Guest Posted ... A few days ago I was trying to book train tickets here in the UK. However, all the websites that I tried are blocking AirVPN except for thetrainline.com. Not wanting to use thetrainline as it charges a booking fee, I used the AirVPN route checking tool and found that 3 US servers can reach the blocked websites. So I used one of them and booked my train tickets. About three days later, I get a call from my bank advising me that my card is being used in the US. Is this a coincidence or is the US server compromised? Quote Share this post Link to post
Staff 9972 Posted ... A few days ago I was trying to book train tickets here in the UK. However, all the websites that I tried are blocking AirVPN except for thetrainline.com. Not wanting to use thetrainline as it charges a booking fee, I used the AirVPN route checking tool and found that 3 US servers can reach the blocked websites. So I used one of them and booked my train tickets. About three days later, I get a call from my bank advising me that my card is being used in the US. Is this a coincidence or is the US server compromised? Hello, the servers are not compromised and this is not a coincidence. According to your description the final beneficiary received a payment from your credit card and from an IP address that's geo-located in the USA, so in the "not so sane" view of all or part of the payment chain you were using the card in the USA. Kind regards Quote Share this post Link to post
Mad_Max 15 Posted ... I have been using air for 2 and a half years. I have used my credit card many times while connected to more several different servers, and nothing happened over these 2 and a half years. I trust airvpn completely and dont worry you are safeIts just the banking system. say you are in a country A and have a bank account from the same country. IF you login\purchase to your bank account using a VPN (which changes your IP and location to another country) The transaction would be flagged and bank will notify you to make sure that you werent hacked 1 cm0s reacted to this Quote Share this post Link to post
Guest Posted ... I have been using air for 2 and a half years. I have used my credit card many times while connected to more several different servers, and nothing happened over these 2 and a half years. I trust airvpn completely and dont worry you are safeIts just the banking system. say you are in a country A and have a bank account from the same country. IF you login\purchase to your bank account using a VPN (which changes your IP and location to another country) The transaction would be flagged and bank will notify you to make sure that you werent hacked Sorry I didn't make my post very clear. The transaction I carried out, booking the train tickets, that went through fine and the bank didn't flag that as I often book train tickets online. It was 2-3 days later when my card was used to make a purchase on the Delta Airlines website in the US, something I didn't do and probably would never do. This was the transaction that was flagged. I have also been using AIr for a long time, years just like you, but this was the first time that I used a US server to carry out a transaction. Quote Share this post Link to post
Guest Posted ... A few days ago I was trying to book train tickets here in the UK. However, all the websites that I tried are blocking AirVPN except for thetrainline.com. Not wanting to use thetrainline as it charges a booking fee, I used the AirVPN route checking tool and found that 3 US servers can reach the blocked websites. So I used one of them and booked my train tickets. About three days later, I get a call from my bank advising me that my card is being used in the US. Is this a coincidence or is the US server compromised?Hello, the servers are not compromised and this is not a coincidence. According to your description the final beneficiary received a payment from your credit card and from an IP address that's geo-located in the USA, so in the "not so sane" view of all or part of the payment chain you were using the card in the USA. Kind regards Hey, Sorry, I should have been clearer. There were two transactions. I purchased train tickets, which obviously would have shown my card as being used in the US because I was connected to a US based server. However, 2-3 days later, while I was not even online let alone connected to an Airvpn server, my card was used to buy plane tickets from the Delta Airlines website in the US. It is this second transaction that makes me think that the server is compromised. The two transactions are days apart which forces me to believe it cannot be a coincidence. How can you be so sure that the servers are not compromised? How is it possible that literally all of the Airvpn servers are blocked from buying train tickets on most of the the sites in the UK (e.g. cross country, virgin, east midlands etc) except for these 3 US servers? Thanks Quote Share this post Link to post
