Log in

No account? Create an account
21 October 2008 @ 09:40 am
Fraudulent charge  
Um...so I check our banking online very single day. And yesterday, there was a $300 discrepancy in our listed funds, and our "available" funds. I sat there all day trying to think of what $300 we spent over the weekend that hadn't cleared yet, and couldn't come up with a darn thing. "Maybe," I thought, "it was bill xyz." Because even though it had already cleared, sometimes places put a "hold" on funds that takes a couple of days to release. This morning, I logged on, expecting to see that discrepancy gone. Oh, it was gone all right. No discrepancy, because our account was debited for $302.30.

Now, that number feels vaguely familiar. But all of our roughly $300 bills (the truck payment, getting my car fixed this month, etc) have already cleared, and heck if I can think of anything else we've spent $300 on this month. Neither can my husband. And the company name that appears next to the transaction is: DRI MSOCON BuyUSA http support and then it trails into transaction numbers, and gives no 800 number to call - no number to call, period. Even the lady from our bank agreed that was unusual, especially in a transaction that large.

I'm pretty sure we've been the victims of identity theft. Again. But part of me is still thinking "What if this is some bill you've forgotten about?" But come on - you don't forget a charge that size. And the name isn't Comcast, or Verizon, it's some jacked up unrecognizable thing. So I'm on my way to the bank to dispute the charge and shut down our debit cards. Again. *sigh*


Since this entry has received so many hits from other people googling DRI MSOCON, I thought I would update it. 

~ YES, we were the victims of ID theft. 

~ YES, the name DRI MSOCON reflects a software purchase, most likely a Microsoft product, such as an Office update.

In our case, our card's fraud alert branch called us two days after I noticed the charge and canceled our cards.  Independently, they had noted the charge as suspicious, and were calling to ask us if we had authorized it.  I told the nice lady that no, we had not, and yes, we had already disputed the charge and canceled our cards.  she, in turn, told me that the charge was made to "a software distribution company" in Germany.  My impression was that the foreign nature of the company and the size of the transaction were what raised the red flags. 

In any case, we got the money back and our cards have been replaced with new ones.  The software company itself sounds legitimate, but the charges to it were not.  1. We use Mac, and have no need to order an update package of MS Office.  2. If we did, we would not order it from Germany.
"Connoisseurs of Difficulty"kistha on October 21st, 2008 07:08 pm (UTC)
Hope it all went well.

jomadge: PD - gangjomadge on October 21st, 2008 07:32 pm (UTC)
I posted, then removed, a panicked response because there used to be a software bootlegging operation called BuyUSA ... turns out, they're shut down. However, there's an overseas mailing company with that name: http://www.buyusa.co.nz/about/

Also an online shopping site: http://whatstobuyusa.com/

I'd still say better safe than sorry. Put a freeze on your debit card and contest the charge.
rhienellethrhienelleth on October 21st, 2008 07:59 pm (UTC)
Yeah, the whole thing is odd. The bank lady googled http support LU and came up with a gaming site, which is what happened the last time our number was stolen - someone used it to create World of Warcraft accounts in Thailand. That was about a year ago, and the charges were much smaller. This one could still be some similar scam, though.

It's just a hassle, having to do all of this. Thank God they reverse the charges without a fight.
(Anonymous) on November 6th, 2008 04:31 pm (UTC)
this just happened to me
Hi, as of the nov4 i recieved the same kinda call from my back and she the rep asked if i had made purchase from said company and my reply was not at all, and the rep said that 3 puchases was made for 567.19 3 item at the same time and day was purchased to my acct which i explained that i didnt make them i had no idea what or who the company is or what they was for there was noinfoon the company or item purchased and im still in the black on what is going on and hoping my banks fraud dept can track them down and prosocute to the fullest also along with the purchase a forgien exchange fee was added for 16. for each transaction made who are they I went to fill out pappper work on fraud and taking legal action to prosicute them
rhienellethrhienelleth on November 6th, 2008 04:34 pm (UTC)
Re: this just happened to me
If you read all the comments, you'll see that the purchase was made from a (likely legit) software distribution company, in my case, best guess is a MS Office Upgrade package.

I'm not sure what the ID thieves are then doing with all this software - repackaging and selling it illegally?

My bank reversed the charges, and I assume their fraud department is trying to track the culprits.
(Anonymous) on November 6th, 2008 09:48 pm (UTC)
Hi, I am the owner of www.whatstobuyusa.com and let me advise everyone that we are in no way involved in any fradulent transactions on credit cards.

We are a very safe and secure online shopping site under Australian laws.

We take peoples details seriously especially credit card details.

If you visit our site https://whatstobuyaustralia.com you will notice that our entire site uses a SSL to protect the entire site and not just login details or credit card details.
jomadge: SG1 - Walter - blamedforjomadge on November 6th, 2008 10:23 pm (UTC)
SSL only protects legitimate transactions. It can't detect if the person using a card is the rightful owner of the card. It's the Achilles heel of online shopping. No reflection on your company, or any other company.
(Anonymous) on November 7th, 2008 06:37 am (UTC)
Yes that is true, I wish I could come up with a way to stop it - I once thought of video recognised imaging but then everyone would have to have a webcam.

