?

Log in

No account? Create an account

Previous Entry | Next Entry

Need advice/credit card fraud beware!

This is both a beware and a call for advice. I'm a little unsure of how to handle the situation as it stands now and would greatly appreciate any input you guys could give me!

WHO:
  Michael Shore/Something for Everyone Jewelry

WHERE:
- His facebook page for his business
- His DA for his business
- The original purchase took place at Anime USA 2010

WHAT: I bought an Utena rose crest necklace from him at Anime USA. I didn't think to save the receipt, but similar necklaces are picture prominently on his sites and I can get a quick picture of myself with it if anyone would like proof! I bought it with my credit card and nothing else happened between us at that time.

WHEN: I bought the necklace from him at Anime USA 2010, sometime in November of last year. Last month (May) I noticed that I had two charges taken out of my credit card account with his business as the recipient. There were two charges taken out and I immediately contacted my credit card company to file them as fraud. On June 8, my credit card company gave me the money that was taken out of my account back. Yesterday (June 27) I emailed Michael Shore to ask for an explanation, since I decided it was time to get moving on things. He responded back last night and this morning.

PROOF:  Like I said, I don't have the original receipt but I can take pictures of the necklace if the community would like!
- Part of my credit card statement: Here you can see the charge of $150 to Something for Everyone Jewelry and the credit that my company refunded to me.

EXPLAIN:
There were two charges made to my account from Something for Everyone in May, one for $50 and one for $150. On my statement screencap you can see the charge for $150, then the following transfer of credit to a new credit card account to avoid further fraud, and the refund of both charges that were made. I decided to deal with it with my credit card company before I started anything else, but now that is over I'm opening the issue up to this community so I can get word out and get some advice.

Yesterday I decided to email Michael Shore and see if he had anything to say about the highly suspicious situation before I posted it here. The following is the email I sent him (and I also sent it to his deviantart account in case he checked one more often than the other)


I received a response only a couple hours later and this is what he said back to me:



I'm a somewhat suspicious person and wanted more information, so I emailed the following back to him:



And once again, he responded quickly!


Additionally, he left this note in reply to the note that I sent him on DA (identical to the one I emailed him originally)



While I'm willing to accept that perhaps his information was stolen, it strikes me as very odd that someone could somehow steal the money from his paypal. What do you guys think? Does it sound reasonable that someone could have carried out this heist using his information?

The other thing that really bothers me is that he hasn't notified his previous customers. It strikes me as dishonest that he is trying to save face instead of notifying people that their credit cards are likely compromised. I didn't notice the first fraudulent charge until weeks later, so I'm willing to bet at least some people haven't noticed the fraud to their cards yet. Do you guys think I should leave notes on his facebook/deviantart to warn people? I've also been considering posting on convention forums about it.

Also, before I got in touch with Michael Shore I started emailing conventions he attends about him. I had initially assumed it was him carrying out the fraud but now I'm a little unsure of where to proceed on that too.

At least I have my money back... but what should I do next?

 

(And I'd be glad to provide more information as necessary!)

 

Artist's beware has moved!
Do NOT repost your old bewares. They are being archived.
https://artistsbeware.info/

Comments

( 43 comments — Leave a comment )
skulldog
Jul. 1st, 2011 06:40 pm (UTC)
His explanation is pretty realistic and highly probable. Merchant IDs are not impossible for a third party to get a hold of and use in fraudulent manners.

As for getting into Paypal? I had had mine hacked a few months ago, and drained of all my funds over night. Again, it's not hard for someone with time and motive to get into one, and if someone got his merchant ID, you'd bet they where aware this person uses online payments for business transactions, and would likely go after the Paypal as well.

You acted fast, got your money back, and there's really not much else to do from there.
hksherra
Jul. 1st, 2011 09:42 pm (UTC)
Ouch! Sorry about your paypal! And thanks for the advice!
taelifoe
Jul. 1st, 2011 06:47 pm (UTC)
Hmmm, I have to be honest - I've got mixed opinions on this whole thing, so I can understand why you're feeling a little torn by what to do.

I do think it was good of him to respond to your inquiries so quickly and with what sounds like some legitimate reasons for this issue (ID being stolen, credit card info being taken if it was being kept in a toolbox) Having worked for small business before, I have seen that some financial safety measures, such as keeping credit card info in a secure place, are not put into effect until after a problem has surfaced. Sometimes people just don't think that something like theft will really happen to them. However, for some reason I want to say that you should only need a customer's CC info for a certain period of time - after that, you should be able to dispose of it safely. I'll have to do some checking around on this before I can guarantee that, though.

