. They are unsecured, there is no personal guarantees, require no collateral, and will fund within a …
[…]Caveat Emptor – Use of Credit Cards On-Line « The 12 Angry Men Blog[…]…
November 17, 2011 at 7:35 pm
europa guide,map of europe,europe tips,guide for europe,europe hostels guide,backpacking europe travel,backpacking around europe,guide europa,hostels in europe…
[…]Caveat Emptor – Use of Credit Cards On-Line « The 12 Angry Men Blog[…]…
December 8, 2011 at 7:02 pm
buy liberty reserve with paypal…
[…]Caveat Emptor – Use of Credit Cards On-Line « The 12 Angry Men Blog[…]…
December 9, 2011 at 11:30 pm
I’m not sure I understand what you just said!
December 14, 2011 at 1:56 pm
I’m not sure I understand what you just said!
December 23, 2011 at 7:49 pm
Get fetish porn galleries and movies for free!
February 5, 2012 at 1:23 am
Thanks for any other informative site. The place else may just I am getting that kind of information written in such a perfect means? I’ve a venture that I am just now operating on, and I have been on the look out for such info.
February 15, 2012 at 7:56 pm
The best bongs money can buy!…
[…]Caveat Emptor – Use of Credit Cards On-Line « The 12 Angry Men Blog[…]…
March 5, 2012 at 11:59 pm
Caveat Emptor – Use of Credit Cards On-Line The 12 Angry Men Blog I was suggested this website by my cousin. I am not sure whether this post is written by him as no one else know such detailed about my difficulty. You’re wonderful! Thanks! your article about Caveat Emptor – Use of Credit Cards On-Line The 12 Angry Men Blog Best Regards Rolf Lawrence
March 24, 2012 at 2:51 pm
survey…
[…]Caveat Emptor – Use of Credit Cards On-Line « The 12 Angry Men Blog[…]…
March 31, 2012 at 9:26 am
orologiando…
[…]Caveat Emptor – Use of Credit Cards On-Line « The 12 Angry Men Blog[…]…
May 15, 2012 at 9:07 am
centre d’appel maroc…
[…]Caveat Emptor – Use of Credit Cards On-Line « The 12 Angry Men Blog[…]…
October 31, 2012 at 8:30 am
My brother recommended I may like this web site. He was entirely right. This post truly made my day. You can not consider just how much time I had spent for this info! Thanks!
November 21, 2012 at 2:40 pm
I know this if off topic but I’m looking into starting my own blog and was curious what all is required to get setup? I’m assuming having a blog like yours would
cost a pretty penny? I’m not very web savvy so I’m not
100% certain. Any recommendations or advice would be greatly appreciated. Cheers
January 27, 2013 at 10:13 pm
Right away I am ready to do my breakfast, after having my breakfast coming yet
again to read other news.
March 24, 2013 at 10:53 am
I really love your website.. Excellent colors & theme.
Did you build this website yourself? Please reply back
as I’m wanting to create my very own blog and would like to learn where you got this from or what the theme is called. Many thanks!
March 28, 2013 at 10:14 pm
I don’t even know how I ended up here, but I thought this post was great. I don’t know
who you are but certainly you’re going to a famous blogger if you aren’t already 😉 Cheers!
April 7, 2013 at 10:45 am
Does your site have a contact page? I’m having trouble locating it but, I’d like to shoot
you an e-mail. I’ve got some recommendations for your blog you might be interested in hearing. Either way, great blog and I look forward to seeing it develop over time.
May 8, 2013 at 3:58 pm
This page truly has all the information and facts I needed about this subject and didn’t know who to ask.
May 27, 2013 at 9:57 am
Howdy I am so excited I found your blog, I really found
you by error, while I was searching on Bing for something else, Regardless I am here now
and would just like to say thank you for a marvelous post and
a all round enjoyable blog (I also love the theme/design), I
don’t have time to read it all at the moment but I have saved it and also included your RSS feeds, so when I have time I will be back to read a lot more, Please do keep up the awesome job.
June 3, 2013 at 3:03 pm
Do you have a spam issue on this blog; I also am a blogger, and I was curious about your situation;
we have created some nice procedures and we are looking to exchange solutions with other folks, be sure to shoot me
an email if interested.
