Jump to content
Not connected, Your IP: 44.222.116.199
Guest

[FUD] Compromised US Server? Charges on Debit Card

Recommended Posts

Guest

A few days ago I was trying to book train tickets here in the UK. However, all the websites that I tried are blocking AirVPN except for thetrainline.com. Not wanting to use thetrainline as it charges a booking fee, I used the AirVPN route checking tool and found that 3 US servers can reach the blocked websites. So I used one of them and booked my train tickets. About three days later, I get a call from my bank advising me that my card is being used in the US.

 

Is this a coincidence or is the US server compromised?

Share this post


Link to post

A few days ago I was trying to book train tickets here in the UK. However, all the websites that I tried are blocking AirVPN except for thetrainline.com. Not wanting to use thetrainline as it charges a booking fee, I used the AirVPN route checking tool and found that 3 US servers can reach the blocked websites. So I used one of them and booked my train tickets. About three days later, I get a call from my bank advising me that my card is being used in the US.

 

Is this a coincidence or is the US server compromised?

 

Hello,

 

the servers are not compromised and this is not a coincidence. According to your description the final beneficiary received a payment from your credit card and from an IP address that's geo-located in the USA, so in the "not so sane" view of all or part of the payment chain you were using the card in the USA.

 

Kind regards

Share this post


Link to post

I have been using air for 2 and a half years. I have used my credit card many times while connected to more several different servers, and nothing happened over these 2 and a half years. I trust airvpn completely and dont worry you are safe

Its just the banking system. say you are in a country A and have a bank account from the same country. IF you login\purchase to your bank account using a VPN (which changes your IP and location to another country) The transaction would be flagged and bank will notify you to make sure that you werent hacked

Share this post


Link to post
Guest

I have been using air for 2 and a half years. I have used my credit card many times while connected to more several different servers, and nothing happened over these 2 and a half years. I trust airvpn completely and dont worry you are safe

Its just the banking system. say you are in a country A and have a bank account from the same country. IF you login\purchase to your bank account using a VPN (which changes your IP and location to another country) The transaction would be flagged and bank will notify you to make sure that you werent hacked

 

Sorry I didn't make my post very clear. The transaction I carried out, booking the train tickets, that went through fine and the bank didn't flag that as I often book train tickets online. It was 2-3 days later when my card was used to make a purchase on the Delta Airlines website in the US, something I didn't do and probably would never do. This was the transaction that was flagged.

 

I have also been using AIr for a long time, years just like you, but this was the first time that I used a US server to carry out a transaction.

Share this post


Link to post
Guest

 

A few days ago I was trying to book train tickets here in the UK. However, all the websites that I tried are blocking AirVPN except for thetrainline.com. Not wanting to use thetrainline as it charges a booking fee, I used the AirVPN route checking tool and found that 3 US servers can reach the blocked websites. So I used one of them and booked my train tickets. About three days later, I get a call from my bank advising me that my card is being used in the US.

 

Is this a coincidence or is the US server compromised?

Hello,

 

the servers are not compromised and this is not a coincidence. According to your description the final beneficiary received a payment from your credit card and from an IP address that's geo-located in the USA, so in the "not so sane" view of all or part of the payment chain you were using the card in the USA.

 

Kind regards

 

Hey,

 

Sorry, I should have been clearer. There were two transactions. I purchased train tickets, which obviously would have shown my card as being used in the US because I was connected to a US based server. However, 2-3 days later, while I was not even online let alone connected to an Airvpn server, my card was used to buy  plane tickets from the Delta Airlines website in the US. It is this second transaction that makes me think that the server is compromised. The two transactions are days apart which forces me to believe it cannot be a coincidence.

 

How can you be so sure that the servers are not compromised? How is it possible that literally all of the Airvpn servers are blocked from buying train tickets on most of the the sites in the UK (e.g. cross country, virgin, east midlands etc) except for these 3 US servers?