On the other hand, it does strike me as a little suspicious that he doesn't want you to go public about this, though again, I'm inclined to think that it's possible he's afraid of his business going under due to a bad rep, and not necessarily that he is a fraud. Like I say, I'm kind of torn on this. I tend to be skeptical of these kinds of situations, but there are a lot of things here that sound like the guy is trying to be helpful however he can and is honestly afraid of being blamed for theft he didn't commit.

If you get any more charges on your credit card for this, I would suggest changing your CC number, as much of a pain in the butt as that is. And after having contacted him and heard his side of the story, I would definitely be suspicious of any unauthorized charges beyond this point. I'm sorry I can't offer better help than that. I'm open to hearing the opinions of others on this, and I hope you can get the situation resolved comfortably.
hksherra
Jul. 1st, 2011 09:45 pm (UTC)
My credit card company changed the card number and sent me a new one once I notified them of it, thankfully.

He seems like he's in his young twenties so it's entirely likely that he's inexperienced and just handling things poorly because of that... but yeah. It's still sorta shifty....
(no subject) - taelifoe - Jul. 1st, 2011 11:35 pm (UTC) - Expand
millislim
Jul. 1st, 2011 07:14 pm (UTC)
OH MAN TOUGH-IE
While I don't usually jump to conclusions it all seems very strange that "this happened" then "this happened". I do feel he has the responsibility to notify previous customers that something happened. I would have more respect for a company that kept it's customers abreast of security breeches than, say, one that does nothing and victimizes more people in the process of "saving face".

I can understand the concern for lost business but honestly? I had never heard of the guy until now so if he did have to "start all over" I would have never known he had his Merch ID stolen.

I'm not sure how old this guy is but this maybe another issue of inexperienced "professionals" (sorry for the excessive amount of quotation marks lol). Most of the AB's here are these "professionals" who are genuinely trying to be successful but taking on too much, cutting corners or not researching what it takes to be a real business.

tl;dr: Can't tell if story is a lie or just business stupidity. I would say, tread lightly...screen cap any future messages and keep the anime convention informed. I'm sure he's not the first business to be compromised and a convention maybe able to understand how often something like this might happen in the business world.
hksherra
Jul. 1st, 2011 09:46 pm (UTC)
Re: OH MAN TOUGH-IE
Like I said in a comment above, he seems like he's in his early twenties so he probably is pretty inexperienced and doesn't know how to handle crises like these.

I guess I will keep communicating with the anime conventions on this front. It's their choice whether or not to invite this guy back after they review the evidence and lack thereof.

Thanks for the advice!
hybrid_xisha
Jul. 1st, 2011 07:59 pm (UTC)
He sounds like a good guy who's just making a mistake right now that's making him look dishonest. But I still think it would be very good of you if you decided to go public and warn other people you know or think he's done business with. It's just the responsible, honest, neighbourly thing to do, and to be honest, it's what HE should have been doing from the start. The guy needs a better lawyer and better business advice.

I'm not going to come out and say he's being deliberately shady, but one remark he made leaves me with a really bad taste:

"I have not posted anything on my FB or DA because I have been told by my parents and my lawyer not to do so because it can permanently ruin my business and then I will have to go out of business. The money in question is being refunded to everyone who files a complaint and those who contact me directly."

I know he's not here on this entry (never heard of the guy, so I dunno if he LJ's), but I'm going to word this next part as if I'm addressing him in case he ever sees this. And I hope he does, because the poor guy needs to get his priorities straight:

I'm sorry to be the bearer of bad news, Michael, but saying that bit above about hiding the truth from your customers is what's going to put your reputation in the crapper, not the fact that your data was stolen in the first place. Now, it reads like your merchant info was stolen because you didn't take every precaution in protecting it (leaving your business stuff at your booth instead of, say, keeping it locked in your luggage in your hotel room while you're off duty? That is irresponsible.)

But even if the theft hadn't been in part due to your negligence, you would STILL owe your customers the truth, to warn them that they might have been stolen from. You're putting your self-perceived "reputation" ahead of other people's security, and THAT is what makes you look bad here, much more so than the fact that your info was compromised. You're giving the impression of, if you're holding back very important information from people right now, what else are you willing to hide? This type of theft happens all the time, and people are surprisingly forgiving--but ONLY WHEN YOU'RE HONEST WITH THEM ABOUT WHAT HAPPENED.

Hiding such an important situation is only going to double the backlash on you when people find out, and they *will* find out, because people who've already discovered what happened aren't going to keep quiet about it. They're going to try to protect others by warning them--what YOU should have been doing from the start.

