Oh my!!! A true Propaganda Due situation!!!!! What shall we do, MW???!!!!
All jokes aside, I'll second your follow up. Stripe is a trusted payment processor, arguably one of the most secure (they operate on multiple global financial pipelines, and that's no small feat). We're not in the early days of the internet, anymore, your credit card number is as secure as your password to log into your bank account (so long your device isn't compromised). That check you mail? That's more likely to be stolen.
My credentials are two decades as a software engineer, and coming up on five years professionally in cybersecurity. 25 years as a "hacker," so I promise you, wary brethren, just pay this man with your CC. It's easier to call your credit card company and dispute a charge, than to file a fraud investigation with your bank.
“We're not in the early days of the internet, anymore, your credit card number is as secure as your password to log into your bank account (so long your device isn't compromised). That check you mail? That's more likely to be stolen.” My next door neighbor is about 6 years older than you, and he says the same thing. You both are probably right, but…
“It's easier to call your credit card company and dispute a charge, than to file a fraud investigation with your bank.” The Mr. Spock in me sees the basic Logic, but…
“My credentials are two decades as a software engineer, and coming up on five years professionally in cybersecurity. 25 years as a "hacker," so I promise you, wary brethren, just pay this man with your CC.” Here’s the tough part. Two parts. One of them is (of course) the companies like LifeLock and NordVPN that tell you otherwise, and you need their monthly service or else your information WILL get hacked. Of course, they’re in business. They’ll tell you that to drum up customers. The second part is the customers I talk with who also are in your field that never use CC’s online and only use non-reloadable cards or gift cards. They don’t get into the details of why (a couple have, but most don’t), but it’s the ones that don’t that give me pause when it comes to using a CC online. Then there are the people who DO get hacked, and it’s because they themselves didn’t do their due diligence and watched who they give their CC information to. It can be our fault as much as the Cybercriminal’s.
That being said, as Cameron fully knows, I’ve used a CC online only a couple of weeks ago. He saw me do it. I truly wish that you and my neighbor are right, but there’s just so much that hints otherwise. As I type this, I think the best route is what you say, your CC info is protected, but just be careful where you type that information. Make sure the website is correct and not a scam copy site. Watch out for scam E-mails and links. Keep your computer security features up-to-date. Things like that.
The one time my credit card was compromised was when I used it in person, in a nationwide chain hotel. So, it can happen anywhere.
But, as Thomas rightly says, it is really easy and effective to dispute fraudulent charges. The same does not hold true with debit cards. There is a massive difference between how fraud is addressed between credit cards and debit cards.
I’ve had others tell me the same thing about credit vs. debit cards. And I’m not trying to say that Thomas is wrong – it’s just interesting how I get two different paths from people in the tech field. One of the ones who refuses to use a Credit Card online is a retired Centralia College professor who taught computer science and was also a “hacker” for businesses and companies. His stance is more on the line of what the LifeLock companies say, that people with his knowledge are out there just ready to nab your information, and they’re smarter than the safeguards. Some will say that people like Thomas won’t have the issues because they know better, but the average person won’t be as diligent and fall prey to a scam, so it’s best to use the non-reloadable cards or just purchase in person. And I also know people who were indeed scammed and lost a large portion of their assets because (after asking them to be honest about it) they clicked on a scam link on a shady E-mail or they gave their information to a scam caller over the phone.
I don't know -- maybe the retired professor was just neurotic, but I think he got into a hacking battle with another hacker to see who could get each other's confidential information, and in the process found out they got deep enough to wipe out the average person in the process without that much effort. Security gets better, but the hackers are one step ahead.
I remember Steve Allen saying in his book “Dumbth, The Lost Art of Thinking With 101 Ways to Reason Better & Improve Your Mind,” way back in 1998: “Use the internet, but keep your guard up.” Still holds true today.
You're absolutely correct, VW Brother! And, I too, know several people in my field that only use digital cards (easy to generate through your CC apps now) or non-reloadable gift cards. There's definitely a line, though, and how seriously one takes their operational security is entirely up to that individuals threat model.
Effective online hygiene requires some training as well. I oftentimes forget myself, and the majority of folks I interact with on the day to day, tend to be on the more capable end of the skills level. This is where I would be happy to help inform, at least our lodge, or even put together a guest piece for here on Emeth to educate our more vulnerable brothers. Luckily, today's browsers are by and large much more secure against adversarial attacks. The one thing no amount of secure software can fix is the user's actions and behaviors, though.
