Internet Fraud - myPilotStore.com database not secure?

TangoWhiskey

TangoWhiskey

Touchdown! Greaser!
Joined
Feb 23, 2005
Messages
14,210
Location
Midlothian, TX
Display Name
Display name:
3Green
Has anybody else had issues with fraudulent charges (small "test" charges to validate the card) after making purchases from myPilotStore.com?

I've had to have three cards re-issued/replaced by the bank in the past two years after online purchases where the card was used again within a month. The fraudulent charges are always a small (less than $10) "test" charge used to validate the number is valid, from a different vendor. The most recent was $4.55 from "Sandra Plath LLC" in Illinois, listed by the bank as an "online specialty store".

The only common denominator I can find is that all three cards were used for an internet purchase from MyPilotStore.com within the 30 days prior. I just purchased the 2010 FAR-AIM from them a month ago.

Anybody else? If I can confirm a pattern outside my individual case, I'll contact MyPilotStore.com so they can plug their security hole.
 
That's interesting. It may mean nothing, but the credit card that I had my mypilotstore.com chart subscription on started showing unauthorized charges back in April. That number got canceled, of course, and I switched my subscription over to another credit card, and that card started showing unauthorized charges in September.
-harry
 
Hmmm ... maybe.

It does occur to me that if we go to a pilot forum, we can expect that some sizeable percentage of us would have bought something from mypilotstore.com, and that some sizeable percentage of those might have been the victim of credit card fraud, so it's easy to come up with spurious correlations.

But, with all due apologies to them if this is just panicky hysteria, there are a lot of places out there that sell chart subscriptions, and I think I'm going to make one of them my new source.
-harry
 
You know, I did some some weird charges on my old card before I canceled it....and I ordered my last set of charts from MyPilotStore.

Curious
 
Wow, good catch Troy!

Another reminder to use disposable CC numbers for online purchases!
 
Yikes, I use them for my chart subscriptions.
Come to think of it, I had to get my card swapped out several months back
because of test charges. I never made a link to mypilotstore.com, but it's possible.

I've switched to using disposable numbers for online stuff now. I'll either generate a one time use card or multi-use card for things like my recurring chart subscriptions. For multi-use cards, I keep them unique per vendor so I can track down where the breach
came from in the event unauthorized charges show up.
 
That's the only thing my current primary bank (USAA) doesn't yet provide that I wish they did; think I'll drop them a note with a request...
 
TangoWhiskey said:
Has anybody else had issues with fraudulent charges (small "test" charges to validate the card) after making purchases from myPilotStore.com?
Click to expand...
I've never done business with myPilotStore but with others, the "test" charges have always been less than $1.00 and have been reversed promptly when I call to verify that the "test" charges are accurate.

-Skip
 
Lawreston said:
Please define "disposable cc numbers." What and how?

HR
Click to expand...
A disposable cc number (probably not the official term) is generally provided by the card issuer via their website, though, as Adam B. mentioned, Paypal provides something similar. Basically it works by you making an online request for a limited use credit card number. You specify how long it's good for (mine has a minimum of 2 months) and what the maximum credit limit on that number is (it must be less than your real credit limit, of course). The site then generates a new credit card number for you, complete with CVV, that you can use online. Transactions are only allowed on that number from the first merchant to charge to it, so if it is stolen from their database, it's useless. You can also indicate that it's to be used for recurring payments, such as chart subscriptions.
 
Lawreston said:
Please define "disposable cc numbers." What and how?

HR
Click to expand...

I have a credit card issued by Citibank. It lets you get a "virtual account number" from their website that is mapped to your credit card account. It is good for one use only, hence "disposable".

It is great for ordering those porn mags! j/k

-Skip
 
TangoWhiskey said:
Has anybody else had issues with fraudulent charges (small "test" charges to validate the card) after making purchases from myPilotStore.com?

I've had to have three cards re-issued/replaced by the bank in the past two years after online purchases where the card was used again within a month. The fraudulent charges are always a small (less than $10) "test" charge used to validate the number is valid, from a different vendor. The most recent was $4.55 from "Sandra Plath LLC" in Illinois, listed by the bank as an "online specialty store".

The only common denominator I can find is that all three cards were used for an internet purchase from MyPilotStore.com within the 30 days prior. I just purchased the 2010 FAR-AIM from them a month ago.

Anybody else? If I can confirm a pattern outside my individual case, I'll contact MyPilotStore.com so they can plug their security hole.
Click to expand...


I just got an email from MyPilotStore saying they have had a security breach and alerting their customers to monitor their credit cards for nominal fake charges. They claim the access happened in Feb 2010.
 
The Paypal plugin feature seems to be no longer available.

Most charge card companies have stopped giving out disposable numbers too - unfortunately. They usually claim their normal fraud protection devices are sufficient :rofl:
 
Kaye said:
I just got an email from MyPilotStore saying they have had a security breach and alerting their customers to monitor their credit cards for nominal fake charges. They claim the access happened in Feb 2010.
Click to expand...

I got the same email. As you can see above, I notified them in October 2009, and that was my SECOND experience having a card compromised after purchases made on their site.

They didn't contact me at ALL about the report I made to them in October 2009, so I won't be buying from them again, regardless of what they found. "February 2010" is a sanitized version of the true story, in my opinion. Regardless, glad they think they found their issue and fixed it. I won't be their guinea pig.
 
New here but this caught my attention.

I had a large amount of bogus charges ran up on a debit card I had used at mypilotstore. The charges began in Feb and would be consistent with the email sent but hopefully will know more after the bank gets back with me. Amazing how all those years I heard the horror stories of using a debit card online, now it seems they were correct.

Obviously it's time for me to find somewhere more secure to purchase from in the future and use a traditional credit card.
 
I haven't ordered from them for a couple of years. I don't recall any problems back then.

This illustrates, however, why I prefer PayPal and a strong password for online purchases. I've gotten to the point that I specifically look for vendors that accept PayPal, rather than using debit or credit cards online. If the vendor has none of my financial information, they can't lose it.

-Rich
 
OK, recently got that March 18 email from MyPilotStore. Got the $4.95 bogus charge on my card last November 11 from a bogus Pennsylvania outfit ironically named toplegalstorecom. I proceeded to cancel my card and also cancelled my 9-month-old MyPilotStore chart subscription. They were my prime suspect, as only a few other places had my account info, and I'd probably hear about it if Amazon.com got breached. Finding it odd that MyPilotStore claimed the problem didn't happen until February, I googled "MyPilotStore + fraud" and immediately discovered this thread which clarified things, so I joined up here to post this reply. Thank you.
 
You must log in or register to reply here.
Back
Top