It happens to all of us

It was a pleasant Friday afternoon in Nashville; I’ve just checked-in into my hotel room, took a quick shower, and decided to go out for a walk. Put my luggage away in the closet, and off I went to explore the city.

I returned to my hotel room a couple of hours later, finished unpacking, and decided to go online using my laptop to check email, Facebook, my bank statement, etc. Just a normal routine that I have when I travel. So, after I was done I decided to go check out the pool at the hotel… and then it happened.

It didn’t take more than 10 minutes after I had logged off my computer when the text messages started to arrive. Oh my! It was my bank trying to reach me, three, four text messages, then a phone call. I picked up the call and the voice on the other side greets me: “Hello, this is so-and-so, let’s call her Patty, from Chase Bank. We are calling you because we’ve noticed a few transactions that seem out of place and we’d like to confirm that you had actually made those purchases.” Patty then goes on to verify my identity. In the meantime, I am also making sure I’m not being scammed by asking some questions about my account, such as past home addresses. The security questions Patty is asking are legitimate questions I have set up, so those check out. Patty is a legit Chase Bank rep for their fraud department.

My credit card information had been scraped off the internet! Online purchases from Georgia, Florida and New Orleans appeared on my bank statement. Patty had explained to me that my card was being used to make random online purchases for less than $5.

How could that have happened? I didn’t make any purchases when I went out to check out the city. The only thing I had done that could have possible transmitted my information was using the internet at my hotel room. Could that have been it? Was it just a coincidence? I am not certain, but one thing for sure is, I did not use a VPN tunnel connection when I logged on in my hotel room. There’s no other explanation, that had to be it!

Such an innocent and normal thing to do nowadays; I just checked my email, bank account, and Facebook for no more than 20min., but it does happen. Using a public internet connection, even if it’s at your hotel room is not safe. Someone must’ve had a network sniffer at the hotel.

Thankfully, Chase Bank has implemented anti-fraud technologies to prevent someone from having their bank accounts/Credit Cards completely emptied out. Pheew! What a relief it was that I was only taken out for $20 (which Patty refunded), but my Credit Card had to be decommissioned. Fortunately I was carrying some amount of cash, and another Credit Card, to last me the remainder of the trip. I have to be honest, it was scary, not knowing what else was scraped off the internet.

When I returned home, one of the first things I did was to check my credit reports, then I thoroughly wiped my computer clean, in the event that I had malware injected into my browsers.

Ever since then, whenever I travel and stay at a hotel, I make sure I use a VPN connection before connecting to their public internet connection. – Lesson LEARNED! (the hard way).

However, the story doesn’t end there, a few weeks later I started receiving diet pills, beer koozies, and a few of those CDs sent from Columbia House Mail-order CD club. I had forgotten about the incident, until I started receiving those items in the mail. I frantically checked my online bank statements to make sure I didn’t have any fraudulent transactions made against my checking account, and all of my Credit Cards.

That incident happened a few years ago, and technology against bank fraud has improved. I highly encourage everyone to take advantage of Two-Factor/Multi-factor authentication, not only for your financial accounts, but your email, and other paid subscriptions that you may have. Having those services enabled give me peace of mind that I am the only one accessing that information. And, if someone is trying to access my accounts without my knowledge, I know by receiving a notification by email or text; alerting me that I need to change my password – just in case.

Have you had a scary situation like mine in the past?
What are you doing to protect yourself from identity theft?
Do you use the Northwestern VPN when you travel?