BarnyardRomeo

it is so low-class and unsophisticated to perpetrate this fraud by scratching off the pin, not to mention its easy to detect with a well-trained eye. The smarter method would involve pocketing a bunch of cards. Then the crook would divide the batch of cards into two piles. They would read the magnetic strip from the first batch of cards and and copy the magnetic data over to the second batch of cards. The crook would then return the second batch of cards to the store and keep the first batch for himself waiting for them to be loaded. These crooks are so dumb and lack imagination.

agoogilydoogily

I'm pretty sure you are in the wrong thread. Vanilla Reload cards don't have magnetic strips. But thank you very much for publicly posting a way to defraud people. That's pretty cool

BarnyardRomeo

lol @ u
welcome to the interwebz agoogilydilly, thank you for your post, please refrain from future posts unless u know u talkin bout boy!!

...and the best way to get security vulnerabilities fixed is to publicly post them, in the philosophy of bugtraq, which is a view I adhere to. Its important for honest people to know about these types of things, moreso than the crooks.

LoneTree

You have the old VRs. The new ones are barcodes instead of Mag Stripes.

BarnyardRomeo

Hi Lonetree, some retailers still have mag strips. That card was purchased recently. But all the CVSs I go to, where a good amount of this fraud is occurring, do have the barcodes, that is true. Some retailers do not have laser scanners, so they use magstrips still.
But I recommend we all be as smart as possible with every aspect of MS, which includes the security vulnerabilities surrounding the methods. Imagine if you bought a VR, went home 2 minutes later, and vanillareload.com reported that the card was never activated. Then you check your activation receipt and notice that the numbers on the receipt do not match up with the numbers on your VR. If you are not familiar with the security aspects of VR and magstrips, you might be pulling your hair out over this issue. You certainly could not explain the situation to incomm's satisfaction so that they would be convinced that you deserve a refund. Well, perhaps my knowledge of technology might enlighten you and others, what happened is a magstrip reencode.
Perhaps incomm/VR might switch over to all barcodes if there was enough of an outcry for it. Its important for us honest people to know the risks we face, so we can do our best to avoid being ripped off.
That googilydoggie guy, is he going to go in the thread where someone warned us all that crooks are peeling the pin strips off and defrauding us and complain to that poster for publicly posting a method to defraud us? No! Thank god that poster has our best interests at heart so we can defend ourselves against the unpeel and peek method of getting pins. I fully expect an unconditional surrender and apology from googidlywiggliey forthwith.

tommy14

Not necessarily. If i'm not mistaken 7 eleven had those "new" VR's with magstrip. I have a few - that worked at least

agoogilydoogily

I am not in possession of any VRs with magstripes. I would take a picture of the stack next to my computer, but that's more work than I'm willing to put in.
I've never seen a VR with a mastripe until you posted that image.

BarnyardRomeo

no problem, i accept your apology, i do not need a pic i will take your word for it, you probably limit your shopping to a small number of retailers and thus are aware only of the barcode types. thanks for the reply rather than just not posting again.

rdover1

FYI - 711 and Walgreens around me carry the one with the mag strip. Both are cash only, sadly.

BarnyardRomeo

Yea, it all depends on the technology that the retailer is equiped with. If the retailer is equiped with mag strip readers like Walgreens and Gas stations, then they get the mag strip version. Places like CVS with the laser guns at the checkout get the barcodes. It is obvious that I prefer the barcode versions for security reasons; you cannot reencode a barcode. There are so many security flaws to look out for on these things and its important to remain vigilent. Its impossible to see if a mag strip has been reencoded, but if you want to be 100% on the safe side, make sure to examine the pin area carefully and also when you check out make sure to verify that the numbers on your activation receipt match the numbers on the VR. If they do not match, notify the clerk immediately before you leave the counter and ask them to remember this issue. When I have had other activation issues in the past, I informed the clerk immediately and have never had an issue coming in the next day when the manager was around when the clerk would vouch for my story of what happened.

alik99

I just saw some old style "scratch for PIN here" type cards in the location where I haven't seen them in some time... Be careful, scammers might be back...
The cards looked good, but I stayed away from them and got some newer ones without any words on the scratch pad.

zznoname

Ops! I'm a victim.

My own fault and time is an issue.

The VR number is clearly compromised, last four pin numbers erased and a fake label placed on top.

By some miracle, one of the cards still has the money I loaded and VR CS will move the money somewhere.

But where?

I have not done research on my options in this situation, and need fast answers.

I need a pre-paid card that, in best case, can move money somewhere to pay off my Citi Card.

Can someone help? Thanks.

prokopon

Sorry to hear about your predicament! It's hard to understand what you've done up till this point. Is it one VR that's compromised or several? It sounds like you've talked to VR's CSR, but not clear what they told you.

"one of the cards still has the money I loaded" - one of the cards you used to pay? Or one of your VRs? Do you mean your other compromised VR's (if you had any?) are already drained?

"VR CS will move the money somewhere. But where?" This sounds like a question for the CSR?

GatorBlues

Here is the definitive thread on the subject. Unfortunately, in my first hand experience, it's going to take a few days to a couple weeks before Incomm gets a new PIN to you. Of course, you should have a float between purchase and statement due date on your credit card, so you should be OK.

http://www.flyertalk.com/forum/manuf...m-reports.html

Slickw

OP are you saying you have VRs but no debit card to load them to?

In what city and store did you buy these altered VRs?