Which, comes back over to mailing checks, or using debit cards. Personal checks are still a huge item for petty criminals to get easy "wins" in their schemes. If a check must be used, it's best to just go get a cashier's check, then it's the bank's problem if the thing is stolen, not yours. Debit card fraud disputes require police reports, affidavits, months of back and forth with the bank, and oftentimes you'll never see that money again. In fact, your relationship with the bank may end up destroyed in the process. CC fraud disputes are as easy as calling the CC company's fraud department, reporting the offending transactions, they reverse the transactions, and send their army of investigators on the hunt. The problem is handled within a few minutes from the CC holder's end.
I totally understand the hesitation you express, though, and much like password rotation, until we have true single transaction capabilities online, there are only limited ways to reduce the inherent risks of trusting an online payment portal. Some day we'll have an equivalent of tap-to-pay online (can explain why that's so much more secure than chip readers/card swiping in depth another time), but for now, due diligence, and knowing how to confirm the form in which you're inputting relatively sensitive information is the form you think it is are the best defenses.
>>>put together a guest piece for here on Emeth to educate our more >>>vulnerable brothers
If you are willing to do that, I would certainly welcome it, and be proud to publish it. I think that a great many of Emeth's readers could benefit from it.
Once in my life I had a credit card compromised. And it took a very long time to get the false charges stopped. Every month there would be something odd on it.
I do know where it was compromised, at a hotel, in person.
But, you are right, it was super easy to dispute all the false charges. I'd just call, tell 'em which ones were invalid and they would take them off my bill. They never seemed to be very serious about taking action to prevent initial fraudulent charges though, they would just take them off my bill. That changed when someone ran up a pretty massive bill in Manhattan, after that they did whatever they needed to do to stop the scammer.
Yeah, they have a threshold for sicking their dogs on the fraud actors. Luckily the companies have really built significant skills in terms of stopping fraud before it can even happen in the first place now, and they understand the methods a lot of carding gangs use, so CC holders seldom suffer like they used to even ten years ago.
In fact, the SEC and FCC have some pretty strict regulations around card payment processing now that have forced payment processors, and financial institutions to really increase their proactive approach to fraud prevention simply because by and large, it is still one of the most lucrative and low risks crimes to commit.
Yeah, I assume that the little false charges that kept happening month after month just weren't worth it. They would just take it off my bill, and claw the money back from the merchant in question.
But, when the big one hit (it was really big) they must have taken it really seriously, because it was stopped quick.
Interestingly, I did talk with the bank somewhat extensively when that big one hit, and I remember they told me that the scammer actually had a physical card with my information on it. (Apparently they can do that now quite easily) and that the card was used via either the chip or strip.
But, of course, the fancy hotel in Manhattan would have had security cameras over the front desk where it was used, and I presume that the amount was such that police would have been interested in pursuing the theft.
Fascinating, and there are no really big houses in Walla Walla as it is a small country town in southern New South Wales, Australia with a population of only a couple of hundred people, lots more sheep though. Search google Earth and you will find it. Greetings Frank Hiscock, IPM COOROY Queen Alexandra 212, Queensland. Australia
Here I figured we were the only place with a Walla Walla!
Our Walla Walla is in southeast Washington State. It is a very old (for Washington) small city, with a very fine University, a big prison, and a really excellent wine industry. It boasts two Masonic Lodges too.
I think that we need to take steps to protect our Lodges, due to the seemingly increasing level of nuts, and a lot of Lodges have done so in recent years, including my own. It's just an unfortunate fact of life now I suppose.
If masonry were truly part of a seedy international cabal, I would be diverting some of those vast and ill-gotten treasures to pay my lodge's ever-growing and crushing property taxes.
MWPGM Bailey, what you wrote reminds me of a letter once slipped under the door of my Masonic Lodge. The threats, poor grammar, and nutty conspiracy beliefs had to be turned over to our Police Department. We then posted a notice on each outer door that a "Security Service is Onsite"!
We've had some level of trouble here at Centralia, so we've moved to electronic doors, that way they aren't standing unlocked for all while we are in our meetings.
Heh. Fun post. I did some netnographic research on common Masonic conspiracy theories a few years ago. The reason these conspiracy theories are believed varies but comes down to people's worldviews. Institutions that we cannot belong to or feel are out of our control are ones that get the bigger conspiracy theories. Hollywood loves them...but most days I find we Masons couldn't organise a rock fight in a quarry and if we did take over the world we'd all be eating egg salad sandwiches...the common fallback in my jurisdiction...sigh...
Yeah, I fear that if we did manage to take over the world, human life would simply grind down to a standstill, for how could it go on while we were spending hours reading the minutes and paying the electric bill? 🤠
MWB Bailey, I know it is improbable that the conversation from the other evening is unlikely to change the individual accusing you from their harsh penalty. Though perhaps it may persuade a few others with their cognitive functions intact that our motivations and intentions are actually for the positive benefit of society.