 

Thanks

Share this post


Link to post

 

 

A few days ago I was trying to book train tickets here in the UK. However, all the websites that I tried are blocking AirVPN except for thetrainline.com. Not wanting to use thetrainline as it charges a booking fee, I used the AirVPN route checking tool and found that 3 US servers can reach the blocked websites. So I used one of them and booked my train tickets. About three days later, I get a call from my bank advising me that my card is being used in the US.

 

Is this a coincidence or is the US server compromised?

Hello,

 

the servers are not compromised and this is not a coincidence. According to your description the final beneficiary received a payment from your credit card and from an IP address that's geo-located in the USA, so in the "not so sane" view of all or part of the payment chain you were using the card in the USA.

 

Kind regards

Hey,

 

Sorry, I should have been clearer. There were two transactions. I purchased train tickets, which obviously would have shown my card as being used in the US because I was connected to a US based server. However, 2-3 days later, while I was not even online let alone connected to an Airvpn server, my card was used to buy  plane tickets from the Delta Airlines website in the US. It is this second transaction that makes me think that the server is compromised. The two transactions are days apart which forces me to believe it cannot be a coincidence.

 

How can you be so sure that the servers are not compromised? How is it possible that literally all of the Airvpn servers are blocked from buying train tickets on most of the the sites in the UK (e.g. cross country, virgin, east midlands etc) except for these 3 US servers?

 

Thanks

The logical step would be to scan your computer first and then doubt others. There is a much higher chance that you're computer is comprised rather than the server itself. Your communication between the server is very well encrypted and the transaction between the server and the site was also likely encrypted. I would highly suggest downloading an Antivirus software like Avast and scan your computer first.

Share this post


Link to post

Just to add, have you checked the train's site ssl cert? I love let's encrypt but AFAIK their certs are not recommend for commerce.

 

Also like the other people said the hijack could have happen from the exit to the train's site.

 

Sent from my BND-L34 using Tapatalk

Share this post


Link to post

Sorry, I should have been clearer. There were two transactions. I purchased train tickets, which obviously would have shown my card as being used in the US because I was connected to a US based server. However, 2-3 days later, while I was not even online let alone connected to an Airvpn server, my card was used to buy  plane tickets from the Delta Airlines website in the US. It is this second transaction that makes me think that the server is compromised. The two transactions are days apart which forces me to believe it cannot be a coincidence.

 

This is impossible: even if the server was compromised (and it is not, but let's imagine this scenario) your credit card details could NOT be seen on the server itself or ANYWHERE ELSE between your node and the final recipient of the communications, because the credit card transaction is encrypted end-to-end. This is the foundation that makes financial transactions possible on the Internet (or on any digital network you can imagine).

 

In other words, it's TOTALLY IRRELEVANT in this incident whether the server is "compromised" or not.

 

And frankly, if you did not know this trivial fact, why did you suspect our VPN server and not any other node between you and the final processor of your card?

 

Therefore, ruling out the trivial case that your card info has been taken physically by someone who could physically see your card front and rear and knows your birth date etc (a fact which is still the source of a large percentage of cc frauds around the world), your description of events can be explained ONLY by assuming that one of the ends is compromised, because only those ends can see the data in clear text, and precisely:

 

1) your computer

2) the payment processor of the train company (or the train company payment system itself if they do not use external payment processors)

 

Sorry to underline again this but you are in AirVPN forums: of all the possible parties, you ended up suspecting the only one which mathematically can NOT be the culprit.

 

Kind regards

Share this post


Link to post

lol no. highly doubt it. scan your windows computer for virii. maybe do computer full restore. or better yet, switch to linux ;]

Share this post


Link to post
Guest

lol no. highly doubt it. scan your windows computer for virii. maybe do computer full restore. or better yet, switch to linux ;]

I am on Linux, and my computer has been scanned, twice. No issues found as of yet.

Share this post


Link to post
Guest

 

Sorry, I should have been clearer. There were two transactions. I purchased train tickets, which obviously would have shown my card as being used in the US because I was connected to a US based server. However, 2-3 days later, while I was not even online let alone connected to an Airvpn server, my card was used to buy  plane tickets from the Delta Airlines website in the US. It is this second transaction that makes me think that the server is compromised. The two transactions are days apart which forces me to believe it cannot be a coincidence.

