Is This The Weirdest Identity Theft Ever?

I’ve had my own issues with identity theft over the past several years. From getting called by our lady in HR to confirm that I was still working for my employer when I was the victim of unemployment benefits fraud, to the fun adventures with the IRS and being the victim of tax return fraud. And more recently I found out that I am one of the millions of people in the U.S. whose confidential employment screening records were stolen in the OPM hack. When I found out about that I kindof laughed… now in addition to my social security number, address, employer, and whatever identifying information can be gleaned from my rather minimal social media presence… my fingerprints may have also been stolen. Suuuuuuper.

So while I signed up for the free* ID theft protection available to OPM hack victims, the reality is that by using our password database and super secure passwords, monitoring our credit scores and accounts using free tools like credit sesame and what’s offered by our credit union, and having a 7-year credit alert on my credit account, we’re probably doing just about all we could do to cover our bases. At least in terms of MY identity.

But now Mr PoP has officially joined the identity theft club. And like so many things Mr PoP does, it just had to be in a way that was supremely weird.

It All Started On Saturday…

One of the tools that I use to keep an eye on our accounts (in addition to using Mint for ~15 minutes every month) are notifications on our various credit card accounts. These are basically just triggers that shoot me an email whenever things out of our norm are going on with our accounts, in particular large purchases. On Saturday, I opened up my email and saw a large purchase notification from American Express. It said that Mr PoP had just spent $495 at Amazon.

I saw this while I was out running errands and didn’t worry about it too much, assuming that Mr PoP had finally pulled the trigger on the pricey weed whacker he had been talking about for ages (and even more often recently). Mr PoP was out of town, so I figured I’d hear about it later when we caught up and mostly forgot about it. Then later that day when I was in our Amazon account downloading a receipt for a reimbursement and noticed that there weren’t any orders on our Amazon account that day – at which point I started to get suspicious. I texted Mr PoP:

“Did you order something for $500 today? Has your cc been stolen?”

Mr PoP said he had his card with him, and that he hadn’t bought anything for $1, much less $500 on his personal AmEx since he had left on his work trip. He also confirmed that he had another personal card with him as backup, so I could go ahead and call to cancel the AmEx.

AmEx was pretty great about reversing the charge, cancelling the card, and issuing Mr PoP a new card with a new number. It only took a few minutes and I thought we were done.

Until I Opened The Mailbox On Monday

Sitting inside the mailbox was a small padded envelope with an address label to Mr PoP from Amazon. Now, I had just looked through our Amazon orders two days earlier and we weren’t expecting any purchases from Amazon… but I also knew the mystery $495 charge was from Amazon. So could these be related?

I opened the package and found these.

IMG_5651

According to Saks, those are $450 cuff links.  Which, when you add shipping and taxes, probably comes out to the neighborhood of $495… the value of the mystery Amazon charge.  But the cuff links were the only thing in the package. There was no packing slip or receipt and no way to tell who ordered them.

I called Amazon and they said with the limited information on the shipping label they were unable to trace who ordered these cuff links, but they did confirm that they absolutely did not come from our account (or any accounts that are linked to ours in any way as Mama PoP’s account is).

Me: “So what do I do with these cuff links?”
Amazon: “Well, you can donate them. Or sell them. But you can’t send them back to Amazon.”
Me: “Um… okay.”

American Express wasn’t a ton more help on the matter, either. They said they were still investigating my fraud report, and didn’t really say what to do with the cuff links, but that they were still “researching”.

So I sat on our couch with $495 worth of (according to the opinion of everyone I’ve shown them in person, kindof ugly) cuff links in my lap wondering what the heck had happened. Here’s what I knew:

  • Someone had made a charge on Saturday for $495 to Mr PoP’s credit card that went through as “AMAZON COM”.
  • Two days later we receive a package at OUR home addressed to Mr PoP (and showing HIS PHONE NUMBER on the shipping label) from Amazon Fulfillment Services containing cuff links that cost $450 + shipping + tax, but no way to tell who ordered these.

The fraudster has Mr PoP’s credit card (with security code and expiration date needed to purchase on Amazon), address, AND cell phone number and chose to order $500 (sue me for rounding up) worth of ugly cuff links and send them to Mr PoP?!? Really!?!