June 7, 2013 at 1:24 pm
I savour, lead to I found just what I used to be looking for.
You have ended my 4 day lengthy hunt! God Bless you man.
Have a nice day. Bye
June 7, 2013 at 7:37 pm
Hey There. I discovered your blog the use of msn.
That is a very neatly written article. I will be sure to
bookmark it and return to learn extra of your
helpful information. Thank you for the post. I’ll definitely return.
June 11, 2013 at 10:39 pm
I am not sure the place you’re getting your information, however great topic. I must spend some time studying more or figuring out more. Thanks for great info I used to be on the lookout for this information for my mission.
June 12, 2013 at 1:02 am
Excellent post. I was checking constantly this weblog
and I am inspired! Very helpful information specifically the ultimate part :
) I handle such information much. I used to be looking for this particular info for a very long time.
Thank you and good luck.
June 12, 2013 at 4:35 am
Just wish to say your article is as astounding.
The clearness in your post is just excellent and
i could assume you are an expert on this subject. Fine with
your permission let me to grab your feed to keep updated with forthcoming post.
Thanks a million and please keep up the gratifying work.
June 14, 2013 at 6:41 pm
Good post. I learn something totally new and challenging on blogs I
stumbleupon every day. It will always be exciting to read content from other writers and use a little something from their
sites.
June 14, 2013 at 7:24 pm
I rarely comment, however I browsed some comments here Caveat Emptor – Use of Credit Cards On-Line
| The 12 Angry Men Blog. I do have a couple of questions for you if
it’s allright. Is it only me or does it look like a few of these comments appear like they are left by brain dead folks? 😛 And, if you are writing on other places, I would like to keep up with you. Could you make a list of the complete urls of your public sites like your twitter feed, Facebook page or linkedin profile?
June 15, 2013 at 9:47 pm
With havin so much content and articles do you ever run into any problems of plagorism
or copyright violation? My site has a lot of unique content I’ve either authored myself or outsourced but it seems a lot of it is popping it up all over the internet without my permission. Do you know any techniques to help stop content from being stolen? I’d
definitely appreciate it.
June 16, 2013 at 4:55 am
This is a very good tip particularly to those fresh to the blogosphere.
Short but very accurate information… Thank you for sharing this
one. A must read article!
June 16, 2013 at 3:14 pm
Hi mates, fastidious post and good urging commented at
this place, I am in fact enjoying by these.
June 19, 2013 at 8:11 pm
Good day! Would you mind if I share your blog with my
myspace group? There’s a lot of folks that I think would really enjoy your content. Please let me know. Many thanks
June 30, 2013 at 3:46 pm
Hi my family member! I want to say that this article is awesome, nice written and include almost all significant infos. I’d like to look more posts like this.
July 1, 2013 at 12:44 am
Why users still use to read news papers when in this technological
world the whole thing is existing on web?
July 8, 2013 at 3:33 pm
I am no longer certain the place you’re getting your information, but good topic. I must spend a while learning more or working out more. Thank you for great info I used to be searching for this info for my mission.
July 14, 2013 at 8:25 am
Hello There. I discovered your blog the use of msn.
This is a really neatly written article. I will make sure to bookmark it and return to learn extra of your useful info.
Thank you for the post. I will certainly return.
July 14, 2013 at 10:11 am
Wonderful goods from you, man. I’ve understand your stuff previous to and you’re just too excellent.
I actually like what you have acquired here,
certainly like what you are saying and the way in which you say it.
You make it entertaining and you still care for to keep it wise.
I can’t wait to read far more from you. This is actually a wonderful web site.
July 14, 2013 at 4:45 pm
Somebody essentially help to make severely articles I would state.
This is the first time I frequented your web page and
up to now? I amazed with the research you made to make this actual post amazing.
Excellent process!
July 15, 2013 at 12:12 am
Howdy would you mind letting me know which web host
you’re utilizing? I’ve loaded your blog in 3
different internet browsers and I must say this blog loads
a lot quicker then most. Can you recommend a good web
hosting provider at a reasonable price? Kudos, I appreciate it!
July 21, 2013 at 6:45 pm
I believe this is one of the such a lot important information for me.
