Unauthorized Debit

ComplaintsOtherMCA Web Technology

Complaint

0
Cherry E Richardson
Country: United States
Called my bank when I noticed a debit I didn't recognize in the amount of $10.65.  The bank gave me the telephone number of the company debiting my account, 623-742-3769, which belongs to MCA Web Technology in Phoenix, AZ.  I checked them out on the Internet, and confirmed that I had never heard of them or anything about their business.  The bank advised me to call them, which I did without success (got a voice mail referring me to support@mcawebtechnology.com to send an email communication).  I also did this.  Nothing.  No response.  On my lunch hour I'll fill out an unauthorized debit form at the bank.  I have no clue how this place got my debit card number.  I rarely use it.

Comments

12345Next
  • 0
    Rob
    Just got hit here in Oregon.
    $8.95 LIBRA USA866-298-7560 TXUS

    I shut down the card and filled a dispute form explaining that this was fradulent activity.
    This is a card that hasn't been used in awhile. Just like a lot of the other folks.

    I called the number and got nothing but a machine.

    Its a good thing I check on my accounts several times a week.
  • 0
    Peter
    I also had a debit to my WAMU account for $11.89 and could not get any help from the "off-shore" customer service people.  No information on their end as to who is submitting the debit request and no phone number.
  • 0
    tj
    This appears to be a new front name and phone number:
    "$8.95 LIBRA USA866-298-7560 TXUS"

    Report it here, so it can be tracked:
    http://www.dslreports.com/forum/r19620593-Ebo ... Pluto~start=180

    Note at the above site, the recent report of mass pre-authorization card "pinging" thru a hacked merchant account.
  • 0
    matt
    Just had a charge from ULCSolutions for 12.79.  My credit card company called me to report it - i might not have noticed otherwise.  Everyone read your statements carefully!
  • 0
    Pirate88179
    I was hit by both ATALA Designs and ULC Solutions for small random amounts.  This was on two different accounts.  I never let my debit card out of my hands when making a purchase.  This must have originated via a hack of some large database containing the numbers.  The 3 digit security code was not used so this proves they did not have the card, so the charges were reversed.  what a bunch of crap.  I told the bank they should not allow any debit charges without the 3 digit security code.

    Bill
  • 0
    tj
    Both "ATALA Designs" and "ULC Solutions" are known to be connected with the same criminal operation.  The information regarding no use of security code would apprear to make pre-authorization "pinging" thru merchant sites practical.  All they have to guess is the expiration date.  What does that take, 10 tries on average, and no consequences for any miss?
  • 0
    Derek
    hi - we have also been hit by DEASON SOFTWARE ROWVILLE - $18.35 was charged to our Tesco Mastercard - however Tesco have closed our card and issued a refund - looks like spmeone somewhere is onto a winner
  • 0
    Derek
    I am in the Uk and my visa card was charged $18.35 by DEASON SOFTWARE ROWVILLE - looks like they are making lots of small hits which if not picked up result in big bucks
  • 0
    tj
    As always, dispute all fraudulent charges with your bank, and close the account immediately.  Follow up with a written dispute to your bank.

    This appears to be some web hosting company.  It wouldn't be the first time someone used a stolen CC number for internet services.
    http://deasoft.com/
    http://www.comparewebhosts.com/PressRelease-CompanyID-3831.htm
  • 0
    SG
    It appears that mcawebtech is disputing the fraud charge! I got a call from my card company today requiring me to fill out more paperwork.
    What's interesting is that there are two new email addresses on the form.

    "supportteamwd@gmail.com" and "steve rogan (ulcinc@hotmail.com)"
    Notice the steve rogan email.... Not the one listed with the web hosting company. I have filed an abuse report with hostdone.com and would encourage everyone else to do the same. They have the power to shut down the website immediately although I'm sure they will be back up and running in notime.  Send a complaint to : abuse@hostdone.com

    There is also a false email address listed on the response from mca as "goldens22@comcast.net". Mca is stating that it's my email address that I gave them when I used their service.
  • 0
    SG
    http://steverogan.starsearchcasting.com/


    Here's the guy that seems to be involved in this.
  • 0
    tj
    Then follow up with fraud charges in every way you can.
    Crooks don't deserve the chance to fight back.