Perhaps more content that shares what we are about and doing, not recruitment or any of the mysteries of course, just the things we work towards, might be a positive thing.
Often people look to find evidence online, for or against, their topic of inquiry. If all they may find is negative opinions or downright insane ones in some cases, that can make for some mighty challenging opinions to overcome.
Additionally, if the positive aspects of the Craft are not shared as well, it tips the scales in favor of those only too willing to disparage it without evidence to the contrary. How else are they supposed to find a positive witness amongst a jury of your peers for your impending trial if they have no character witness statements?!?
Regarding the compensation model. The digital world makes me nervous in general with the amount of insanity that occurs. The best we can do is to try to be as careful as possible. Gift cards do restrict the amount that can be stolen from the card, though it’s treated like cash so there is no real recourse if they do. When it’s gone, it’s gone. Where as with credit cards and debit cards you have insurance to “reimburse” you for those events should they occur. Some even have temporary card numbers for online purchases, which means they get a string of one time use numbers, preventing future shopping sprees with their “hard earned” credentials. Limiting losses to a single bad purchase on a likely disreputable site.
The best we can do is be careful and use tools that give us recovery options should the worst occur. Last year I had almost $400 recovered from parking meter skimmers! Thankfully paid for by Citibank and Capital One.
What you say makes a great deal of sense to me. If we have a crazy conspiracy loon on You Tube with 100,000 views on his video accusing Freemasons of evil acts, but don't have any positive video with nearly that reach, then the negative will have greater reach.
And of course if we magnify that effect by hundreds or thousands of videos...
But, I think it goes quite a lot further than that. When Freemasons themselves post things harmful to our Craft.
Unhinged and divisive political rants, right next to a post extolling the virtues of Freemasonry. For example.
We are unfortunately very good at shooting ourselves in the foot.
Oh my!!! A true Propaganda Due situation!!!!! What shall we do, MW???!!!!
All jokes aside, I'll second your follow up. Stripe is a trusted payment processor, arguably one of the most secure (they operate on multiple global financial pipelines, and that's no small feat). We're not in the early days of the internet, anymore, your credit card number is as secure as your password to log into your bank account (so long your device isn't compromised). That check you mail? That's more likely to be stolen.
My credentials are two decades as a software engineer, and coming up on five years professionally in cybersecurity. 25 years as a "hacker," so I promise you, wary brethren, just pay this man with your CC. It's easier to call your credit card company and dispute a charge, than to file a fraud investigation with your bank.
Good Morning!
“We're not in the early days of the internet, anymore, your credit card number is as secure as your password to log into your bank account (so long your device isn't compromised). That check you mail? That's more likely to be stolen.” My next door neighbor is about 6 years older than you, and he says the same thing. You both are probably right, but…
“It's easier to call your credit card company and dispute a charge, than to file a fraud investigation with your bank.” The Mr. Spock in me sees the basic Logic, but…
“My credentials are two decades as a software engineer, and coming up on five years professionally in cybersecurity. 25 years as a "hacker," so I promise you, wary brethren, just pay this man with your CC.” Here’s the tough part. Two parts. One of them is (of course) the companies like LifeLock and NordVPN that tell you otherwise, and you need their monthly service or else your information WILL get hacked. Of course, they’re in business. They’ll tell you that to drum up customers. The second part is the customers I talk with who also are in your field that never use CC’s online and only use non-reloadable cards or gift cards. They don’t get into the details of why (a couple have, but most don’t), but it’s the ones that don’t that give me pause when it comes to using a CC online. Then there are the people who DO get hacked, and it’s because they themselves didn’t do their due diligence and watched who they give their CC information to. It can be our fault as much as the Cybercriminal’s.
That being said, as Cameron fully knows, I’ve used a CC online only a couple of weeks ago. He saw me do it. I truly wish that you and my neighbor are right, but there’s just so much that hints otherwise. As I type this, I think the best route is what you say, your CC info is protected, but just be careful where you type that information. Make sure the website is correct and not a scam copy site. Watch out for scam E-mails and links. Keep your computer security features up-to-date. Things like that.
The one time my credit card was compromised was when I used it in person, in a nationwide chain hotel. So, it can happen anywhere.
But, as Thomas rightly says, it is really easy and effective to dispute fraudulent charges. The same does not hold true with debit cards. There is a massive difference between how fraud is addressed between credit cards and debit cards.
