Credit card security
tombraider4ever
Posts: 744
I only make internet purchases at Daz 3D and Renderosity and today is the second time somone has stolen money from my card. A few months ago someone made a internet purchase using my cardnumber so after that I blocked the card and got a new one. I have my card locked for internet purchases after that and only open for the brief time it takes to shop here (mostly here) and very seldom at Renderosity, and close it after. Today when my card was closed somone managed to make a purchase of about 200 swedish crowns (about 22 dollars) 
. I have blocked my card but I when I called the bank they told me that somone had made 50 tries to make purchases on my card with sums up to 500 dollars at a time . I don't know what to do, I can't stop shop here, I'm addicted to Daz models.
Daz 3D is part of 
Connect
DAZ Productions, Inc.
7533 S Center View Ct #4664
West Jordan, UT 84084
Licensing Agreement | Terms of Service | Privacy Policy | EULA
© 2025 Daz Productions Inc. All Rights Reserved.
Comments
If you have a tablet or smart phone, you could try making the purchase through there to see if the same problem occurs. If not, then your PC may be compromised. . If on the other hand you run into the same issue from your smartphone ro tablet then look into if someone is snopping on your network (key logger could also be a possibilty), or your router/modem could be compromised, or possibly DNS, or your ISP. I doubt it is DAZ, because we would also be running into issues. Good luck!
Chances are that it wasn't an internet vendor but rather usage elsewhere in a physical location that's the issue... and sometime in the past as well, as most compromised numbers take a few months before they're used.
You could try using paypal and what I do is buy myself a gift card so I have store credid and don't need the card ever so often
i,ve had the same and Daz and Rendo are my main places. my card never leaves my room ?
Thanks for your replys!
I didn't meen to accuse Daz or Renderosity, sorry if it sounded like that 
. I don't know so much about theese things, internet security I meen. I will use my tablet next time and see if it makes any difference. And run a virus check on my pc. No other can be shopping at my network beacause I shop at home. I'm thinking about using paypal and perhaps also using giftcards, I'm liking the idea of not using my actual card so much 
. Plant, did the same thing happend to you?
I only shop here and have never had issues with my CC info being stolen
I had my card stolen too in Dec 2016. And my eBay account and actual credit card account logged into and the mailing address changed to an address that was last in use by a Ukrainian diplomat. Of course the information that she lived there may of been forged too. I wonder if the fraud investigations at those places has even gotten that far in their investigation as I got in the few hours of work I did. They seem sort of lackadaisical to me, allowing crime after crime in face of mounting evidence of it's pervasiveness.
I now use a different user names, passwords, and email addresses at DAZ 3D & Renderosity then I use for my bank, and credit card. I have a personal email that I share with only people I know face to face. You have to take the attitude now if you use the internet to create a web of online users, email addresses, and passwords that cause the amount of work criminals do to be too much to make it profitable for them to undertake their crimes. I'm not trying to hide my identity so much online but I do try to hide the identifying information I use to log in and to communicate with people I know face to face and then again seperately for financial institutions.
I currently have a email for different activities online and may go so far as to start keeping an email for each online site and cycling through new email addresses periodically or I might just wait for a breach, which is much less likely now that DAZ, Rendo, and other sites have seperarate email than my bank & credit card and other financials.
However the thieves that stole my credit card number also stole my password, which was not guessable or crackable in any reasonable amount of time with combinatorics that is for sure so either a database that holds it remotely was not secure or it was in clear text in that database or they could of snooped the transmission of that data in transit if they know network topographhy, have the right tools, and the right back doors.
Another thing I have started doing is have 2 step authentication on my email addresses when I log in. Most eCommerce site don't yet do that because as you can imagine it would decrease business because people don't like giving out their phone numbers on the internet with all this criminal activity.
Another thing you can do once you create seperate emails for your finacial accounts different than your other accounts is to clean install Windows, osX, Linux or whatever OS you are using and use a seperate browser for forums and such activities, a 2nd browser for shopping, and a 3rd browser for financial activities like credit card and banks. Do only shopping in the shopping browser, only financial information in the finance browser, and all other activity, eg, browsing the DAZ forums, in the 'hobby browser'.
And once you set that up and choose very complicated different passwords and user names, write them down outside the computer and when your web browser asks to remember a user name and password let it do so to help minimize the chance it can be intercepted between youself and the host server.
You may already be doing such things but I though I would suggest these to you.
tombraider4ever yes twice same as you. my bank told me not to store my details so i'm puting them in each time now see what happens. Daz has just made it easier to do that.Also using gift cards more. Can,t stop im an addict.
