Make us your home page

Carlton: No, I did not use my credit card for a Roomba, but someone did

I did not recognize the area code when I answered the phone — out of New Jersey, as it turned out, where I do not know a soul.

But someone out there knew something about me.

The nice lady on the phone asked me to confirm an online charge to my debit card for $821.73 at Bed Bath & Beyond. And since my most recent purchase in that particular store was in person, in Tampa, to buy tiny garbage bags for my tiny wastebasket, I said no, not me. For $821.73, I could have lined little garbage cans citywide.

I am far from the only person whose credit card has been hacked lately. My husband's debit card was recently used to fill up at a gas station in Illinois, where the driver treated himself to a carwash, too. The bank teller who cancelled my breached card for me said it happened to her last week. My boss' card was used at a store in Brazil, and later to purchase $600 worth of Slim Fast in Taiwan. (There's a black market for Slim Fast?) My boss has never been to Taiwan or Brazil, but his digits have.

"Maybe a Roomba?" theorized Tampa Police Detective Sharla Canfield when I wondered what extravagance I had almost but luckily not paid for thanks to some retail diligence.

Canfield, who investigates all manner of fraud, walked me through how it can happen. A skimmer could have been put on a gas pump to steal credit card information when the card gets swiped. This year Florida officials found 166 skimmers at gas stations statewide.

An unscrupulous restaurant server could have gotten the info with a hand-held device that can be concealed in an apron.

It was Christmastime and I had been ordering online not just from big companies but small businesses in far-flung places whose older systems might be less secure from hackers, or so I have since read. At one place in the middle of the woods somewhere, when I ordered old-fashioned soaps by phone, you could practically hear them cha-chinging one of those old-timey sliding metal credit card machines in the background.

My information was likely "obtained by some type of breach someplace and sold online on the Dark Web," the detective said. It took me a minute to focus after "Dark Web," that mysterious place where off-the-grid Internet activity happens, much of it said to be nefarious.

Out there somewhere, by-invitation-only websites sell stolen credit card numbers for $10 to $50, I learned. Some sites even offer money-back guarantees if the card number doesn't work, a little twisted honor among thieves.

Canfield's advice: Check what's going on in your bank account often. Purchase with credit rather than debit if you can. "We've had people who have lost their entire paychecks before they have found" something was wrong, she says.

She must be a pretty good detective, because it turned out the person who stole my numbers did in fact try to purchase a Roomba. I sincerely hope the would-be thief had to get through the holidays without a pricey robot vacuum roaming his floors sweeping up cat hair. I hope there was a lot of cat hair.

Recently I received my first of the new computer-chipped credit cards intended to add a thick layer of security beyond that magnetic stripe. I hope it's like replacing the flimsy lock on your middle-school gym locker with a chained padlock and a pit bull.

Until those dark-hearted scamsters bent over their keyboards figure them out, too.

Sue Carlton can be reached at

Carlton: No, I did not use my credit card for a Roomba, but someone did 12/26/15 [Last modified: Saturday, December 26, 2015 7:13pm]
Photo reprints | Article reprints

© 2017 Tampa Bay Times


Join the discussion: Click to view comments, add yours