You could still put things right by coming clean publicly about what happened. I'd be happy to consider doing business with you in the future if you did that; I attend a lot of the cons you mention selling at and your work looks great. But your shady, dishonest behaviour right now has made me never want to do business with you. I'm recording your name and all your information so I know to avoid you at future conventions (if you don't come clean in the meantime), and I'll recommend my friends avoid you as well. I've been doing conventions since the 90s, so that's a LOT of friends. That's not meant to sound like a threat, mind you--I'm trying to drive home the point that convention fandom tends to form very tight and lasting bonds through the Internet, and anything you want to hide doesn't stay secret for long. So it's best to be truthful now, and you'll be amazed at how much people will respect you for it!
hksherra
Jul. 1st, 2011 09:49 pm (UTC)
I'm somewhat tempted to reply to his last email with your response. I haven't responded yet because I simply don't know what to say, and you seem to have summed it up nicely.

I think that it's very true that he owes his customers the truth. It would definitely look a heck of a lot better if they heard the news from him and not say... from here.
(no subject) - hybrid_xisha - Jul. 1st, 2011 10:24 pm (UTC) - Expand
shukivengeance
Jul. 1st, 2011 09:30 pm (UTC)
So he had his merchant ID stolen, customer credit card info stolen, AND his paypal compromised?

Sorry but I'm calling bullshit on this one. It just seems incredibly dishonest.

Even if he and his business *are* innocent victims in this, a beware against him still stands as he is more concerned about the possible bad PR than about protecting his customers. A person with this attitude and such lax security should not be running a business, period.
hksherra
Jul. 1st, 2011 09:50 pm (UTC)
I hadn't thought of it that way.... it is awfully shady that all these things happened at once. I've been still scratching my head over how a thief could siphon all the money through his account into theirs without them figuring it out or noticing...
(no subject) - shukivengeance - Jul. 1st, 2011 10:01 pm (UTC) - Expand
(no subject) - tisket_wolf - Jul. 2nd, 2011 12:42 am (UTC) - Expand
(no subject) - venatorrooc - Jul. 2nd, 2011 03:15 am (UTC) - Expand
(no subject) - celestinaketzia - Jul. 2nd, 2011 01:01 pm (UTC) - Expand
(no subject) - ljmydayaway - Jul. 2nd, 2011 05:48 pm (UTC) - Expand
(no subject) - ljmydayaway - Jul. 2nd, 2011 05:50 pm (UTC) - Expand
(no subject) - shukivengeance - Jul. 2nd, 2011 06:12 pm (UTC) - Expand
(no subject) - ljmydayaway - Jul. 2nd, 2011 06:57 pm (UTC) - Expand
(no subject) - shukivengeance - Jul. 3rd, 2011 03:39 am (UTC) - Expand
(no subject) - celarania - Jul. 2nd, 2011 05:10 pm (UTC) - Expand
(no subject) - shukivengeance - Jul. 2nd, 2011 05:18 pm (UTC) - Expand
(no subject) - crssafox - Jul. 3rd, 2011 01:07 am (UTC) - Expand
(no subject) - shukivengeance - Jul. 3rd, 2011 03:31 am (UTC) - Expand
(no subject) - crssafox - Jul. 3rd, 2011 03:33 am (UTC) - Expand
(no subject) - shukivengeance - Jul. 3rd, 2011 03:43 am (UTC) - Expand
(no subject) - crssafox - Jul. 3rd, 2011 03:44 am (UTC) - Expand
(no subject) - hksherra - Jul. 3rd, 2011 04:08 am (UTC) - Expand
skirtandzy
Jul. 1st, 2011 09:56 pm (UTC)
The one thing I find a littl off-putting is that in the first reply email, he states that his 'credit card slips now reside in a safe at home, and no longer travel with him'.
Aside from purchases made while traveling, why whould you not leave credit card slips at home?
kappyjeanne
Jul. 2nd, 2011 03:59 am (UTC)
It seems a little off that he would admit to someone stealing his info, then go through the effort to cover their tracks so nobody knows. You think he would want to expose something like this, not cover it up. Especially if he's concerned about losing customers, the fact that he knowingly is aware of other customers being charged fraudulently and is actively choosing not to contact any of them just stinks of something awful.

The excuses seem likely, but his explanations and his reasoning don't seem to represent the same intent. Things just don't add up completely.

Him contacting his clientele informing them of the situation and the charges they must refund or report would be much more of a representation of the business ethic he's trying to portray. The fact he's not doing anything about the customers of his who haven't noticed the fraudulent charges disappoints me.

Edited at 2011-07-02 04:01 am (UTC)
crssafox
Jul. 3rd, 2011 01:28 am (UTC)
Some other observations to note....

- Find out who his merchant services/credit card provider is, and/or what kind of a machine he uses to input credit card information. How did he run your card for you? Did he take an imprint of your card and run it manually after the show? Did he swipe it on a device on his mobile phone? Did he have a full keypad device like you find at a grocery store? Find out if or how his input device SAVES a credit card number.

