Jump to content

CaptReiViation

Simmarket False Identify Purchase Please Help!

Recommended Posts

Hi everyone,

I'm quite new to the forums, therefore I would like to apologize in advanced if this subject is posted in the wrong thread. I'm in a bit of a bind here. My dad's credit card that I use for online purchases has been blocked because someone had created a Simmarket account using my email to purchase an addon. Luckily it was only one item. However, this is still a very serious matter as the perpetrator may purchase more things under my email in the future. Do any of you guys know of any way to contact the Simmarket team via email or forums? I want to resolve this issue as fast as I can. Thanks.

Share this post


Link to post

Something is not adding up here.  When you buy from Simmarket they send you a confirmation to your email address.  So you should have received that email of the purchase by the person using your address.  Why not request a password reset.  the new password will come to your email and you will get control back?  Anyway on the Simmarket site you can contact to ask their opinion I guess but this all seems very odd and it makes me wonder if this post is some sort of scam....apologies if it is not.

  • Like 1
  • Upvote 1

Share this post


Link to post

I would contact them I had a problem downloading a product I purchased they were very helpful and sorted it, the only worry for simmarket is that when the FSL labs thing kicked off the hacking site had simmarket on there list, Onapproach has a screenshot of the site, that has now gone the isp most likely changed.

But simmarket will help you if contact them.

  • Like 2

Share this post


Link to post
2 hours ago, rjfry said:

But simmarket will help you if contact them.

Are you sure? 

 

You will see several people saying just after an FSUIPC purchase from simmarket, their CC was stolen. When I contacted Miguel and Pete about this, neither one cared at all. 

 

3 hours ago, CaptReiViation said:

Hi everyone,

I'm quite new to the forums, therefore I would like to apologize in advanced if this subject is posted in the wrong thread. I'm in a bit of a bind here. My dad's credit card that I use for online purchases has been blocked because someone had created a Simmarket account using my email to purchase an addon. Luckily it was only one item. However, this is still a very serious matter as the perpetrator may purchase more things under my email in the future. Do any of you guys know of any way to contact the Simmarket team via email or forums? I want to resolve this issue as fast as I can. Thanks.

In other words your dads CC was stolen.

simmarket will not help you, they will flat out deny there is a problem. 

 

Share this post


Link to post
4 hours ago, CaptReiViation said:

Hi everyone,

I'm quite new to the forums, therefore I would like to apologize in advanced if this subject is posted in the wrong thread. I'm in a bit of a bind here. My dad's credit card that I use for online purchases has been blocked because someone had created a Simmarket account using my email to purchase an addon. Luckily it was only one item. However, this is still a very serious matter as the perpetrator may purchase more things under my email in the future. Do any of you guys know of any way to contact the Simmarket team via email or forums? I want to resolve this issue as fast as I can. Thanks.

Your father needs to contact his bank. IMMEDIATELY. If the card has been hijacked it needs to be fixed by the bank. The card account is with the bank not Simmarket.

Bill W

  • Like 2
  • Upvote 1

Share this post


Link to post
1 hour ago, BillW said:

Your father needs to contact his bank. IMMEDIATELY. If the card has been hijacked it needs to be fixed by the bank. The card account is with the bank not Simmarket.

Bill W

^^^^ THIS ^^^^

All that matters now is to get that CC number deactivated.  This happens all too frequently and the banks know exactly how to deal with it.  Heck, my BoA CC get reissued at least once a year because it gets compromised; half the time they do it proactively base on a perceived threat.

  • Like 1

Share this post


Link to post

Thank you all to the replies. My dad has contacted the bank and as of right now the credit has been blocked. They will be sending a new credit card within a few days. In addition to that, the bank is also looking into this incident and will let us know further information about this whole situation. I have contacted Simmarket and they closed the account. However, they are not willing to do anything else until we provide evidence from the bank of how the perpetrator got accessed the credit card. 

I don't even use Simmarket to make flightsim addon purchases, so this situation is quite a surprise to me and my dad. Thank you so much for everyone who has replied in this thread. I also posted on the flightsim subreddit and got some help there as well. 

Edited by CaptReiViation
word spelling error

Share this post


Link to post
16 hours ago, rjfry said:

I would contact them I had a problem downloading a product I purchased they were very helpful and sorted it, the only worry for simmarket is that when the FSL labs thing kicked off the hacking site had simmarket on there list, Onapproach has a screenshot of the site, that has now gone the isp most likely changed.

But simmarket will help you if contact them.

Yeah, I'm have high suspicions that this may be one of the leading causes to how my dad's CC got accessed by an unknown person.  

Share this post


Link to post
6 hours ago, CaptReiViation said:

Thank you all to the replies. My dad has contacted the bank and as of right now the credit has been blocked. They will be sending a new credit card within a few days. In addition to that, the bank is also looking into this incident and will let us know further information about this whole situation. I have contacted Simmarket and they closed the account. However, they are not willing to do anything else until we provide evidence from the bank of how the perpetrator got accessed the credit card. 

I don't even use Simmarket to make flightsim addon purchases, so this situation is quite a surprise to me and my dad. Thank you so much for everyone who has replied in this thread. I also posted on the flightsim subreddit and got some help there as well. 

I would also check your AV on your PC  and do a full sweep of the system, if as you state you have never purchased any product form simmarket I suspect this hack is closer to home.

  • Like 1

Share this post


Link to post
On 3/23/2018 at 6:34 AM, pracines said:

You will see several people saying just after a purchase from simmarket, their CC was stolen. When I contacted Miguel and Pete about this, neither one cared at all. 

In other words your dads CC was stolen.

simmarket will not help you, they will flat out deny there is a problem. 