We Have No Idea What The Deal Is

One of my friends think it must have been one of Mr PoP’s colleagues playing a prank, since I told them in the past about a prank one such colleague played earlier this year that caused us to cancel one of his credit cards and issue a new number. I think this is unlikely. The previous prank was stupid, but not malicious. A prank like this starts to feel malicious.

Another friend thinks the fraudster must know where we live and was planning on driving to our house and stealing the ugly cuff links from the mailbox before I got home. I’m also a bit dubious on this one. Our mail is delivered pretty early in the day. These would have been sitting in the mailbox for HOURS between when the tracking notification showed they were delivered and when I got home and got the mail.

I’m inclined to think some online retailer where Mr PoP had used that card (ironically not Amazon since that card was never linked to our Amazon account) had their database hacked and that’s how the fraudster got the complete slate of Mr PoP’s purchasing info. (CC #, security code, expiration date, name, address, phone #). But if that’s the case, why the heck would they order something so ridiculous** or send it TO us?

Or maybe the cuff links and the charge are completely unrelated? Who knows?

The Silver Lining?

The charge has been reversed, and we’ll hold on to these cuff links for a month or so in case American Express is able to figure out where they came from as part of the charge dispute and needs us to send them back. But then if they don’t want them we get to decide what to do with them, so I guess that’s a plus.

Ironically, the biggest benefit to come from all this hassle is that I got to file a police report with Mr PoP as an official identity theft victim, which I’ll be able to use to get his own credit alert/freeze on his credit account. (Since *I* had been the official victim of all the previous identity theft issues, the credit bureaus wouldn’t put the alert on his account.) And having more protection on his credit account (though it wouldn’t have helped prevent this situation) can only be a good thing.

 

Has anything like this ever happened to you? What do you think the fraudster was intending with this plan?

 

* Is it really free if my tax dollars are going to pay the bill for these services?

** When I told the cop filing the police report about the cuff links, she guffawed that someone would spend that much on a pair of cuff links, much less fairly unattractive ones.

39 comments to Is This The Weirdest Identity Theft Ever?

  • Those really are some ugly cuff links. And I can’t believe they had all of that information and then had them sent to you guys. It’s like they chickened out at the last minute!
    JC @ Passive-Income-Pursuit recently posted..Jackpot!My Profile

  • That is supremely weird. Another cold comfort: at least they didn’t benefit from the theft. But so strange.

    If you have to donate, see if any organization around you does silent auction fundraisers (like the humane society). That’s common in my area, so we save nice-but-not-us stuff for those kind of events.
    Leah recently posted..ThankfulMy Profile

    • Good idea on the silent auction. There are plenty of charities around here that host those and the charity would probably get more out of them than if we just sent them in a box with other stuff to the normal donation bin.

  • MomofTwoPreciousGirls

    The first time I dealt with credit card fraud that ended with me receiving plane tickets to MY home address with another person’s name on them. The funny thing was they were tickets to New York City, which was a 35 minute train ride from where I lived! I’ve had some other issues since and they do get weirder as time goes on.

  • “When I told the cop filing the police report about the cuff links, she guffawed that someone would spend that much on a pair of cuff links, much less fairly unattractive ones.” – heh! :)

    The closest I’ve come to identity theft is receiving other people’s emails. My name is pretty common, so I’ve gotten flight confirmations and all sorts of PTA or swim club emails or optometrist/dentist appointment confirmations. The PTA emails are the most annoying! The flight confirmations were amusing though as they had “my” name on them 😉

    This is super weird though – I’m curious to hear what you guys end up doing.
    Leigh recently posted..2015 In Review: Goals, Savings, Net Worth, Investments, and Charts GaloreMy Profile

    • Oh, I get that all the time :-( I have a really simple email address (early adopted on gmail). I have spent more time than I like calling/emailing companies to get my email removed from their list. Plus, I get signed up for lots of mailing lists and such.

      Thankfully, it is always someone else’s name. But I’ve gotten airplane tickets, water bills, and all sorts of stuff, and most had lots of personal info on them. The people are really lucky I’m not into stealing their identity.
      Leah recently posted..ThankfulMy Profile

      • When you get that stuff do you ever try and track down the intended recipient and get it to them? I’ve thought about that for a couple items, but never did…

        • I was about to type out how I never had, but I did once call someone! I only left a message, but it worked okay. I had a hard time getting ahold of the company to stop receiving this person’s bills (including their payment details!), so I called the person and left a message about it.