Guest Posted ... A few days ago I was trying to book train tickets here in the UK. However, all the websites that I tried are blocking AirVPN except for thetrainline.com. Not wanting to use thetrainline as it charges a booking fee, I used the AirVPN route checking tool and found that 3 US servers can reach the blocked websites. So I used one of them and booked my train tickets. About three days later, I get a call from my bank advising me that my card is being used in the US. Is this a coincidence or is the US server compromised?Hello, the servers are not compromised and this is not a coincidence. According to your description the final beneficiary received a payment from your credit card and from an IP address that's geo-located in the USA, so in the "not so sane" view of all or part of the payment chain you were using the card in the USA. Kind regardsHey, Sorry, I should have been clearer. There were two transactions. I purchased train tickets, which obviously would have shown my card as being used in the US because I was connected to a US based server. However, 2-3 days later, while I was not even online let alone connected to an Airvpn server, my card was used to buy plane tickets from the Delta Airlines website in the US. It is this second transaction that makes me think that the server is compromised. The two transactions are days apart which forces me to believe it cannot be a coincidence. How can you be so sure that the servers are not compromised? How is it possible that literally all of the Airvpn servers are blocked from buying train tickets on most of the the sites in the UK (e.g. cross country, virgin, east midlands etc) except for these 3 US servers? ThanksThe logical step would be to scan your computer first and then doubt others. There is a much higher chance that you're computer is comprised rather than the server itself. Your communication between the server is very well encrypted and the transaction between the server and the site was also likely encrypted. I would highly suggest downloading an Antivirus software like Avast and scan your computer first. Quote Share this post Link to post
flat4 79 Posted ... Just to add, have you checked the train's site ssl cert? I love let's encrypt but AFAIK their certs are not recommend for commerce. Also like the other people said the hijack could have happen from the exit to the train's site. Sent from my BND-L34 using Tapatalk Quote Hide flat4's signature Hide all signatures pFsense it works Share this post Link to post
Staff 9972 Posted ... Sorry, I should have been clearer. There were two transactions. I purchased train tickets, which obviously would have shown my card as being used in the US because I was connected to a US based server. However, 2-3 days later, while I was not even online let alone connected to an Airvpn server, my card was used to buy plane tickets from the Delta Airlines website in the US. It is this second transaction that makes me think that the server is compromised. The two transactions are days apart which forces me to believe it cannot be a coincidence. This is impossible: even if the server was compromised (and it is not, but let's imagine this scenario) your credit card details could NOT be seen on the server itself or ANYWHERE ELSE between your node and the final recipient of the communications, because the credit card transaction is encrypted end-to-end. This is the foundation that makes financial transactions possible on the Internet (or on any digital network you can imagine). In other words, it's TOTALLY IRRELEVANT in this incident whether the server is "compromised" or not. And frankly, if you did not know this trivial fact, why did you suspect our VPN server and not any other node between you and the final processor of your card? Therefore, ruling out the trivial case that your card info has been taken physically by someone who could physically see your card front and rear and knows your birth date etc (a fact which is still the source of a large percentage of cc frauds around the world), your description of events can be explained ONLY by assuming that one of the ends is compromised, because only those ends can see the data in clear text, and precisely: 1) your computer2) the payment processor of the train company (or the train company payment system itself if they do not use external payment processors) Sorry to underline again this but you are in AirVPN forums: of all the possible parties, you ended up suspecting the only one which mathematically can NOT be the culprit. Kind regards Quote Share this post Link to post
userr1980 1 Posted ... lol no. highly doubt it. scan your windows computer for virii. maybe do computer full restore. or better yet, switch to linux ;] Quote Share this post Link to post
Guest Posted ... lol no. highly doubt it. scan your windows computer for virii. maybe do computer full restore. or better yet, switch to linux ;]I am on Linux, and my computer has been scanned, twice. No issues found as of yet. Quote Share this post Link to post