 

This is impossible: even if the server was compromised (and it is not, but let's imagine this scenario) your credit card details could NOT be seen on the server itself or ANYWHERE ELSE between your node and the final recipient of the communications, because the credit card transaction is encrypted end-to-end. This is the foundation that makes financial transactions possible on the Internet (or on any digital network you can imagine).

 

In other words, it's TOTALLY IRRELEVANT in this incident whether the server is "compromised" or not.

 

And frankly, if you did not know this trivial fact, why did you suspect our VPN server and not any other node between you and the final processor of your card?

 

Therefore, ruling out the trivial case that your card info has been taken physically by someone who could physically see your card front and rear and knows your birth date etc (a fact which is still the source of a large percentage of cc frauds around the world), your description of events can be explained ONLY by assuming that one of the ends is compromised, because only those ends can see the data in clear text, and precisely:

 

1) your computer

2) the payment processor of the train company (or the train company payment system itself if they do not use external payment processors)

 

Sorry to underline again this but you are in AirVPN forums: of all the possible parties, you ended up suspecting the only one which mathematically can NOT be the culprit.

 

Kind regards

 

You could have given a better answer without the condescending tone. Yes I am on the AirVPN forums, but if you don't like the nature of my question, because of my lack of knowledge or whatever reason, please feel free to not answer. I posted on the forums and did not contact AirVPN directly as I wanted input from the community. I would advise that in future, you serve the AirVPN members in a more respectful manner.

 

My question was not an attack on AirVPN, as a staff member you should be able to see that I have been a member for many years. The reason I asked here was for many reasons. Let me break it down for you.

1) All airvpn servers are blocked to many train sites in the UK. You can visit the home page but cannot proceed to buying tickets.

2) Only 2 US servers can access the pages to buy the tickets as confirmed by your route checking tool

3) I have been using my card for many about 3 years with no issue. I use a US server once and 2 days later my card is used online in the USA

4) If my PC is compromised and someone had access to my card/card details, why just buy a plane ticket in the US, why not go all out?

5) If my PC is compromised, have fun with my paypal and other accounts

 

In future, Instead of saying things like TOTALLY IRRELEVANT, and deflecting the issue onto other parties, maybe you should focus on explaining how you can be so certain that your servers are not compromised, the security steps you take to maintain their integrity and why, as paying members of airvpn, we should continue to trust you etc.

 

Just FYI, I have had another issue today and will be opening another topic, if you have something useful to say on the issue, please do contribute in a respectful manner.

Share this post


Link to post

In future, Instead of saying things like TOTALLY IRRELEVANT, and deflecting the issue onto other parties, maybe you should focus on explaining how you can be so certain that your servers are not compromised, the security steps you take to maintain their integrity and why, as paying members of airvpn, we should continue to trust you etc.

Obviously you didn't understand Staff's answer.

 

When you pay with your credit card on the internet, your information is encrypted before leaving your computer by the browser but more importantly BEFORE reaching the VPN server you're connected to. Decryption only happens on the payment processor's server.

 

So Staff isn't "deflecting" but explaining why even if the server was compromised, it still wouldn't be their fault!

Share this post


Link to post
Guest

 

In future, Instead of saying things like TOTALLY IRRELEVANT, and deflecting the issue onto other parties, maybe you should focus on explaining how you can be so certain that your servers are not compromised, the security steps you take to maintain their integrity and why, as paying members of airvpn, we should continue to trust you etc.

Obviously you didn't understand Staff's answer.

 

When you pay with your credit card on the internet, your information is encrypted before leaving your computer by the browser but more importantly BEFORE reaching the VPN server you're connected to. Decryption only happens on the payment processor's server.

 

So Staff isn't "deflecting" but explaining why even if the server was compromised, it still wouldn't be their fault!

 

thank you Nick! that's much appreciated. I wasn't blaming anyone, I'm just trying to figure out where the issue is and what I need to do to fix it.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...