CC info nabbed; ordered on SSL site, Using Firefox secured

durofarm · 11-15-2008, 08:26 AM

I should start this out by stating that I am TOTALLY not computer security savvy, nor do I have much (if any) knowledge about even basic "inner workings" of my computer system. (That is really pitiful, because I am on this thing most of the day-every day).
Two days ago I placed an order on a website with my amex card; the site has thawte security certificate, and using firefox browser, also secure. However when it was time to actually send the order it said sending the info over an unencrypted connection. (I did not have any choice but to complete the order

- medical supplies for my CPAP machine- as I live in the middle of nowhere, a majority of my purchases ARE online). And LO and BEHOLD- not even 10 hours later american express called me-someone HAD gotten my card info, and attempted to use it (online). I'm not sure why they caught this - the attempted use was NOT for a very large purchase.
I have had my share of experiences with fraud attempts-I am always thankful the card people are watching for these things like HAWKS. This was however the first time for my american express card, which I've had since forever.
Here is my question about all this: HOW could anything be sent over unencrypted connection when both the web page and my browser are secure (they say)? The page was https, the lock was there....;

What else could I have done, in this case-(other than not send the order-which was not a possibility).
I appreciate any and all input on this!! Thanks in advance!

11-15-2008, 08:26 AM	#1 (permalink)
durofarm Registered User Join Date: Nov 2008 Posts: 1 OS: winxp	CC info nabbed; ordered on SSL site, Using Firefox secured I should start this out by stating that I am TOTALLY not computer security savvy, nor do I have much (if any) knowledge about even basic "inner workings" of my computer system. (That is really pitiful, because I am on this thing most of the day-every day). Two days ago I placed an order on a website with my amex card; the site has thawte security certificate, and using firefox browser, also secure. However when it was time to actually send the order it said sending the info over an unencrypted connection. (I did not have any choice but to complete the order - medical supplies for my CPAP machine- as I live in the middle of nowhere, a majority of my purchases ARE online). And LO and BEHOLD- not even 10 hours later american express called me-someone HAD gotten my card info, and attempted to use it (online). I'm not sure why they caught this - the attempted use was NOT for a very large purchase. I have had my share of experiences with fraud attempts-I am always thankful the card people are watching for these things like HAWKS. This was however the first time for my american express card, which I've had since forever. Here is my question about all this: HOW could anything be sent over unencrypted connection when both the web page and my browser are secure (they say)? The page was https, the lock was there....; What else could I have done, in this case-(other than not send the order-which was not a possibility). I appreciate any and all input on this!! Thanks in advance!