Discount Tire web site security problem

J

JimmyW

New member
I suggest that folks be careful when browsing Discount Tire's site. It mat be a coincidence, but the day after I visited the site, someone effected a fraudulent purchase on my credit card at Discount Tire (and at other merchants). There very well may be a vulnerability on Discount Tire's site, which results in the harvesting of credit card data. I posted here because I did not know whether a better forum existed. Discount Tire needs to assess their site security. Until Discount Tire advises forum members of the steps that it has taken, I'd watch my credit accounts after visiting their site. I'd be happy to discuss this issue with Discount Tire. They may send me a private message with a telephone number.

I'll edit this post because some folks might have misunderstood my intent and have considered my post as bashing. That was not my intent. I simply wish to urge caution. I said that my experience might have been coincidental. DT is a reputable merchant and worthy of our business. Any reputable merchant can be hacked (just as the government is all too often). Reputable merchants also want to work with consumers and offer a safe online experience. So, if I've offended anyone's sensibilities, I'm sorry; however, I do believe that a potential problem exists.
 
Last edited:
JimmyW said:
I suggest that folks be careful when browsing Discount Tire's site. It mat be a coincidence, but the day after I visited the site, someone effected a fraudulent purchase on my credit card at Discount Tire (and at other merchants). There very well may be a vulnerability on Discount Tire's site, which results in the harvesting of credit card data. I posted here because I did not know whether a better forum existed. Discount Tire needs to assess their site security. Until Discount Tire advises forum members of the steps that it has taken, I'd avoid their site. I'd be happy to discuss this issue with Discount Tire. They may send me a private message with a telephone number.
Click to expand...

Welcome to wayalife.

I am 100% sure that just because you happened to browse their site some hacker was able to see into your pocket, into your wallet and gain you credit card information. Makes perfect sense to me.

:crazyeyes:
 
Maybe just call ur bank and have them fix the problem, i doughy discount tires web page was the factor they would be hitting tons of people not just one.
 
OverlanderJK said:
Welcome to wayalife.

I am 100% sure that just because you happened to browse their site some hacker was able to see into your pocket, into your wallet and gain you credit card information. Makes perfect sense to me.

:crazyeyes:
Click to expand...

Actually, it's not your "pants pocket," but what's on your system. It happens every day. A vulnerability on the site can cause data to be exfiltrated to a hacker. It's mot Discount Tire's fault, but they should take steps to ensure that they're site was not compromised.
 
JimmyW said:
Actually, it's not your "pants pocket," but what's on your system. It happens every day. A vulnerability on the site can cause data to be exfiltrated to a hacker. It's mot Discount Tire's fault, but they should take steps to ensure that they're site was not compromised.
Click to expand...

Welcome to wayalife.
 
noroad said:
Maybe just call ur bank and have them fix the problem, i doughy discount tires web page was the factor they would be hitting tons of people not just one.
Click to expand...

My problem's fixed. I'm trying to helpful to Discount Tire and other forum members. As I said, I'd be happy to discuss my issue with Discount Tire, but thought that I'd caution others. I very well could be the only victim because of my system setup, which is not terribly unusual.
 
Welcome. Are you sure it wasn't the porn site you visited just before and after, then again 30 minutes later? Lol.
 
JimmyW said:
I suggest that folks be careful when browsing Discount Tire's site. It mat be a coincidence, but the day after I visited the site, someone effected a fraudulent purchase on my credit card at Discount Tire (and at other merchants). There very well may be a vulnerability on Discount Tire's site, which results in the harvesting of credit card data. I posted here because I did not know whether a better forum existed. Discount Tire needs to assess their site security. Until Discount Tire advises forum members of the steps that it has taken, I'd avoid their site. I'd be happy to discuss this issue with Discount Tire. They may send me a private message with a telephone number.
Click to expand...

JimmyW said:
Actually, it's not your "pants pocket," but what's on your system. It happens every day. A vulnerability on the site can cause data to be exfiltrated to a hacker. It's mot Discount Tire's fault, but they should take steps to ensure that they're site was not compromised.
Click to expand...

JimmyW said:
My problem's fixed. I'm trying to helpful to Discount Tire and other forum members. As I said, I'd be happy to discuss my issue with Discount Tire, but thought that I'd caution others. I very well could be the only victim because of my system setup, which is not terribly unusual.
Click to expand...

We're sure lucky to have you here. Welcome to the forum.

Pretty ballsy assumption you are making to then go online and bash a company in a public forum. You could be found guilty for libel and/or slander. Do you know 100% it was that site. You mentioned other charges. They could have hacked your browser history and has nothing to do with DT/AT. I'd love to hear how you were able to pinpoint the breach. BTW, do you browse over wi-fi or ever use just cell data. You open to hacks by both as well as you home browser. I'm calling BS on your rant until you come forward with proof.
 
Same thing happened to me, I was surfing discount tire and northridge4x4 and for some reason I lost money from my account... But The "hacker" used my address to send his/her purchased items to! That "hacker" is an idiot!!

BTW welcome to the greatest friendliest Jeep forum!
 