          Normally, tho, I just contact the company and let them know that I’m not the person they’re wanting to send the stuff to.
          Leah recently posted..ThankfulMy Profile

    • I have that happen with the email address I still have with my maiden name on it (don’t have that problem with my married name since it’s really uncommon). I’ve gotten donation receipts for canadian charities, best buy warranty information for a realtor in idaho… No PTA emails, though!

  • Pat

    Those are nice geodes. But an ugly setting.

    And yes, what a weird story, no sense in it.

  • Rae

    Perhaps it was the retailer itself? In other words, they process the card and send the merchandise as if they’d received a legit order, but without the whole tedious process of having products that customers actually want to buy.

    Glad you caught it fast!

    • I wondered that, but I assume that AmEx will process our refund as a chargeback to the retailer. At that point, I imagine Amazon will be able to determine which of their affiliates had the transaction and at that point the seller is out the money and the cufflinks…

  • Heidi

    I wonder if someone was just learning their identity theft skills and this was some sort of practice?? See if things go through without having it traceable to anyone?

    My one credit card has been stolen TWICE in TWO months, while both times I still had the physical card. It’s always fun when the bank calls and asks if I just spent $1750 on a ticket with Azerbajan (sp?) Airlines, or $1050 on a ticket to Avianca Airlines…. My answer is always no, the only charges on there that are actually mine are the Boring ones, like the grocery store and bill payments LOL. $200 for make-up is DEFINITELY not me!

  • Boy those are really ugly cuff links and for $450 I think they’re way too overpriced. :)

    That’s a really weird story. I had experienced someone purchasing multiple cellphones using my PayPal account and that was reversed quickly. Recently someone purchased a plane ticket from one of the European travel websites from Mrs. T’s credit card which prompted getting a new card. Identity theft is no fun to deal with for sure.
    Tawcan recently posted..Recent buysMy Profile

    • Sounds like the European travel is pretty common – Heidi got hit with that, too! Getting a new card is annoying, but not the end of the world.

  • I seriously had to stifle a laugh here at work when I got to that photo. How bizarre! But what a great mystery! “The Ill-Begotten Cufflinks.” Sounds like a Sherlock Holmes book. You have to update if/when you find out the truth.

    The only time I had my information stolen was boring by comparison. Somebody got my credit card number somehow and used it to buy gift cards at BJs. Booor-ring.
    Norm recently posted..How Far Did You Commute? Our 2015 Commuting Methods By MileMy Profile

    • But the gift cards would have potentially been useful if they sent them to you! =)

      Re the mystery story – my best friend decided I should write to the Haggler at the NYT and have him solve it. Not Sherlock Holmes, but the Haggler’s pretty awesome.

  • Ummm WHAAAAT? That is so weird! I’m stumped as well!

    I’m a bit surprised that neither Amazon nor American Express had an immediate interest in the cufflinks being sent back to them… I mean, shouldn’t AmEx at least want something in exchange for the lost money?
    Emily @ evolvingPF recently posted..How Much Is YOUR Life Worth?My Profile

    • The cop had a good point – what’s AmEx going to do with them? If they reach a point in the dispute with the chargeback where the seller asks for them back, they might ask us to send them. But AmEx doesn’t want to end up with a warehouse of stuff like this that they then have to deal with.

  • So weird! I was a more traditional victim some 10 or 12 years back. Someone used my SON to charge a bunch of furniture from Value City. She told the fraud dept. she was my cousin, but I eventually got it sorted. No idea who she was,but we had the same first name and she lived near us (based on where the furniture was delivered).
    Frugal Paragon recently posted..How I Used A Hacksaw To Clean My DishwasherMy Profile

  • Mama PoP

    Well, I certainly hope that when Mr. PoP buys cufflinks he shows better taste and some sense of style!

    Recently, we discovered that we weren’t charged for a pair of slacks when we checked out at a local department store. We don’t want to get the cashier in trouble by showing a receipt that doesn’t reflect that purchase, but it’s weird taking something to a store and saying, “We didn’t pay for these. Can we pay now?” Will they assume that one of us pilfered the item and had a guilt attack? Or even worse, they could think that one of us stole the slacks and the spouse found out and forced a guilty confrontation with the store?