 

3

 +1 to this, it happened to me last fall after a purchase there.  I also contacted Simmarket concerning it and they denied that their system was in any way at fault. $900 CAD in fraudulent online purchases later. 

Share this post


Link to post
5 minutes ago, Dave_YVR said:

 +1 to this, it happened to me last fall after a purchase there.  I also contacted Simmarket concerning it and they denied that their system was in any way at fault. $900 CAD in fraudulent online purchases later. 

These things can happen but the banks (particularly in Canada where they are highly regulated) generally are very good about covering the fraudulent charges.

Share this post


Link to post
1 minute ago, MarkW said:

These things can happen but the banks (particularly in Canada where they are highly regulated) generally are very good about covering the fraudulent charges.

You bet, my bank was VERY good about it, they cleared it up within a couple days.

  • Like 1

Share this post


Link to post
14 hours ago, rjfry said:

I would also check your AV on your PC  and do a full sweep of the system, if as you state you have never purchased any product form simmarket I suspect this hack is closer to home.

Thank you @rjfry. I have not checked yet. I'll check as soon as possible. As of right now, I changed the password to my email and also activated the two-step process verification. So whenever my account is used and logged in a system, I get a notification on my smart phone to verify whether it was me or someone else. I've taken all the precautionary measures that I can to prevent this from happening again. I hope this situation does not occur again. 

Share this post


Link to post
9 hours ago, Dave_YVR said:

 +1 to this, it happened to me last fall after a purchase there.  I also contacted Simmarket concerning it and they denied that their system was in any way at fault. $900 CAD in fraudulent online purchases later. 

I'm very sorry that this happened to you. :(

Share this post


Link to post

I would also try to think if you had made a purchase on an account some ware with this CC on your email, a say this because I find hard to now how a hacker hacks an account that did not exist, but if you have an account were you have purchased with this CC you should contact them there site may have been hacked.  

Share this post


Link to post

You've got to be careful logging into the simmarket site. If I just do a search for simmarket with internet explorer it links me to the less secure http: site not the more secure https: site. I need to be remember to change the URL to https: before logging in.

Ted

  • Like 1

Share this post


Link to post
39 minutes ago, Ted Striker said:

You've got to be careful logging into the simmarket site. If I just do a search for simmarket with internet explorer it links me to the less secure http: site not the more secure https: site. I need to be remember to change the URL to https: before logging in.

Ted

Thanks for telling. I just realised I've always been using the unsecure site. I was fooled by the "secure" in secure.simmarked.com.

I now changed the link to https.

Henning
 

Share this post


Link to post

I'm surprise they don't force a redirect to HTTPS. It's literally a two-line Apache config change.

Cheers!

Share this post


Link to post

Ted and Luke

Thanks for the suggestion about the Simmarket website address. I did the suggested addition at the beginning of the address and it worked.

Like Henning, I also was lulled into what now seems to be a false sense of security by seeing "secure.simmarket" as part of the address, especially when compared with the "not secure" messages I had seen with some of the other retail sites I have used for flight sim purchases.

Ever since Jim Young's post about a year ago explaining the green lock and "secure" in relation to the Avsim Forums, I have been conscious of the security aspect when making flight sim purchases and I have been surprised that on a few sites the green lock and "secure" do not appear and the "not secure" message does not disappear until after the log in with details of user name and password has taken place. What's stopping someone hacking my log in details there and then using them to download products I have historically purchased?

After the suggestion worked for me on the Simmarket site, I then tried it on two other flight sim retail sites and it worked on one but not the other.

I want to see the comfort factor of the green lock when I first visit a site. Why don't all sites provide that, either via Luke's suggestion or otherwise?

Gary

Share this post


Link to post
15 hours ago, Gartro said:

Why don't all sites provide that, either via Luke's suggestion or otherwise?

I've talked to a couple of sites about this. Their attitude was that it isn't that important and didn't make the site any more secure. I don't know enough about website security to challenge that. I just wanted to bring it to their attention and was surprised at the response. It does not give me a warm and fuzzy feeling about doing business on those sites though. In fact I now only purchase products from them if I can't get them from anywhere else. I have also downloaded and saved a copy of every purchase just in case the sites get hacked.

Regarding simmarket, when you actually go to purchase something I believe the page does change to https.

Ted

Share this post


Link to post
9 hours ago, Ted Striker said:

I've talked to a couple of sites about this. Their attitude was that it isn't that important and didn't make the site any more secure. I don't know enough about website security to challenge that. I just wanted to bring it to their attention and was surprised at the response. It does not give me a warm and fuzzy feeling about doing business on those sites though.

They're not completely wrong. Generally speaking if you want to attack an e-commerce site you try and get their data from them directly, not by intercepting it in transit. It's similar to robbing a bank; you are better stealing everyone's money after hours than robbing people one by one on their way in and out of the bank.

However, HTTPS certificates are now free and having encryption is rapidly becoming the price of entry for a web site, never mind one handling financial transactions. If they can't do something as basic as HTTPS, what other important security precautions are they skipping?

Cheers!

Share this post


Link to post
11 hours ago, Luke said:

If they can't do something as basic as HTTPS, what other important security precautions are they skipping?

That was precisely the thought I had.

Ted

Share this post


Link to post
On 3/25/2018 at 3:40 PM, rjfry said:

I would also try to think if you had made a purchase on an account some ware with this CC on your email, a say this because I find hard to now how a hacker hacks an account that did not exist, but if you have an account were you have purchased with this CC you should contact them there site may have been hacked.  

Yes. Thank you very much again for this suggestion. I will make sure to do so. The email that was used is my primary email that I use regularly. In addition to this, I also changed the password and enabled google's two-step varification process on my email. So far nothing suspicious. Thank you very much again. 

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...