Mr Sanchos and Credit Card Fraud

[iewe]

Just want to give a heads up to folks travelling into Cozumel and want to go to Mr Sanchos. I had seen this happen to others, but it has happened to me this week. We used their website to make a deposit for their all inclusive deal. I had read that some people had their CC information stolen while there, so I used a CC that I never use -- just in case. This morning I received a fraud alert on that CC, and indeed someone had started charging things this morning and had already racked up over $400 in charges by the time I called and locked it. So, BEWARE if you are using Mr Sanchos. If you decide to go here, do NOT use a debit card. Maybe use a CC you use for NOTHING else. Personally, I am going to choose not to do business with them at all, since this has been a problem for a while, they have been notified of this issue (and obviously nothing has been done -- though I have notified them yet again that the issue is obviously still going on). I just wanted to share my experience.

 

*just to clarify, it was indeed their website, as we only used this credit card for the deposit and did not even end up going.  Nor did we use this CC for anything else.  

 

Since then I’ve heard back from Mr Sanchos and their reply was that I should just dispute the charges with my Cc company.  And that their website doesn’t ask for cc information directly and is protected by the best security.  When I explained exactly what I had to do on their website and how it did indeed ask for cc information, I received no further replies from them.  I feel that if they are not directly involved, they do indeed know it’s going on and are allowing it to happen (perhaps figuring that the tourists can just “dispute the charges”).

 

*additional information - since posting this on another cruising forum online, I have heard from three others who had the same thing happen in the past month...  

[JohninDC]

Wow! 😲 Thanks for the feedback.

[JB58Chiefs]

Thanks so much for your post!

I had already booked our deposit in the same manner when I saw your post. 😥

Kept my fingers crossed but when a few days later my cc company said my card had been compromised I just knew where it came from.  Got my new card this morning and when I went to activate it the old card had over $1,000 of charges made overnight! So as the OP said DO NOT give them your cc!!  

 

[TTEllis]

I've been by Mr. Cheetos several times on the way to NACHI, wouldn't give that place the sweat off my ass if they were dying of thirst much less my credit card number. Sorry(really) about your CC getting hijacked happens to the best of us. It's a violation and very frustrating please use this as a lesson, be smart and conservative when it comes to LAYING OUT YOUR CARD NUMBER!! Oh yeah and stick with NACHI no problems from start to finish, thats the whole idea. Take care Todd

[Organized Chaos]

Sounds like their website's been breached. The fact that they're telling everyone just to dispute the charges instead of acknowledging the problem and working to fix it, that's just flat-out wrong! We'll be in Cozumel for our first time in Dec., so I've been looking at our options. We certainly won't be giving our business to a place that doesn't appear to respect the security of its customers. So this is good to know, thanks for the heads up.

[smurfm69]

 I was thinking of getting a credit card from the store and just loading enough money on it to cover the deposit for our group. Looking at their website it seems the deposit is made through paypal only.  Is this a recent change they have made?  

[modernscarlett]

I reserved about 3 weeks ago and only could pay deposit through Paypal.

[aknguyen]

12 minutes ago, modernscarlett said:

I reserved about 3 weeks ago and only could pay deposit through Paypal.

Same here. Much like OP, we used a credit card that isn't used for anything else to pay off the balance when we got there and have had no other charges to the card since. It's been 7 weeks. Something is really amiss if the website sometimes allows for PayPal and sometimes allows for credit card use directly.

[Organized Chaos]

49 minutes ago, aknguyen said:

Same here. Much like OP, we used a credit card that isn't used for anything else to pay off the balance when we got there and have had no other charges to the card since. It's been 7 weeks. Something is really amiss if the website sometimes allows for PayPal and sometimes allows for credit card use directly.

 

Just keep an eye on that card's statement. Oftentimes when credit card numbers get stolen, they're sold on the dark web. Bad guys buy them in bulk and may not get to your card for a while. They use one until it's cancelled, then move on to the next. I know someone whose card was compromised in the huge Target breach back in 2013, but they didn't start seeing fraudulent charges until about a year after.

 

If this were me, my first suspicions would be with Mr. Sanchos themselves. It seems odd that a hacker would target the website of a Cozumel beach club. Add to that the fact that they were just telling people to dispute it, seemingly acting nonchalant about it like it was no big deal. Not to mention their payment method seems to change. All red flags to me.

[TTEllis]

On 8/4/2019 at 10:17 AM, Organized Chaos said:

Sounds like their website's been breached. The fact that they're telling everyone just to dispute the charges instead of acknowledging the problem and working to fix it, that's just flat-out wrong! We'll be in Cozumel for our first time in Dec., so I've been looking at our options. We certainly won't be giving our business to a place that doesn't appear to respect the security of its customers. So this is good to know, thanks for the heads up.

No website has been "breached" no website has been hacked, this compromise was done "in house". Mrs. Sanchos went a little swipe happy with this credit card after this individuals party left the island. It's hit or miss, she swipes the card and the charge goes through she's good, if it doesn't go through it's just another declined transaction and she goes on to the next credit card.

 

"flat-out wrong" it's credit card fraud and it's criminal.

 

"We certainly won't be giving our business to a place that doesn't appear to respect the security of its customers"

Mr. Sanchos I wouldn't piss on the place if it was on fire. They're stealing your money. 

