I made a mistake when I purchased something for someone. Buying them something wasn’t the mistake. My mistake was that I entered in my credentials on their computer, and they had this nifty little key-logger on their machine, unbeknownst to me. A keylogger is a program that logs every key stroke made on a machine and records it for posterity and usually maliciousness. My credentials were compromised and fraudulent purchases were made by that individual before I found out. However, I was smart, because I used PayPal, and, they helped me take back my credentials, and my money. All was good. PayPal has a back door, if you will, for users where you can deauthorize purchases — especially revolving subscriptions — right on their home page and your account page with them. It’s genius and I’m so grateful for it. (If you need an explanation on how to actually access that, message me and I’ll walk you through it. I’m still learning how to do blog images sans expensive photoshop, although I think the one I did post isn’t too shabby.)
Had I used a bank credit card, however, that may not have been the case. It’s for that reason I try to use PayPal as often as possible. When I’m purchasing online, there’s no credit card needed. However, I do have a debit/credit card attached to my PayPal account and I can use it like a bank card, but with the better security controls for the owner of the account. Recently, a friend of mine bemoaned that when they purchase something with a debit or credit card, that it takes 7 to 10 days for that return to appear on their bank statement for said card; whereas, it takes just moments for the money to disappear from their account when they purchase it. That wasn’t the case for my PayPal situation. So, good on PayPal. But, if it takes a bank nearly two weeks to clear a return on your account, can you imagine if I’d entered in my bank account card on that keylogged machine? I shudder at the thought.
Also, if the person has Google enabled where credit card information or other credentials are stored, they could potentially have stored that information on their machine and then if they are hacked or don’t have good network or physical security on their machine…well, it’s just as bad as a keylogger. Next time, I’ll just purchase the gift on my own device. Way smarter. Way safer. And if I get hacked, well there’s no one to blame but me, yes?
This post is focused on having you learn from my mistake. Unless you are the administrator on a network or own a machine with robust security software on it, you should never put in your credit card information on someone’s machine. Keylogger programs are a dime a dozen and easy for civilians and hackers alike to procure. Your credit card information is some of the easiest and most damaging information to hack. How are you paying for things? Because of the extra security, I prefer to use PayPal, especially in the cyber world.
*PayPal has not paid me to write this.