Thank you both for the suggestions! I will think about this, I use the same password on a lot of sites beacause I can't remember them otherwise, I need to change that. I never choose to store my details, so I will contine with that. I think I will set up a paypal account when my new card comes,
and make my next purchase using the tablet just incase my pc is compromissed, and my first purchase will be a giftcard. I hope that this will be enough, but if not then I'll try reinstalling windows and all the other suggestions about separate browsers and so on. I can't stop shopping here, as I said
I'm an addict when it comes to 3D, especially Daz 3D. It really sucks that people need to do all this to shop safely, internet shopping should be safe, especially when you have it locked for the internet most of the time
.
Also, do not link your PayPal account with an eBay account if you have an eBay account and don't link your PayPal account with any other account either.
These crooks are pervasively and systematically trying to break into and steal as much as they can from eveny online account they can access.
fyi, I do not store my CC info at any store either. I fill it in as needed or use Paypal
I used to use my debit card for online purchases. It was compromised in Dec 2016 and again a couple of weeks ago. In both cases, the fraudent charges took place on a Sunday. Thankfully, my credit union stopped the bulk of the charges, and reimbursed me for those that went through. Checking my bank statements, the only places I've used that card for a very long time has been DAZ, Renderosity, and Hivewire3D. Following this last incident, I've started using Paypal as my payment method at all three sites.
I informed DAZ the first time it happened, though I was sure it was not DAZ that compromised the card as I also have a credit card on file here, and it was not compromised. They replied a few days later and stated they didn't find a security breach. Perhaps several of us have had the same problem and informed DAZ... That might explain the move to secure the entire site, and not just the checkout area.
nonesuch00: I need to link the paypal to my credit card to transfer money to paypal right? how do they get money from me otherwise?
L'Adair: Is the entire site secure now? Have they changed the site to be more secure? if so then perhaps more people have had the same problem, here at Daz I meen. I hope that it will be more secure in the future.
Yeah, I had to switch to paypal myself for the same reasons. Maybe we need a new internet currency like bitcoin that can't be hacked! Internet and credit card security is to easily hacked. For now Paypal is probably your best bet. Internet banks employ better internet security due because it is bad for business if people don't trust their money to be safe at the bank. Oh and don't leave passwords on your computer and copy and past passwords(usb pen drive and text file). This makes it harder for keystroke hacker to know what you are typing.
I use PayPal for purchases here and American Express. I've never had an issue here. My Chase card got sucked into the Target number theft a couple years ago. A few months after I had used it there, Chase called me early on a Sunday morning about someone over in Chicago trying to use my number as a credit card. They managed to get two fish dinners but when they tried to buy over a hundred dollars at a grocery store, Chase declined it - not an amount I spend at a grocery store. The Chase computers thought it might be fraud as it broke my usual pattern and flagged it. Got a new card a few days later after I talked to the Chase card person who called me.
Yes, but don't link it to other online accounts to do this so called 'one-click' shopping type thing.
Yes i get a lot of this and its very frustrating. I have a debit card, business credit card and a paypal account. I try to use just my paypal and CC for most things because i can barely go twelve months without my Bank card being compromised. I don't know why they even bother, the bank cuts them off within seconds so they dont seem to get anything out of it. Its just a pain because i have to wait for a week to get a new card
. I'd love to give you some advice but even i have issues with it. I use clean workstations, paid antivirus, HTTPS servers, even private VPNs, they still manage to get it every now and again. I would just use paypal where possible so your card isnt exposed without an extra layer of protection. Also watch for skimmers obviously, but i'm assuming everyone is pretty familiar with them by now. Luckily most banks have pretty solid anti-fraud protection, so you're never really exposed to to much hassle.
Good luck!
A new internet currency sounds great, something like this needs to be done, more and more transactions take place over the internet, it's 2017, it should be safe to buy online. Even if it wasn't so much money they got hold off, it's very depressing anyway to be stolen from. And twice. When I think of the sums they tried to steel ... and 50 times. They think that they got hold of my credit card number and made a fake creditcard and tried to buy things at real stores too.
There are so many ways to get credit card info its scary. So its hard to say exactly how they got it. If you used it anywhere in the real world, it could have been stolen out there. Card reading devices are now so small they can be snuck into any place you swipe your card. You could go out to eat and the waiter could write your card info down if they take your card. Any place you store card info online could be potentially hacked. Or you could have clicked on something while browsing the net that installed a key logger, or worse. If you use WIFI, even that could be hacked if your passcodes are weak, and if you ever used WIFI from another place outside, it could have been compromised.