    Luckily, we haven’t had identity theft yet, but I figure it’s a matter of time. Last night I emailed pictures of both sides of my favorite credit card and both sides of my driver’s license to a hotel. That’s just asking for trouble, but it was the only way to get the job done. My plan is to get a “burner” credit card and use it for sketchy things like that so I won’t care when I have to cancel it.

  • Interesting. We have had some charges and turned off cards, but I don’t recall ever receiving the item!
    Vawt recently posted..December Travel Points UpdateMy Profile

  • Vanessa

    I’ve seen a few fraudulent purchases come in to our company (online retailer), we always catch them thankfully, here’s what most likely happened; When they swipe your information from an online purchase they also swipe the billing address, including the phone number and if you input one, your email address.

    As some websites require the billing address to match up with the one on the card they usually put that in (which makes it so much easier to catch thankfully) they probably just messed up and chose “ship to billing address”.

    • “When they swipe your information from an online purchase they also swipe the billing address, including the phone number and if you input one, your email address.”

      That makes sense. So the purchasing and shipping info likely all came from one hack.

      “they probably just messed up and chose “ship to billing address”

      And that makes the most sense so far, I think!

  • Well, that’s colorful.

    Glad you’ll be able to put a freeze on your credit bureau accounts now. It’s really inexcusable that they won’t allow you to do so unless you have evidence you’re a victim of a crime. In fact, I wonder if they gave you the straight story?

    Right now I have an ongoing mail theft issue. Bought a mailbox built like Ft. Knox but so far haven’t been able to get the handyman out here to install it. Darn thing weighs 40 pounds, so I can’t blame him…but I sure can’t put it in by myself, either.

    Geode cufflinks?? Gorgeous. Maybe you can peddle them on eBay?

    I figure Medicare and Medigap checks have likely been stolen over the past month. No way I’m ever going to be able to figure out which ones and for how much — the bureaucratic paperwork is inscrutable. So I’ll just be out however much they stole. Since tens of thousands of dollah worth of medical bills have been racked up, there’s a chance that could be quite a significant loss.

    My beloved employer — yeah, the one that pays adjunct faculty less than minimum wage — released EVERY EMPLOYEE’S name, address, social security number, date of birth, job history, educational history, bank routing number, bank account number — and, in the case of faculty members, a list of every single college course from freshman year through the end of graduate school. I had to close my credit union accounts and open new ones with different numbers; cancel direct deposit of my paychecks; and lock down all my credit bureau records permanently. I now can’t open a new bank account, get a new credit card, take out a car loan, or take a deep breath without going through the hassle of un-freezing the credit bureau accounts and then re-freezing them whenever some vendor gets around to doing its paperwork. And of course every spring there’s always concern about IRS fraud.
    Funny about Money recently posted..Obnoxious Facebook…My Profile

    • That’s crazy that you’ve had so much mail theft lately. Surely there’s got to be a way for Medicare/Medigap to find the checks that have been issued to you so far so you can cross check deposits to date. (Though perhaps I am overestimating the effectiveness of those bureaucracies!)

  • That is a bummer. We had our Credit Card skimmed one Christmas Shopping season years ago and didn’t have email alerts so we didn’t know until the bill came. We sure have alerts now. Someone bought a lot of Christmas presents that year. The season of giving. Anyway the bank reversed the charges and we got a new card. More recently we were notified that our info was stolen from the Blue Cross insurance hack a few years ago. Funny they stored it as it had been years since we used them for our health insurance. I don’t trust any cloud or web based system anymore to store personal info.
    LeisureFreak Tommy recently posted..Early Retirement Lifestyle Focused GoalsMy Profile

    • What was the Blue Cross Insurance hack? I’ve had Blue Cross for years and don’t think I was notified of being affected, though I thought I heard about another big insurer getting hacked and affecting most of my California friends last year.

      • Sorry for the late answer to your question. I believe I was notified in mid-2014. They offered us 1 year of credit monitoring for free. The hackers got into Anthem-Blue Cross /Shield and were able to get names, addresses, policy info and in some cases social security numbers. We were notified that they did not have our Socials on file. We had not had them as insurance since 2011. It may have been a regional hack and that is why you were never notified. It was a large hack however.
        LeisureFreak Tommy recently posted..Is fear a good retirement saving motivator?My Profile