Norton, credit card number, fraud, screw up, or other (Read 965 times)


    Not sure why I'm posting this specifically on runningahead except that I want to capture it somewhere and maybe y'all will have good input for me.


    I use Norton antivirus. Have since 2008 (side note: please don't give me advice about the worthiness/suckiness of the product. Not the point of the thread).  This morning, I got email that it had auto-renewed and my credit card had been charged.


    Hmmm.  I didn't think I had it set to auto-renew, and even if I did, there's no way that my credit card info at Norton Central could be up to date.  So I logged into my account to see what I had it configured to do.


    Turns out, per the receipt in my account, this morning, Norton charged my Mastercard ending in 6900.  This is indeed the card associated with my account. They have my name, my correct billing address and this card info.


    I do not possess a Mastercard.  I also do not possess any credit card ending in 6900. 


    Hmmm.  That's weird.  I did not put this (fake?) card into my account, ever.  But there it is in my account info.


    Of course, the "uh oh, someone has a credit card in my name!" thing went off in my brain.  I immediately checked my three credit reports.  They are clean.  AND... well, if someone is going to open a credit card in my name, why the heck would they go into my norton account and ensure that their hot credit card number is listed there?


    I suspect that Norton has scrambled account info and credit card numbers and someone else got charged.  I don't know that this would be right either, because credit card companies do a small amount of verification... either by matching the card number to the billing zip code (or full address) or using that special 3 digit code on the back... so someone's random card should have failed out when they tried to charge it with my billing address (unless they live in the same zip code maybe).


    I'm honestly a little stumped by what's going on here.


    The Norton tech support rep wasn't helpful.  The first line of defense is a random person in India (in my case, Vipul) working from a script.  (S)he didn't understand my issue and all (s)he wanted to do was refund the bad card and have me enter my new card.  Which is fine, except that it removes all the details of the real problem.  I got her/him to tell me (s)he "escalated" the issue, but whether they contact me back remains to be seen.


    I'm stumped.  What else am I not considering?



      That is really weird.   Could it be a scam by Norton to prompt you to give them a current credit card payment?  It seems unlikely that that Mastercard number is really legit.


      Running is stupid

        Seems similar to some other services which auto renew and charge to the old expired credit card, but then proceed to email/mail you for the charges.  This could just be a variant of that procedure like Ilene suggests.

          Was your licence renewed?  Have you checked your Norton account?


          Was the email sent to you in error?

          Is it possible that someone else setup Norton for their profile and provided their account number (ending in 6900) and provided your email address (accidentally used SRLopez@___.com instead of SRLopes@___.com ) when setting up the profile?  Could it be that "SR Lopes" was properly charged $xx on their mastercard ending in 6900 and had their Norton renew through 7/9/2013, but they weren't notified because you were notified?

          2018 Goals:

          #1: Do what I can do (250+ training days, 300+ aerobic hours).

          #2: Race shape - BUILD aerobic base

          #3: Race (Cincinnati MiniMarathon - 3/18, Grand Rapids 70.3 Tri - 6/10, Ironman Florida - 11/2)



            No, it isn't that kind of a scam.  They have an easy way to prompt me for payment... deactivating my firewall and av protection.  Not only did they NOT do this, but they renewed it for a year.  They (think they) got their money from this bogus account.


            (which is not to say that it is/isnt some other kind of scam)


            yes, my license was renewed for a year.  Yes, I checked my account... per the first post, this is how I know they charged a bogus card.


            I'm not going just by the email.  I'm going by what's in my norton account.  They renewed MY license, not someone else's license.  Also, my norton account is associated with my email address.  In fact, the email address is the account name.  And it is me for sure (just with wrong credit card info).  Unlike some systems, they would not allow someone else to accidentally or on purpose use my email for their account, because that email address is already my account.


              I work for a card issuer in the risk department.  This doesn't sound good.

              I don't know what I would do, though, other than de-activating that account number from your billing address and making sure there's no paper trail back to your home address with that account number from this product.

              Seems weird that the bureaus don't have your name tied to any fake account with that number (and that's a good thing).





              2018 Goals:

              #1: Do what I can do (250+ training days, 300+ aerobic hours).

              #2: Race shape - BUILD aerobic base

              #3: Race (Cincinnati MiniMarathon - 3/18, Grand Rapids 70.3 Tri - 6/10, Ironman Florida - 11/2)



                I agree, though I don't want to delete it out of my account yet because I want them to have info about the problem.


                There is a trail (an electronic receipt) that matches that account number with my billing address and me.


                There is also an active case (with a case number) in their customer service system where I am telling them explicitly "this number is not mine."  My hope is that someone smart will get back to me asap, collect reasonable information, and then we can fix the card info... including refunding the incorrect card.  The dude in India was ready to cheerfully fix the credit card number and close the case, which would have obliterated the important issue.


                I have a very common name, so I check my credit from time to time.  I have had to pull all kinds of dumb stuff from my reports before... usually medical bills for someone with a similar name that went to collection.  This one has me stumped.


                Run Fastah 2018

                  Is it possible it just isn't showing on the bureau yet bc it's too new?

                  "Don't feel like running today...suck it up and run ...you're an athlete." (John Stanton, founder & owner of The Running Room)


                  Three half marathons later, I got a number. Half Fanatic #9292. :)


                    Is it possible it just isn't showing on the bureau yet bc it's too new?


                    I suppose.


                    But still.  If someone is going to use my name to open a credit card account, why are they going to go into MY norton account and use it to pay MY bill?