All you can do is take the suggestions other posters mentioned. Different passwords at different sites, and using other means to pay than directly entering info. Since you've had this problem, you will need to be extra cautious. If Daz had been breached, then thousands of people would be at risk, and we'd probably know about it, if not from Daz themselves, other users would be pounding the forums. So it seems unlikely right now that has happened.
I doubt the people that are trying to use your card are the ones that actually retrieved your information. Card numbers are rarely stolen and used directly. It's more likely that your card information was offered on a black market website for sale before it was bought in bulk. Chances are you weren't compromised directly, that's too much effort for one card. It's more likely that a site you're using has a compromised back door, even the best sites are susceptible to exploits. My ISP is talk talk and their entire user-base was compromised last year, same with yahoo i believe. It's just a part of ecommerce i'm afraid, it's not necessarily your fault.
I have my Paypal account set up to take money out of my bank account. In the many years I've had Paypal, it's never been compromised. DAZ started changing over to a secure site a couple weeks ago. There were quite a few complaints in the forums about the Add To Cart button not working. Turns out those pages weren't secure. You can only get to the insecure pages via old bookmarks and such now. The change would be not noticable for most customers.
Thanks for all the reply's and advice, I love this forum, there are always people willing to help when someone has a problem
I have never been at the Renderosity forums before now, I wrote there too to warn people, so I don't know how it's usually there, but I haven't had a single reply yet...
I also had my personal information I gave to the US government stolen directly for the US government's servers. That information was basically my life history as required by their security clearance forms. The US government offered to pay for either a 1 year or 2 year subscription to a identity monitoring service after which I'd have to pick up the tab and I'm like wait a minute here, "That is a conflict of interest between the US government and business world and calls into question the possibility of collusion between those business interests and the US government. The US government and those businesses that collect that data are responsible for securing that data and paying for that security. I have no power over their desire to collect all that data (and often sell it) and owe the US government no extra taxes and businesses no subscriptions because of their lack of attention to their security and that of their customers data that they chose to collect.
The US government and governments around the world were created to enable people to live secure safe lives and to turn around and have the US government's own servers breached by criminals and foreign governments to then to ask me to go pay for a subscribtion to a private business, likely funded with government money funneled by a few politicians and government workers to their cronies anyway, is a conflict of interest and a breach of government duty to enforce the law.
The move to HTTPS was because recent browsers have started to issue warnings for mixed secure/unsecure pages even if the areas that need to be secure are, not in reaction to any actual problems with security.
If you use Paypal, you will never put card info into Rendo or Daz's servers. I've had this problem at Rendo and HW several times, but never at Daz. All transactions will go through Paypal's servers. Another option is to buy prepaid cards for use online. That way even if they get the card, there's nothing they can do with it-- you've spent your money already. It's time consuming that way, but it's totally secure.
Never ever, ever make purchases on a wifi network you do not own. Not even from your phone. It is ridiculously easy to get everything from your computer or phone on these networks. Even your home network isn't secure (especially if you live in an apartment complex). Once they're on your network, they have access to everything on it.
Thanks for the replys!
As I said earlier I didn't meen to accuse Daz or Renderosity, it's just that I have only been shopping at theese sites for the last months. I haven't made any other purchases either in real stores I meen, since I haven't been feeling so well lately I have been at home mostly, my boyfriend has made all the shopping, so I have only made purchases here and at Renderosity. I did make a purchase a few days ago at Renderosity.
ChangelingChick, Thanks for the advice, I will use paypal in the future,and I am changing banks. I heard of a bank witch lets you create a virtual creditcard for every purchase that has only the money needed and only works that time. If I use that to transfer money to paypal and then buy a big giftcard I should be safe, I think
Paypal is good; but hell, I hate to think how many attacks they suffer from folks trying to access their databases.
I use a different long and complicated passwords for each sites. I change them periodically.
It isn't just a case of any particular company advising us when our account info is stolen; they may not even know until some time after the event.
I am one of thoose persons who uses the same passwords on many different sites, but I will change that now. I can't make it that easy for them
I just have to come up with a system to remember them all, or a good place to hide the passwords
I use Paypal also for that reason. The less places those numbers get used the better. And I also usually buy gift certificates from both Rendo and Daz so the connection isn't exposed as much. That said, your computer itself could be comprimized. A crook gets that kind of access and anything you do online is wide open.
Another thing people forget. Stop answering all those "cute" facebook questionaires friends and family post. "What your favorite color tells about you", What the stars reveal about your birth date", "gee, what was your favorite pets name?", "How many states have you lived in? Which ones?", "What was your first car?", "Who had a favorite teacher? Who was it?".....etc.....
All these stupid innocent fun, pass to all your friends to answer, questionaires are skimming information that is similar to the security questions people are supposed to be keeping a secret.