JAGS said:
We're sure lucky to have you here. Welcome to the forum.

Pretty ballsy assumption you are making to then go online and bash a company in a public forum. You could be found guilty for libel and/or slander. Do you know 100% it was that site. You mentioned other charges. They could have hacked your browser history and has nothing to do with DT/AT. I'd love to hear how you were able to pinpoint the breach. BTW, do you browse over wi-fi or ever use just cell data. You open to hacks by both as well as you home browser. I'm calling BS on your rant until you come forward with proof.
Click to expand...

First, I made it clear that it's a possibility and not a certainty. I suggested that Discount Tire, which is a reputable marketer, analyze its site for a vulnerability. I didn't "bash" anyone. I could have simply contacted DT, but thought I'd mention it here just so folks can be careful and perhaps watch their accounts. Moreover, DT is a supporter of this site and is apt to see this post. I didn't urge anyone to avoid DT's site, but only to be cautious.

To try to answer your questions, the breach occurred soon after I visited DT's site. One of he unauthorized transactions occurred at DT. I happen to work in the computer science profession, so I'm not just throwing out allegations. Rest assured that my system is secure, but no system is fail safe. I merely advised folks of my experience and suggested caution. Again, DT is a good outfit and, I'm sure, takes customer security seriously. If the forum moderator has issues with my post, he or she is welcome to remove it. Given that some folks like you don't understand cyber security and rather flame me, I'll remove the thread myself if you will be kind enough to tell me how to do so. Thanks for your time.
 
JimmyW said:
First, I made it clear that it's a possibility and not a certainty. I suggested that Discount Tire, which is a reputable marketer, analyze its site for a vulnerability. I didn't "bash" anyone. I could have simply contacted DT, but thought I'd mention it here just so folks can be careful and perhaps watch their accounts. Moreover, DT is a supporter of this site and is apt to see this post. I didn't urge anyone to avoid DT's site, but only to be cautious.

To try to answer your questions, the breach occurred soon after I visited DT's site. One of he unauthorized transactions occurred at DT. I happen to work in the computer science profession, so I'm not just throwing out allegations. Rest assured that my system is secure, but no system is fail safe. I merely advised folks of my experience and suggested caution. Again, DT is a good outfit and, I'm sure, takes customer security seriously. If the forum moderator has issues with my post, he or she is welcome to remove it. Given that some folks like you don't understand cyber security and rather flame me, I'll remove the thread myself if you will be kind enough to tell me how to do so. Thanks for your time.
Click to expand...

Stay calm, we are just messing with you. We all like to have fun.
 
Speeddmn said:
Same thing happened to me, I was surfing discount tire and northridge4x4 and for some reason I lost money from my account... But The "hacker" used my address to send his/her purchased items to! That "hacker" is an idiot!!

BTW welcome to the greatest friendliest Jeep forum!
Click to expand...

Exactly. A vulnerability on a site can harvest your account data. For example, let's say that the malcode is active while you're at another site and buy something with your credit card. The malware harvests your credit card data and sends it to a programmed email address. The folks behind he malware then have all of the information they need to make online purchases. This is an over-simplification, but you get my drift. The site that contains the malware also is a victim.
 
You told people to "avoid the site." That's pretty direct. Also, don't assume others don't understand cyber security. That's a whole separate issue. Not flaming you, I don't know you. I just think it was in poor taste to do what you did. That doesn't need a forum mod.
 
JAGS said:
You told people to "avoid the site." That's pretty direct. Also, don't assume others don't understand cyber security. That's a whole separate issue. Not flaming you, I don't know you. I just think it was in poor taste to do what you did. That doesn't need a forum mod.
Click to expand...

Thank you. You're point is well taken, and I have edited my initial post to avoid any misunderstanding that I might have caused unintentionally.
 
JimmyW said:
Exactly. A vulnerability on a site can harvest your account data. For example, let's say that the malcode is active while you're at another site and buy something with your credit card. The malware harvests your credit card data and sends it to a programmed email address. The folks behind he malware then have all of the information they need to make online purchases. This is an over-simplification, but you get my drift. The site that contains the malware also is a victim.
Click to expand...

Neither of you said anything about purchasing through a site. Just that you were "browsing" and "surfing" respectably.

My statement I still stand by is that one better know for certain it was a particular site before making public allegations.
 
JimmyW said:
Exactly. A vulnerability on a site can harvest your account data. For example, let's say that the malcode is active while you're at another site and buy something with your credit card. The malware harvests your credit card data and sends it to a programmed email address. The folks behind he malware then have all of the information they need to make online purchases. This is an over-simplification, but you get my drift. The site that contains the malware also is a victim.
Click to expand...

But the key to this is you must open, install or allow entry at some point. This is a true statement but if you never allow malware or any "ransom ware" to be installed it doesn't matter what you do. This can be a PDF that's not really a PDF or just another "hey look at me" Popup. Just got give you a clue when I write things to capture information or gain access I typically put the code in the cancel or close button. How many people click that instead of "ok" ;)

Just saying...
 
You must log in or register to reply here.
Top Bottom