                      This is likely not the reason for your case but something similar stumped me for half a day. It took me a while to realize that DW had started using one of those "virtual card numbers" to pay for stuff online...

                      an amazing likeness

                        I'm pretty confident you know all this stuff...but I'll type it, if only to give me a break from real-paying-job-stuff.


                        We can make a good guess that Symantec has a master customer record as a parent and related records (products/licenses, support calls, credit cards, email preferences, and the like).


                        Since the Account Info/Subscription status in Norton AV is telling you that the subscription was updated...we can assume that license management part is content that the billing management part as collected the money, and license management issued the renewal.


                        From your description...sounds like the billing management part of Norton has happily billed someone else's credit card for your transaction. There's another possibility, being that the billing has worked right and the reporting is coughing up bogus info.


                        You reported this to them.  I think all you can do is hope that, in  time, the other person will call and say "I don't owe you any money...what's this charge?" -- that will trigger them to look into it.


                        Personally, it would bug me that (1) there's been a hiccup in their system interfaces, and (2) they aren't willing to dig into it and get all CSI about finding the. answer. now.  and (3) that someone else may possibly be getting billed for my purchase, and (4) I got something that I didn't pay fairly for.


                        Sounds like you've made every effort to report it the problem and pay for the software you use.  It's shoulder-shrug for the next 30 days until someone in their data quality group sees things out of balance on 7/31.

                        I've done my best to live the right way. I get up every morning and go to work each day. (for now)


                          Definitely absolutely on #2.  I don't expect first tier dude in India (reading from a script) to know what to do, but I figured "the credit card number in my account is not mine" would be one of those red flashy light things that would get me bumped immediately.


                          Ah, but, today is the day that the FBI diddled with DNS stuff and knocked some folks offline.  I suspect Norton's first tier guys are busy... if not with that exact issue, dealing with people who think they may be part of that issue (but aren't).


                          But meanwhile, in the back of my mind, I still wonder if there's a bad person out there with accounts in my name.  Even if that doesn't make sense in this situation.


                          Also, like many of you, I have these issues:


                          1. I get a statement notification from Capital One in my email every month.  "Your monthly statement is ready to be viewed and paid." I have never had a Capital One account.  I've been getting these since 1997. Clearly someone opened an account and used my email address.  Capital One has repeatedly told me they can't do anything about it.


                          2. There's a Mario Lopez (assuredly not the famous one) who used my email address when he set up his apple account.  Now every time he buys something in i-tunes, I get the receipt.  Every. Single. Time.  I can see that he has tried to change the email address a few times, because Apple's system sends me a verification asking me if I'm asking for the address to be changed.  The problem is, I can't respond yea or nay because I don't have the dude's password.  So the request just fades away and nothing changes.  The Apple Geniuses refuse to do anything.  I know this is an easy fix, but they won't do anything.


                          But this one with Norton involves money.


                            I talked to my credit card fraud knowledge guy, who suggested that you work with Norton to find out the IP address that was used to make the payment.  Norton should have that information. 

                            Once they find it, and they can determine it's location, Norton's people should track that IP to determine whether there's some fraud going on from that individual with other Norton accounts.




                            Since your Norton account is separate from the transaction, you might want to change the email / password link (in case somebody has your Norton information or cracked your code).  Reverse that payment that somebody made for you, and pay it yourself.


                            And, (as you know), be aware that somebody may be trying to hack into your information.

                            2018 Goals:

                            #1: Do what I can do (250+ training days, 300+ aerobic hours).

                            #2: Race shape - BUILD aerobic base

                            #3: Race (Cincinnati MiniMarathon - 3/18, Grand Rapids 70.3 Tri - 6/10, Ironman Florida - 11/2)



                              Well, the way the transaction went, there's no associated IP.  At some point, a credit card number got plugged into my account info in their database.  When today rolled around, their "process automatic renewal" process kicked off, saw that it was my turn, and processed the credit card number in my account.  It succeeded (apparently) and they renewed my software license.  There's no IP address.


                              I agree that changing my password is a smart idea.


                              As for reversing charges and such, they have to do that.  Which was the very first thing they were going to do. I told them not to do that (yet) because I wanted their engineer folks to see the actual problem.  At this point, I have not heard back, so I will bug them again tomorrow.


                              No run...need sleepy!

                                Last year my ATM card was stolen and used to purchase minutes on a pre-paid phone plan.  They charged $100.


                                In my case the card was used online.  Since it was for a phone, the number associated with the charge was known.  I think I know the person.  But even though my card was used, and important bits of data were known and easily retrievable, I was not able to get any satisfaction.


                                My bank simply issued a new card and the case was closed.  The police filed a report but if I wanted to pursue it further I would have had to file with the State Attorney.  The police said the SA would probably deny, but even if they did the CC processor would simply ignore any legal action.  Again, leaving me with more headache and less satisfaction.


                                I have a friend who is president of a small bank.  They don't even issue ATM cards as the insurance premium is prohibitive.  He said the big banks eat millions in CC fraud.  It's simply the cost of doing business.


                                My point is this:  I agree that these types of mistakes are maddening and leave serious concerns about our safety.  I'm guessing Norton's system simply made a mistake and charged someone else.  Change your password be glad you didn't get charged.  I might not have even called them in the first place.  They made the mistake, you win!  But you probably did the right thing.


                                As a side note, I use CC for ALL transactions now.  Luckily my checking account was only dinged $100 which didn't put me negative.  Even though the bank refunded my money, if it had been more I would have had an even bigger mess to clean up.