    When charges have been disputed, the front companies have been reported to respond with similar canned email claiming YOU might have had your CC number stolen, playing the "victim" themselves.  They have also sometimes been reported to have claimed to have some email from the consumer authorizing the charge.  No great surprise the alleged "email address" is false, like everything else.  It's bluff, to minimize chargeback fees if it works.  This fits the pattern.


    File a local police complaint for credit card fraud, to get it on the record.  Pass them copies of the reports on the site below, which lays out the extent of fraud complaints, and the use of front companies.  A copy of the police report, plus a fraud affidavit, should be enough for your bank to do the chargeback over the "merchant" dispute.

    http://www.dslreports.com/forum/r19620593-Ebo ... Pluto~start=180

    For credibility, also reference:
    http://redtape.msnbc.com/2007/11/chris-jupin-nev.html

    hostdone.com has claimed, at the above link, that they are cooperating in preventing fraudulent use of their website.  Remains to be seen if that claim is legitimate.

    Also, contact "MGD" on that site, since he has been tracking this as it has evolved for several years.  He will probably find it interesting that one of the "mules" is trying to dispute a chargeback.

    You can also file complaints with your state AG, the Arizona AG, FTC, FBI, and Internet Crime Complaint Center (IC3):    www.ic3.gov/
  • 0
    tj
    Why don't you give him a call?  You should be able to find out if he is running some "internet business" on the side, or if he doesn't have a clue.

    Keep in mind that there are a number of reports of false names being used in domain registrations connected with this scam.  Favorites have been names of well known, sometimes deceased, persons, but "well known" is relative.
  • 0
    tj
    Here is what it looks like when some merchant's account gets used for "pinging" credit cards.  29000 in an hour wouldn't be just some shmuck testing a single card before going on a spending spree.  In fact, this volume would probably require either card numbers stolen from a hacked merchant site, or randomly generated card numbers.

    If there is an on-going substantial level of "qualified" randomly generated card numbers being used for making small fraudulent charges, then there must be an even higher level of "pings" being used to qualify those numbers, assuming it takes a number of pings to confirm a card number and its expiration date.  Unlike the payoff charges running around $10, distributed across different accounts and under different "merchant" names, "pinging" might be done in mass volume once a vulnerable merchant site is found, with no pretense of attempting to hide the activity.  

    Perhaps the assumption is that once a site has been used for a substantial number of pings, the activity is bound to be found out and shut down, so the faster the site can be used, the more useful information (qualified numbers) can be extracted before that channel is shut down.  Furthermore, the source of the "pings" is probably not effectively traceable, and if overseas, it is unlikely the merchant losses in excess bank fees will be enough to justify law enforcement resources sufficient to follow the trail overseas.  

    In contrast, there is actually a substantial "investment" in each of the front sites used to submit the payoff charges, and it costs time and effort to establish replacements.  It thus pays to try to keep them going as long as possible.

    http://www.dslreports.com/forum/r19620593-Ebo ... Pluto~start=200

    "ivy1
    Re: Ebook websites, fraud charges, Devbill/DigitalAge/Pluto

    Fantastic Plants got hit with 29,000 "pings" via their PayPal account in an hour and half, according to the owner. Uh...that's quite a few. "
  • 0
    Angela- March 13, 2008
    I also just had a charge from mca webtechnology for $11.49. I called credit card company immediately and closed account.  A good idea is to check your credit card transactions on-line everyday to check recent charges.  This way it is easier to find false/fraudulent charges immediately and charge back or correct problem before it is too late. I would never wait for your monthly statement.
  • 0
    Mike
    MCAWEBTECHNOLOGY.COM has whois:

    =-=-=-=
    Registration Service Provided By: NameCheap.com
        
    Domain name: MCAWEBTECHNOLOGY.COM

    Registrant Contact:
      MCA
      steve rogan (steve_rogan004@yahoo.com)
      +1.8016971813
      Fax: +1.8016971813
      8912 E. Pinnacle Pear Ro #174
      Scottsdale, AZ 85255
      US

    Administrative Contact:
      MCA
      steve rogan (steve_rogan004@yahoo.com)
      +1.8016971813
      Fax: +1.8016971813
      8912 E. Pinnacle Pear Ro #174
      Scottsdale, AZ 85255
      US

    Technical Contact:
      MCA
      steve rogan (steve_rogan004@yahoo.com)
      +1.8016971813
      Fax: +1.8016971813
      8912 E. Pinnacle Pear Ro #174
      Scottsdale, AZ 85255
      US

    Status: Locked

    Name Servers:
      ns1.hostdone.com
      ns2.hostdone.com
     
    Creation date: 20 Nov 2007 00:31:46
    Expiration date: 20 Nov 2008 00:31:46
    =-=-=-=
    The data in this whois database is provided to you for information
    purposes only, that is, to assist you in obtaining information about or
    related to a domain name registration record. We make this information
    available "as is," and do not guarantee its accuracy. By submitting a
    whois query, you agree that you will use this data only for lawful
    purposes and that, under no circumstances will you use this data to: (1)
    enable high volume, automated, electronic processes that stress or load
    this whois database system providing you this information; or (2) allow,
    enable, or otherwise support the transmission of mass unsolicited,
    commercial advertising or solicitations via direct mail, electronic
    mail, or by telephone. The compilation, repackaging, dissemination or
    other use of this data is expressly prohibited without prior written
    consent from us.  

    We reserve the right to modify these terms at any time. By submitting
    this query, you agree to abide by these terms.
    Version 6.3 4/3/2002
  • 0
    Andrew
    Just had the same thing on my card--a charge dated 3/8/2008 for 11.89 from HTTP://WWW.MCAWEBTECHN SCOTTSDAL (that's all the information I'm seeing for that transaction).  Crazy, isn't it!  Just called my credit card company (Citi) to begin the dispute process.
  • 0
    aar
    Yes, I have also been hit by WWW.MCAWEBTECHN SCOTTSDALE AZ for 11.89. I am not sure how the credit card company (CITI) lets this go through. It seemd that a lot of people are impacted.
  • 0
    tj
    Here is a recent victim of this scam, who was once a bank CSR, describing the common bank dispute policies that let this type of fraud persist for years.  

    The criminals have learned that most fraudulent charges for small amounts will only be handled as "disputes", with only a chargeback fee, "as it cost the bank/credit card company too much to file it as fraud".  That is, if the consumer even catches the charge within the 60 days needed within which federal law requires the bank to handle the dispute.  

    The banks have not adapted their policies to respond to this type of fraud.

    http://www.dslreports.com/forum/r19620593-Ebo ... Pluto~start=220

    "...
    Having worked as a CSR for a large regional bank as well as a CC company, I thought that if an item posted as "POS Debit" that my PIN was used. Am I mistaken? I can also attest that in my training for both CSR positions, we were taught to tell the customer to contact the merchant before filing a dispute. Also, we were taught that such a small dollar amount should be treated as a dispute as it cost the bank/credit card company too much to file it as fraud. Of course, we were also taught not to let on with the customer that we were filing it as a dispute when the customer specifically asked for it to be filed as fraud. I never did that though! Morally, I could have never had a clear conscience treating my callers that way.
    ..."
  • 0
    c
    I just noticed a charge from MCAWEBTECHNOLOGY.COM for 11.89 on my debit card. I called Wells Fargo Fraud alert immediately and so far they have been very helpful. I have to fill out fraud paperwork but they cancelled my card immediately and issued a new one, apparently their standard practice for any fraud reports. They said the charges should be refunded shortly after they receive the forms back.  

    How can pinging not be noticed more quickly? The amount of random card numbers and expiration dates must be huge before a hit is made.
12345Next

Post a new comment