I’ve had others tell me the same thing about credit vs. debit cards. And I’m not trying to say that Thomas is wrong – it’s just interesting how I get two different paths from people in the tech field. One of the ones who refuses to use a Credit Card online is a retired Centralia College professor who taught computer science and was also a “hacker” for businesses and companies. His stance is more on the line of what the LifeLock companies say, that people with his knowledge are out there just ready to nab your information, and they’re smarter than the safeguards. Some will say that people like Thomas won’t have the issues because they know better, but the average person won’t be as diligent and fall prey to a scam, so it’s best to use the non-reloadable cards or just purchase in person. And I also know people who were indeed scammed and lost a large portion of their assets because (after asking them to be honest about it) they clicked on a scam link on a shady E-mail or they gave their information to a scam caller over the phone.
I don't know -- maybe the retired professor was just neurotic, but I think he got into a hacking battle with another hacker to see who could get each other's confidential information, and in the process found out they got deep enough to wipe out the average person in the process without that much effort. Security gets better, but the hackers are one step ahead.
I remember Steve Allen saying in his book “Dumbth, The Lost Art of Thinking With 101 Ways to Reason Better & Improve Your Mind,” way back in 1998: “Use the internet, but keep your guard up.” Still holds true today.
You're absolutely correct, VW Brother! And, I too, know several people in my field that only use digital cards (easy to generate through your CC apps now) or non-reloadable gift cards. There's definitely a line, though, and how seriously one takes their operational security is entirely up to that individuals threat model.
Effective online hygiene requires some training as well. I oftentimes forget myself, and the majority of folks I interact with on the day to day, tend to be on the more capable end of the skills level. This is where I would be happy to help inform, at least our lodge, or even put together a guest piece for here on Emeth to educate our more vulnerable brothers. Luckily, today's browsers are by and large much more secure against adversarial attacks. The one thing no amount of secure software can fix is the user's actions and behaviors, though.
Which, comes back over to mailing checks, or using debit cards. Personal checks are still a huge item for petty criminals to get easy "wins" in their schemes. If a check must be used, it's best to just go get a cashier's check, then it's the bank's problem if the thing is stolen, not yours. Debit card fraud disputes require police reports, affidavits, months of back and forth with the bank, and oftentimes you'll never see that money again. In fact, your relationship with the bank may end up destroyed in the process. CC fraud disputes are as easy as calling the CC company's fraud department, reporting the offending transactions, they reverse the transactions, and send their army of investigators on the hunt. The problem is handled within a few minutes from the CC holder's end.
I totally understand the hesitation you express, though, and much like password rotation, until we have true single transaction capabilities online, there are only limited ways to reduce the inherent risks of trusting an online payment portal. Some day we'll have an equivalent of tap-to-pay online (can explain why that's so much more secure than chip readers/card swiping in depth another time), but for now, due diligence, and knowing how to confirm the form in which you're inputting relatively sensitive information is the form you think it is are the best defenses.
>>>put together a guest piece for here on Emeth to educate our more >>>vulnerable brothers
If you are willing to do that, I would certainly welcome it, and be proud to publish it. I think that a great many of Emeth's readers could benefit from it.
Thank you Brother!
Once in my life I had a credit card compromised. And it took a very long time to get the false charges stopped. Every month there would be something odd on it.
I do know where it was compromised, at a hotel, in person.
But, you are right, it was super easy to dispute all the false charges. I'd just call, tell 'em which ones were invalid and they would take them off my bill. They never seemed to be very serious about taking action to prevent initial fraudulent charges though, they would just take them off my bill. That changed when someone ran up a pretty massive bill in Manhattan, after that they did whatever they needed to do to stop the scammer.
But yeah, super easy to deal with.
Yeah, they have a threshold for sicking their dogs on the fraud actors. Luckily the companies have really built significant skills in terms of stopping fraud before it can even happen in the first place now, and they understand the methods a lot of carding gangs use, so CC holders seldom suffer like they used to even ten years ago.
In fact, the SEC and FCC have some pretty strict regulations around card payment processing now that have forced payment processors, and financial institutions to really increase their proactive approach to fraud prevention simply because by and large, it is still one of the most lucrative and low risks crimes to commit.
Yeah, I assume that the little false charges that kept happening month after month just weren't worth it. They would just take it off my bill, and claw the money back from the merchant in question.
But, when the big one hit (it was really big) they must have taken it really seriously, because it was stopped quick.
Interestingly, I did talk with the bank somewhat extensively when that big one hit, and I remember they told me that the scammer actually had a physical card with my information on it. (Apparently they can do that now quite easily) and that the card was used via either the chip or strip.