- I believe it may be a federal law, but don't quote me on that- in most states, at least, it is ILLEGAL to have a full credit card number on someone's receipt, even the merchant's copy. I recall there being a little bit of a stink when a mom-n-pop retail store I used to work for had to get and set up a new credit card machine because their old one would automatically print out the credit card number on the merchant's copy of the receipt.

- Why did he keep his receipts from last year with him at conventions? I would think that his tax preparer would have needed that information for him to do his 2010 taxes. Those receipts should have remained with his 2010 tax documents, not in a folder or file that he's taking to conventions.

- Who is blackmailing his company, and why? What motive would they have to attack his customers? Why is he immediately passing the blame onto someone else saying it is "blackmail"? That makes no sense. To imply blackmail implies that there is more to the story than he is giving; blackmail is doing something to someone in order to get them to do your bidding. If it's blackmail, he'd know the who-what-when-why.

- Similarly... "on vacation or at friends houses." Okay... Which one is it, on vacation or visiting friends? His DA message is a little more specific saying he was visiting "extended family." I know it's possible to go visit family and spend time with friends that might live in that area, but why elaborate like this? All he needed to say is "I was out of town." The details seem a bit sketchy there, since he was at the same time, on vacation, or visiting friends, or visiting extended family.

- He seems very adamant about your not contacting con staff about the situation. If I were him, I'd want con staff at various events to be aware of the fact that theft of merchant information happened at another anime con, and could they make sure everyone knows to take their valuables with them. (Even though they DO tell you that before you sell...) Nowhere did you accuse him of theft, you simply asked him to explain the extra charges on your account, so there's no reason he should think you're telling anime cons that he's stealing your money. You're just notifying the con you know you purchased an item at, that your account seems to have been compromised during or by someone at that particular convention. Yes, it IS their business.

- No lawyer in their right mind would tell a client to hide the fact that customers' credit card information may have been stolen. I've been e-mailed in the past by companies telling me that my e-mail address may have been harvested when their mailing lists were compromised, so if my e-mail address is being treated as sensitive information, for sure someone's credit card should be. On top of that, if the charges would deposit themselves into HIS bank account, then HE is receiving that money and HE would be held responsible for the fraudulent charges. I absolutely CANNOT see how a lawyer would advise him to keep this all hush-hush.

Sorry to have rambled on and picked it apart, but it really does rub me the wrong way. He might only be in his 20's, but I know several young 20-somethings that have started their own businesses and done things The Right Way (like the 24-year-old that now has three locations for his gourmet popsicle store, only a year after opening his first one) so blaming it on "he's young" just does not sit well with me. He might be young, but he's also old enough to know better and take some responsibility for his actions - or inactions, as it may be.
hksherra
Jul. 3rd, 2011 04:06 am (UTC)
Those are good observations. This whole thing is starting to stink worse than week old fish.

I just... still don't quite know what to do about it all, though. Post warnings on his sites? Send all this information to all the cons?
(no subject) - crssafox - Jul. 3rd, 2011 07:53 pm (UTC) - Expand
(no subject) - holydust - Jul. 3rd, 2011 06:55 am (UTC) - Expand
(no subject) - crssafox - Jul. 3rd, 2011 07:56 pm (UTC) - Expand
(no subject) - holydust - Jul. 3rd, 2011 08:01 pm (UTC) - Expand
(no subject) - crssafox - Jul. 3rd, 2011 07:58 pm (UTC) - Expand
(no subject) - holydust - Jul. 3rd, 2011 08:03 pm (UTC) - Expand
(no subject) - crssafox - Jul. 3rd, 2011 08:06 pm (UTC) - Expand
(no subject) - holydust - Jul. 3rd, 2011 08:11 pm (UTC) - Expand
hksherra
Jul. 3rd, 2011 04:10 am (UTC)
Thank you everyone for picking this apart. It seems to be more and more evident that something is amiss here.

I guess I should send new emails to conventions with more information... and post on his facebook/deviantart warning other customers

Facebook is annoying in that I'd have to use my real name, unfortunately.
millislim
Jul. 4th, 2011 09:24 am (UTC)
I dunno if I would go so far as to post on his deviantart and facebook yet...I would wait to see his next move if you decide to confront him again about his vow of silence. You don't want to look like some crazy, disgruntaled customer whose just raging on all his pages...you may come across a large army of white knights who will thwart your efforts. I think letting the con you attended know about what happened is a good first step and asking them if you should contact other cons. There maybe some strict rules/ettique to follow and if you're serious about this case you don't want to ruin what you've started by going all "leroy jenkins" on it.
( 43 comments — Leave a comment )

Profile

A_B icon
artists_beware
Commissioner & Artist, Warning & Kudos Community
Artists Beware

Community Tags

Powered by LiveJournal.com