We have had heaps of scams from Nigera lately trying to get products from our sites using fradulent credit cards.

We must report to the banks at least 50 to 100 a day from our Whats to Buy Australian Site.

We were getting hammered so much we decided to remove the credit card facility and just use PayPal, Moneybookers or direct deposit for the time been - that has now stoped the scams out of Nigera. We stop purchases now out of Nigera.
jomadge: SGA - Shep - not nicejomadge on November 7th, 2008 08:51 am (UTC)
Oh, that's terrible! I'm glad to hear switching to other payment methods stopped the Nigerian scammers, but what a hassle.

I do hope technology will eventually be developed for a more permanent solution. Looks like one company is testing voice recognition:

What a world.
(Deleted comment)
rhienellethrhienelleth on October 21st, 2008 07:56 pm (UTC)
Already did. Bank card is done, and the charge is disputed. Interesting link, there...looks like he went to jail for that. Wonder if someone else took up the name?
Fatemafatema on October 21st, 2008 11:29 pm (UTC)
That's both scary and horrible. I hope you sort it all out the best you can.
(Anonymous) on October 22nd, 2008 07:31 pm (UTC)
I hope this helps
I just recently purchased Microsoft Office directly from Microsoft's site. My credit card bill showed: "DRI MSOCON BUYUSA HTTP SUPPOR..."

DRI stands from Digital River Incorporated. Which essentially is used for a ton of companies that sell their software and technology products online (http://www.digitalriver.com)

My guess would be that MSOCON stands for Microsoft Office Online. I don't know what the "CON" stands for.

BUYUSA I think is just a company that helps eCommerce syndicates like DRI sell and receive products internationally. (http://buyusa.gov)

I hope that helps.

rhienellethrhienelleth on October 22nd, 2008 07:34 pm (UTC)
Re: I hope this helps
It does, thank you! I definitely know we haven't purchased any software packages recently, or anything else from Microsoft. This confirms beyond a doubt that someone got hold of our debit information and was up to no good.
(Anonymous) on October 22nd, 2008 11:23 pm (UTC)
Re: I hope this helps
I was curious so I emailed Microsoft Office Online and they sent me this response:

Thank you for choosing the Microsoft Office Online Store.

DRI stands for Digital River Inc. and MSCON stands for Microsoft Conversions referencing your conversion from a trial order to a full version.
(Anonymous) on November 1st, 2008 08:13 pm (UTC)
Re: I hope this helps
DRI MSOCON Buyusa is a microsoft outlet. I too was confused until I read some comments on the net like Ben's (above). The problem is gang that unless the seller fully says who they are you can easily think you got ripped off. I did once get ripped off. Somehow I mistakenly signed up for some product that I did not want. They kept taking $30 out a month on my credit card till I cancelled the card.
(Anonymous) on October 26th, 2008 12:24 am (UTC)
When I bought MicroSoft Office, the charge on my card appeared as being from DRI MSOCON BuyUSA.
(Anonymous) on November 1st, 2008 10:21 am (UTC)
Happened to Google "DRI MSOCON BuyUSA" and came across your website and I questioned the charge too. It turns out for me it was Microsoft Purchase for some upgrade to Microsoft Publisher, wanted to let you know.
(Anonymous) on November 5th, 2008 05:54 pm (UTC)
I just bought office online as well and googled DRI MSOCON BuyUSA b/c I had no idea what it was. Thanks to whoever started this thread
(Anonymous) on November 5th, 2008 06:36 pm (UTC)
Thanks so much for posting your experience with this fraudulent charge. I just notice the same charge on my latest visa statement!
rhienellethrhienelleth on November 5th, 2008 06:37 pm (UTC)
It must be something new the ID thieves are doing, as many hits as this entry has received since I originally posted it.

Actually, I should update it to reflect how everything turned out.
(Anonymous) on November 6th, 2008 09:43 pm (UTC)
HI, I am the owner of www.whatstobuyusa.com and I just want everyone to know that we are in no way involved in any fradulent transactions on anyones credit cards.

We operate a very safe and secure online shopping site under Australian laws.
rhienellethrhienelleth on November 6th, 2008 09:45 pm (UTC)
Hi, thanks for posting! I don't think anyone would jump to conclusions, but just in case - the software company my card was charged to was based in Germany, and definitely had no affiliation with you. :-)
(Anonymous) on November 15th, 2008 04:59 am (UTC)
I had an odd charge pop up on my credit card statement and came across this post trying to figure out what it was...and thankfully it jogged my memory.

DRI MSOCON BuyUSA *is* a legit name - for purchasing Microsoft's Office package from their website. I'd made the purchase way back at the beginning of October and didn't remember it until now.