But, of course, the fancy hotel in Manhattan would have had security cameras over the front desk where it was used, and I presume that the amount was such that police would have been interested in pursuing the theft.
Fascinating, and there are no really big houses in Walla Walla as it is a small country town in southern New South Wales, Australia with a population of only a couple of hundred people, lots more sheep though. Search google Earth and you will find it. Greetings Frank Hiscock, IPM COOROY Queen Alexandra 212, Queensland. Australia
Here I figured we were the only place with a Walla Walla!
Our Walla Walla is in southeast Washington State. It is a very old (for Washington) small city, with a very fine University, a big prison, and a really excellent wine industry. It boasts two Masonic Lodges too.
The two oldest Lodges in Eastern Washington. Walla Walla 7 and Blue Mountain 13.
Holy cow. Be extra careful Cameron. The nutters are loose all over these days.
I think that we need to take steps to protect our Lodges, due to the seemingly increasing level of nuts, and a lot of Lodges have done so in recent years, including my own. It's just an unfortunate fact of life now I suppose.
If masonry were truly part of a seedy international cabal, I would be diverting some of those vast and ill-gotten treasures to pay my lodge's ever-growing and crushing property taxes.
No kidding! I'd be telling the insurance company that they have to lower our rates as well!
They will have you working at the mushroom farm over in Walla Walla Washington. It's done totally at night.
🤣
As long as she doesn't sentence me to death row!
MWPGM Bailey, what you wrote reminds me of a letter once slipped under the door of my Masonic Lodge. The threats, poor grammar, and nutty conspiracy beliefs had to be turned over to our Police Department. We then posted a notice on each outer door that a "Security Service is Onsite"!
We've had some level of trouble here at Centralia, so we've moved to electronic doors, that way they aren't standing unlocked for all while we are in our meetings.
Don't worry MWB, we'll bust you out and get you south of the border!
Thanks! When we get there I'll buy you a good mezcal!
Don’t drop the soap!
🤣
No kiddin! Gotta always be on guard against that!
Heh. Fun post. I did some netnographic research on common Masonic conspiracy theories a few years ago. The reason these conspiracy theories are believed varies but comes down to people's worldviews. Institutions that we cannot belong to or feel are out of our control are ones that get the bigger conspiracy theories. Hollywood loves them...but most days I find we Masons couldn't organise a rock fight in a quarry and if we did take over the world we'd all be eating egg salad sandwiches...the common fallback in my jurisdiction...sigh...
Yeah, I fear that if we did manage to take over the world, human life would simply grind down to a standstill, for how could it go on while we were spending hours reading the minutes and paying the electric bill? 🤠
MWB Bailey, I know it is improbable that the conversation from the other evening is unlikely to change the individual accusing you from their harsh penalty. Though perhaps it may persuade a few others with their cognitive functions intact that our motivations and intentions are actually for the positive benefit of society.
Perhaps more content that shares what we are about and doing, not recruitment or any of the mysteries of course, just the things we work towards, might be a positive thing.
Often people look to find evidence online, for or against, their topic of inquiry. If all they may find is negative opinions or downright insane ones in some cases, that can make for some mighty challenging opinions to overcome.
Additionally, if the positive aspects of the Craft are not shared as well, it tips the scales in favor of those only too willing to disparage it without evidence to the contrary. How else are they supposed to find a positive witness amongst a jury of your peers for your impending trial if they have no character witness statements?!?
Regarding the compensation model. The digital world makes me nervous in general with the amount of insanity that occurs. The best we can do is to try to be as careful as possible. Gift cards do restrict the amount that can be stolen from the card, though it’s treated like cash so there is no real recourse if they do. When it’s gone, it’s gone. Where as with credit cards and debit cards you have insurance to “reimburse” you for those events should they occur. Some even have temporary card numbers for online purchases, which means they get a string of one time use numbers, preventing future shopping sprees with their “hard earned” credentials. Limiting losses to a single bad purchase on a likely disreputable site.
The best we can do is be careful and use tools that give us recovery options should the worst occur. Last year I had almost $400 recovered from parking meter skimmers! Thankfully paid for by Citibank and Capital One.
Be safe out there Brother.
What you say makes a great deal of sense to me. If we have a crazy conspiracy loon on You Tube with 100,000 views on his video accusing Freemasons of evil acts, but don't have any positive video with nearly that reach, then the negative will have greater reach.
And of course if we magnify that effect by hundreds or thousands of videos...
But, I think it goes quite a lot further than that. When Freemasons themselves post things harmful to our Craft.
Unhinged and divisive political rants, right next to a post extolling the virtues of Freemasonry. For example.
We are unfortunately very good at shooting ourselves in the foot.