Edited August 12, 2019 by TTEllis

[Organized Chaos]

2 hours ago, TTEllis said:

No website has been "breached" no website has been hacked, this compromise was done "in house". Mrs. Sanchos went a little swipe happy with this credit card after this individuals party left the island. It's hit or miss, she swipes the card and the charge goes through she's good, if it doesn't go through it's just another declined transaction and she goes on to the next credit card.

 

You say it’s not a security issue with the website? This is happening to people who haven’t even been there yet. Read the first post as well as the third. They used the website to pay a deposit. 

[TTEllis]

7 hours ago, Organized Chaos said:

 

You say it’s not a security issue with the website? This is happening to people who haven’t even been there yet. Read the first post as well as the third. They used the website to pay a deposit. 

That's all it takes it's hard telling how many people's cards have been hit one way or the other. 

Edited August 12, 2019 by TTEllis

[erdoran]

Best option is always to get a virtual credit card # for one-time use from your credit card company - some offer it, some don’t.  I did it a couple of times when I would make a one-time payment for one of my adult children on something, for site that ordinarily does recurring billing (e.g. subscriptions) so I could make sure I wasn’t stuck making additional payments.  

[DeborahGwaltney]

So I made a payment yesterday and it had me put in my credit card information and then afterwards sent me to PayPal to pay. I thought this was odd and then today I read this post and new my card was compromised. So I went ahead and canceled it. But my question is ... is it safe to use a credit card when we get there to pay the remaining balance ??? Is this just a problem on the website or is this happening at Mr. Sanchos beach club also?? If so  Do they take cash??? In US dollars

[crewsweeper]

Appears to be a website problem.  Mr Sanchos denies it.  But do make sure you cancelled anything charged through PayPal.  And watch your charges carefully.  You may be okay if you didn't authorize the charge on the MS site.

There's nothing on the site that says "cash only", but not a bad idea to carry and pay in cash.

 

 

[TTEllis]

On 8/21/2019 at 8:06 AM, crewsweeper said:

Appears to be a website problem.  Mr Sanchos denies it.  But do make sure you cancelled anything charged through PayPal.  And watch your charges carefully.  You may be okay if you didn't authorize the charge on the MS site.

There's nothing on the site that says "cash only", but not a bad idea to carry and pay in cash.

 

 

Brilliant post. 😉

[Organized Chaos]

On 8/20/2019 at 3:13 PM, DeborahGwaltney said:

So I made a payment yesterday and it had me put in my credit card information and then afterwards sent me to PayPal to pay. I thought this was odd and then today I read this post and new my card was compromised. So I went ahead and canceled it. But my question is ... is it safe to use a credit card when we get there to pay the remaining balance ??? Is this just a problem on the website or is this happening at Mr. Sanchos beach club also?? If so  Do they take cash??? In US dollars

 

If my card were compromised using it on their website, I wouldn't use it there in person either. There has either been a security breach on the website or someone with Mr. Sanchos (maybe multiple people) is stealing the card info. themselves. The fact that this is still happening almost a month after the OP had their experience, and who knows how long before that, proves that they don't care either way. And there's another thread about similar experiences, too. Even if they did take cash, I wouldn't encourage anyone to do business with these people. They're obviously crooked.

[TTEllis]

Please read the 4th entry on this thread. Thanks Todd

[TTEllis]

Read the 10th entry on this thread also, I just saw that one. 😄

 

Gimme a break that place. I can't say it in this forum, best I can do for you, please try and use simple common sense when your coughing up your card number especially out of the country wherever your at. If it feels funny it is, GO SOMEPLACE ELSE. 

Especially in Cozumel with all the other great options.

 

I used to go to Cozumel back in the mid 90's place at the time didn't do much for me. Boy have they stepped things up down there love that place, hadn't been in almost 20 years been a couple of times recently, can't wait to go back.

 

I walked down the beach to the pseudo resort we're discussing from another REAL resort I spent the day at and happen to be very fond of, the closer I got to Mr. Nachos the more my belly hurt(screaming kids lots of them, weird noises out of loud speakers, people running everywhere🤤, and other dreadfulness) I couldn't take anymore made a U'y and went back to Nachi. Don't walk up the beach trust me on that.

 

Edited August 23, 2019 by TTEllis

[LeeW]

Weird - in the couple of times we have booked Sanchos have never been asked for credit card for deposit.  Always Paypal.  And when ship went to a different port charge was refunded quickly.

 

Sounds more like you are dealing with a spoofed Mr Sanchos website.

[DeborahGwaltney]

So it’s their website... but I believe their website has been hacked. It had a papypal button but it wouldn’t do anything when I pushed that but then underneath that was where u put in your credit card information and then I hit continue and it sent me to PayPal to pay again and I thought that was strange until I saw this thread but I did get an email back from reservations@mrsanchos.com showing my reservation... so it was their website and I even emailed them and got an response back .... so it’s thier website.

[DebsterW]

They got me overnight last night...almost 6k in charges!!! My card is now cancelled...I made my 10.00 deposit with this card on the website.

[crescami]

Did anyone who used Paypal get a fraudulent charge?

[NKLCRUISES]

I booked through a third party site using paypal as a deposit. Saved $5 per person too and no fraud. 

[Organized Chaos]

One of two things is happening here. Either outside hackers have breached their website and Sanchos simply doesn't care to fix the problem, even though they've been made aware that their customers are being stolen from, or they are the breach and are stealing credit cards numbers themselves from their own customers. The former would mean they're grossly negligent & incompetent and the latter would mean they're thieves. Either one shows how crooked they are and that they can't be trusted. I'll certainly never do business with them.