Just wanted to say that seeing this doesn't necessarily mean it's a fraudulent charge - if you purchased anything from Microsoft then you've been rightly charged, it's not a scam company. Of course, if you *haven't* purchased anything from Microsoft and you get this on your bill ; ; uh oh.
(Anonymous) on November 17th, 2008 02:29 am (UTC)
I have this charge as well and have not purchased anything in that amount! The only thing I have done office related was download the trial recently - but I didn't even enter my card information.
(Anonymous) on November 25th, 2008 12:08 pm (UTC)
that is what microsoft uses for software update billing
(Anonymous) on December 2nd, 2008 08:51 am (UTC)
I just received this charge on my bank account for $170, all to the DRI MSOCON-BuyUSA. I certainly have not purchased MS Office. I'm going to my bank today to sort this out.
(Anonymous) on January 25th, 2009 04:17 pm (UTC)
dri msocon
I had a similar charge for MS Office 2007, which I bought when it first came out. The email listed on the charge was from a yahoo account "andiretousignant@yahoo.com" and I found out there's a andy tousignant that works at united healthcare, which is my insurance company. Coincidence? Maybe, but the healthcare company has all the information for fraud (credit card from co-pays, phone numbers, social security and addresses).
(Anonymous) on February 19th, 2009 02:07 pm (UTC)
Credit from DRI MSOCON BuyUSA http suppor
here's an odd variation on the theme, I just received a $6.60 credit along with an "International Fee Credit" from DRI MSOCON... anybody see a credit coming back from them? I upgraded from trial to purchased MS Groove via Digital River transaction and they for some reason decided to give this small amount of money back. the problem is that my bank is entirely bewildered by this because it is a credit not a debit and it has taken an hour on the phone to find somebody to talk to.

thanks for the informative thread. this collective info was a big help in light of my bank's lack of help. plus it gave me something to read while touring the online bank merry-go-round.
(Anonymous) on February 20th, 2009 02:19 am (UTC)
Re: Credit from DRI MSOCON BuyUSA http suppor
I also just received a credit for $3.12. I upgraded a MS product months ago.
(Anonymous) on April 11th, 2009 11:04 pm (UTC)
Re: Credit from DRI MSOCON BuyUSA http suppor
I just found a charge from the exact same company while checking my online banking. I did not purchase anything for that amount $29. and change. I googled the name, read all the posts, realized it was a fraudulent charge and cancelled my card.

What I find a little peculiar is that I purchased Office 2007 via Amazon.com just recently and installed it last week, however I had used another credit card to purchase it, not the one affected.

Prior to this purchase, my daughter used my pc to download somthing for her xbox live, realized right after she clicked to download that the site was fraudulent and tried to backout and closed down the pc. When we restarted, it would not allow us to log in. It would start up, then log right off again. We had to use the recovery program and when I reinstalled my trend micro pc-cillin it found 27 problems and 5 it could not fix, but had to quarantine.

I purchased the office 2007 instead of re-installing office 2003 which I formely had on the pc. Before installing the new program, I removed the trial office 2003 version which was all that was on my pc when we recovered the pc. My office 2007 appears to be running fine, but now I am afraid that somehow, the new program I have had a worm in it, since I purchased it from Amazon.com and not directly from Micro-soft from a company called Apogeesource although they have an excellent rating. I am now wondering where they got their softward from and if it is somehow connected.
protection was on when the problem happened and set to constantly update and scan, so whatever happened got through this.
The card I purchased it on was not the card that was fraudulently charged. Before installing it, I deleted the former Office 2003 program and the trial Office 2003 program from my pc. It appears to be running fine.

(Anonymous) on April 12th, 2009 07:15 pm (UTC)
I had purchased Microsoft Office Home and Student 2007 in January, 2009, online and at the end of March, had been getting nothing but error messages when I try to use MS Office Word. Nothing had been done out of the ordinary and even friends who work for computer support services did not know how to fix the problem. I was living in Las Vegas, NV, when I purchased the product. Now I live in Elizabethtown, KY, and no longer with the credit union who issued the debit card that I used to purchased the product with. So, that's my loss. I had since uninstalled MS Office from my laptop.
(Anonymous) on July 29th, 2009 07:12 pm (UTC)
I had 3 charges on my credit cart bill. I called Microscoft and they did not have any purchases made from me for those dates and the charges.
I have changed my card number and am looking into the charges.

(Anonymous) on October 11th, 2009 03:43 pm (UTC)
DR is a Micosoft reseller. They work also with Digital River. I bought MS Office 2009 from them. The price and the charge was OK to the penny. But also I was thrown by the charge first and only this site cleared it up for me. Thanks for the site owner! They sent me also an email:

Here is the information you requested about your MSOCON-BuyUSA account.

Login Id: Aaaaa@zzzz [changed]
Password: 123456 [changed]

If you have any questions, please send an email to

Thank you for visiting our site and don't forget to visit us again at
http://buy.trymicrosoftoffice.com/buyusa/ to see what exciting new items
we have added at special rates.


Customer Care