Fraud Intel

see also Andre's Finextra blog

ecommerce fraud

Subscribe by Email to Fraud Intel Blog

Your email:

Twitter Updates

     ecommerce fraud

    About Ethoca's Fraud Intel Blog

    This blog provides perspectives on card-not-present fraud and related topics.

    Also see: Ethoca News.

    Browse by Tag

    Archives

    Current Articles | RSS Feed RSS Feed

    Long Island Skimming Scam Spotted by Microsoft Evangelist

    Posted by Paul Paetz on Thu, May 28, 2009
      | Submit to Digg digg it |  Add to delicious  delicious |  Submit to StumbleUpon StumbleUpon |  Share on LinkedIn LinkedIn | Submit to Reddit reddit 
    From my Finextra blog

    Thinking and Awareness Needed to Stop Crime, Not Just Tech

    atm Recently, a targeted crime spree hit Staten Island with 250 Sovereign Bank customers caught up in a never-ending technological arms race between criminals and the rest of us.  This time it wasn’t the latest hacker sitting at a far away computer in the middle of the night.  Rather it was a small gang that used skimming technology and video cameras to compromise the accounts and make off with over $500,000. But for the alertness of Microsoft “evangelist”, Sean Siebel who spotted the scam while doing his own personal banking, it probably would have been millions lost before detection.

    According to banks, skimmers are rarely spotted in the wild, yet after seeing Sean on the news, another New Yorker spotted another skimmer at a Chase branch. The branch manager hadn’t heard of the scam.

    We see national news headlines about breaches and individual customer information being stolen by faceless entities in far-away lands.  We assume these scams require tech prowess and amazing skill, but it usually turns out to be as simple as a mirror and hidden video camera. Many times the response to these attacks is to add more features and functionality to our technology.  In the case of credit cards, the focus has been on Chip and PIN, especially in Europe. Soon, even more sophisticated 2-factor authentication is coming through cards with built-in single use PIN generators.

    Unfortunately, as this story shows, even the most advanced technology is easily subverted by cheap tools you could purchase at Best Buy or download for free, together with a small amount of ingenuity. mcglynn_pics_thumbnails The problem is that we place too much trust in the technology, and not enough in being alert, observant and careful. In fact, the more we rely on technology to do our thinking for us, the more complacent and vulnerable we become.

    The lesson: if your security approach is purely based on a better technology mousetrap, you are a breach waiting to happen. Don’t forget to educate your people, understand the risks you face, and always assume that the criminals will find a way around whatever technology barriers you erect.

    0 Comments Click here to read/write comments
    Tags: , ,
    All Posts