Guest Posted ... Sorry, I should have been clearer. There were two transactions. I purchased train tickets, which obviously would have shown my card as being used in the US because I was connected to a US based server. However, 2-3 days later, while I was not even online let alone connected to an Airvpn server, my card was used to buy plane tickets from the Delta Airlines website in the US. It is this second transaction that makes me think that the server is compromised. The two transactions are days apart which forces me to believe it cannot be a coincidence. This is impossible: even if the server was compromised (and it is not, but let's imagine this scenario) your credit card details could NOT be seen on the server itself or ANYWHERE ELSE between your node and the final recipient of the communications, because the credit card transaction is encrypted end-to-end. This is the foundation that makes financial transactions possible on the Internet (or on any digital network you can imagine). In other words, it's TOTALLY IRRELEVANT in this incident whether the server is "compromised" or not. And frankly, if you did not know this trivial fact, why did you suspect our VPN server and not any other node between you and the final processor of your card? Therefore, ruling out the trivial case that your card info has been taken physically by someone who could physically see your card front and rear and knows your birth date etc (a fact which is still the source of a large percentage of cc frauds around the world), your description of events can be explained ONLY by assuming that one of the ends is compromised, because only those ends can see the data in clear text, and precisely: 1) your computer2) the payment processor of the train company (or the train company payment system itself if they do not use external payment processors) Sorry to underline again this but you are in AirVPN forums: of all the possible parties, you ended up suspecting the only one which mathematically can NOT be the culprit. Kind regards You could have given a better answer without the condescending tone. Yes I am on the AirVPN forums, but if you don't like the nature of my question, because of my lack of knowledge or whatever reason, please feel free to not answer. I posted on the forums and did not contact AirVPN directly as I wanted input from the community. I would advise that in future, you serve the AirVPN members in a more respectful manner. My question was not an attack on AirVPN, as a staff member you should be able to see that I have been a member for many years. The reason I asked here was for many reasons. Let me break it down for you.1) All airvpn servers are blocked to many train sites in the UK. You can visit the home page but cannot proceed to buying tickets.2) Only 2 US servers can access the pages to buy the tickets as confirmed by your route checking tool3) I have been using my card for many about 3 years with no issue. I use a US server once and 2 days later my card is used online in the USA4) If my PC is compromised and someone had access to my card/card details, why just buy a plane ticket in the US, why not go all out?5) If my PC is compromised, have fun with my paypal and other accounts In future, Instead of saying things like TOTALLY IRRELEVANT, and deflecting the issue onto other parties, maybe you should focus on explaining how you can be so certain that your servers are not compromised, the security steps you take to maintain their integrity and why, as paying members of airvpn, we should continue to trust you etc. Just FYI, I have had another issue today and will be opening another topic, if you have something useful to say on the issue, please do contribute in a respectful manner. Quote Share this post Link to post
nick75 25 Posted ... In future, Instead of saying things like TOTALLY IRRELEVANT, and deflecting the issue onto other parties, maybe you should focus on explaining how you can be so certain that your servers are not compromised, the security steps you take to maintain their integrity and why, as paying members of airvpn, we should continue to trust you etc.Obviously you didn't understand Staff's answer. When you pay with your credit card on the internet, your information is encrypted before leaving your computer by the browser but more importantly BEFORE reaching the VPN server you're connected to. Decryption only happens on the payment processor's server. So Staff isn't "deflecting" but explaining why even if the server was compromised, it still wouldn't be their fault! Quote Share this post Link to post
Guest Posted ... In future, Instead of saying things like TOTALLY IRRELEVANT, and deflecting the issue onto other parties, maybe you should focus on explaining how you can be so certain that your servers are not compromised, the security steps you take to maintain their integrity and why, as paying members of airvpn, we should continue to trust you etc.Obviously you didn't understand Staff's answer. When you pay with your credit card on the internet, your information is encrypted before leaving your computer by the browser but more importantly BEFORE reaching the VPN server you're connected to. Decryption only happens on the payment processor's server. So Staff isn't "deflecting" but explaining why even if the server was compromised, it still wouldn't be their fault! thank you Nick! that's much appreciated. I wasn't blaming anyone, I'm just trying to figure out where the issue is and what I need to do to fix it. Quote Share this post Link to post
zhang888 1066 Posted ... 5) If my PC is compromised, have fun with my paypal and other accounts Valid point. By any chance this? :https://airvpn.org/topic/29921-fud-paypal-account-accessed-through-airvpn-but-it-wasnt-me/ Quote Hide zhang888's signature Hide all signatures Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees. Share this post Link to post
Not connected, Your IP: 3.144.235.141
Online: 26532 users - 323080 Mbit/s total BW