And i’m glad reading your article. However want to remark on few common issues, The site style is great, the articles is truly excellent : D. Excellent process, cheers
July 21, 2013 at 8:10 pm
Nice replies in return of this issue with solid
arguments and describing everything about that.
July 24, 2013 at 2:28 am
Having read this I thought it was rather enlightening.
I appreciate you finding the time and effort to put this informative article together.
I once again find myself personally spending a significant
amount of time both reading and leaving comments. But so what,
it was still worth it!
July 26, 2013 at 10:57 pm
If you are going for finest contents like me, only visit this
site daily for the reason that it presents quality
contents, thanks
July 28, 2013 at 11:01 pm
This is definitely an outstanding webpage, many thanks for this.
I might to be able to the search engines with regard
to several a lot of time to get this specific area.
I really hate whenever anytime I personally yahoo intended for content pages that will look at
I often expose inadequate reports and also considerably trash.
A person clearly obtain care and attention with the vast majority of trash
together with maintain your web site nice and clean
in addition to excellent. Might you have regulations for my own personal web-site?
July 31, 2013 at 7:12 pm
Hi! Quick question that’s entirely off topic. Do you know how to make your site mobile friendly? My web site looks weird when browsing from my iphone4. I’m trying to find a theme or plugin that might be able to fix this problem.
If you have any suggestions, please share. With thanks!
July 31, 2013 at 10:28 pm
It’s a pity you don’t have a donate button!
I’d definitely donate to this brilliant blog! I guess for now i’ll settle
for book-marking and adding your RSS feed to my Google account.
I look forward to brand new updates and will talk about this website with my Facebook group.
Talk soon!
September 20, 2013 at 6:13 am
It is in reality a fantastic along with practical little bit of details. We’re happy that you distributed this handy info with us. Please keep us well informed similar to this. Many thanks for expressing.
September 27, 2013 at 1:32 am
Hello, all is going nicely here and ofcourse every one is sharing information, that’s genuinely good, keep up writing.
December 21, 2013 at 11:30 pm
If you wish for tо obtain а good deal frpm this piece οff writting then you have tо apply these strategies tο
your won weblog.
December 24, 2013 at 5:24 am
Terrific article! This is the type of info that are meant to be
shared across the web. Disgrace on Google for
now not positioning this publish higher! Come on over
and consult with my web site . Thank you =)
December 28, 2013 at 3:24 pm
Horrified by the rise in personal injury claims inflating costs across the industry.
A research paper for the ABI last year argued that
the UK remortgage market premiums are down around 10%.
This is important to evaluate the weight and balance
of the same age has risen just 12 per cent in the 12 months to the end
of March, 40. remortgage policies are valid only for a year.
This module helps track the vehicle and availability.
As for the Sea Shepherd’s new boat, the Ady Gil, will live on in spirit as the Sea Shepherd’s tail. http://revman.net/blogs/19/29/questions-for-consideration-with
February 9, 2014 at 4:10 am
Great website you have here but I was curious if you knew of any user discussion forums that cover the same
topics talked about in this article? I’d really like to
be a part of group where I can get comments from other knowledgeable individuals that share the same
interest. If you have any recommendations, please let me know.
Bless you!
May 16, 2014 at 6:47 am
This is really helpful! Great article!
January 22, 2015 at 11:32 pm
I’m looking towards that which you ought to share. Pleased to see you blogging once again.
December 12, 2015 at 10:33 am
[…] 0. https://12angrymen.wordpress.com/2007/11/01/caveat-emptor-use-of-credit-cards-on-line/ 1. […]
June 9, 2020 at 2:59 pm
Having read this I thought it was extremely enlightening.
I appreciate you taking the time and energy to put this article together.
I once again find myself personally spending way
too much time both reading and commenting. But so what,
it was still worthwhile!
April 5, 2023 at 10:01 pm
Como Hacer Un Banco De Hacer
Caveat Emptor – Use of Credit Cards On-Line | The 12 Angry Men Blog
May 6, 2023 at 11:41 am
Fabriquer Caisses De Jardin Pas Cher
Caveat Emptor – Use of Credit Cards On-Line | The 12 Angry Men Blog