Non-profit organizations are receiving donations from stolen credit cards, according to computer security firm Symantec. Cyber crooks are validating lifted credit card numbers by making online transactions in the form of donations to charities and other non-profit groups. The method allows thieves to test a large volume of credit card numbers quickly.
Think you have to compromise on security to save on costs? Think Again. Trend Micro™ Enterprise Security, powered by the Trend Micro Smart Protection Network™, can lower your content security management costs by up to 40%. Find out just how much you’ll save with our TCO Impact Calculator.
Credit card and ID thieves are turning to charities to help them validate credit card numbers, says computer security company Symantec (Nasdaq: SYMC).
The drill involves making a small donation to a non-profit to see if the transaction is successful, described Symantec security response engineer Yazan Gable in a corporate blog entry. If so, the scammer knows that it's a good, or chargeable, number.
"In the world of carding, where stolen credit card information is bought and sold," wrote Gable, "carders need to know if the credit cards they are buying or selling can actually be used. It is sometimes difficult for them to verify this without raising any alarm bells and risking that their cards will be identified as stolen and disabled."
Verification of credit card numbers is the single biggest challenge for carders, Gable wrote in previous reports. Stolen card information garners more or less money on the illegitimate market depending on whether or not it comes accompanied by a four-digit verification code or perhaps even an indication of the available balance.
This is not the first trend among carders looking to double-check the card numbers they have purchased, Yankee Group Analyst Andrew Jaquith told TechNewsWorld. "A couple of years ago, gasoline purchases were being used as one way to check validity," he said.
What do charities and gas stations have in common? For carders, perhaps more than meets the eye. For test transactions, thieves tend to use channels where they are personally removed from a live cashier. A quick yes or no on the transaction is essential. With charities, said Jaquith, the whole test can be conducted rapidly online, allowing carders to test a large volume of credit card numbers quickly.
In addition to bank behavior monitors, consumers themselves may not pick up on a small charity transaction when it appears on their credit card statements, Khalid Kark, senior analyst with Forrester Research, told the E-Commerce Times.
"People checking their credit card statements tend to look at bigger expenses," he noted, "and this taps into the human side of vulnerability."
Many consumers, he added, don't have time to comb through each and every line item on each and every statement they receive.
On top of that, Kark explained, transactions sometimes cannot be identified from the information provided on a statement. A vendor name might be obscured by abbreviations or a string of numbers. Thus, even consumers who are scrupulous about reviewing statements when they get them can get tripped up by a cryptic entry. If that entry is for a very small transaction, many people's tendency would be to ignore it.
Print Version
E-Mail Article
Reprints
More by Kimberly Hill
Next Article in ID Security
|
Lost Ohio Data Contains Taxpayer Info June 21, 2007 
Last week, the state of Ohio announced that a data storage device containing the personal information of tens of thousands of state workers had been stolen from the car of an intern to whom it had been entrusted. Recently, the state has expanded the circle of those affected to nearly a quarter million taxpayers, most of whom possess checks from the government they haven't yet cashed.
|
Related Stories
|
Postini to Take Up Security Detail for Google Apps July 09, 2007 
Google will purchase the San Carlos, Calif.-based on-demand Internet security provider Postini. The company announced earlier this year that it was working with Google to develop security solutions for Gmail accounts. Postini currently processes more than 1 billion messages each day.
|
iPhone: Security Predators Salivating July 09, 2007 
"The biggest threat to the iPhone right now is its popularity," says Neel Mehta, team lead of the advanced research group at IBM's Internet Security Systems. "Everyone -- for their own reasons or goals -- will be looking for security flaws." Real risk to users will start to climb the longer the iPhone is on the market.
|
Related News Alerts
More by Kimberly Hill
|
Apple's Remote: An App Near to My TV-Hungry Heart February 05, 2009 
If you think free iPhone apps are worth the price, think again -- especially if Apple is the developer. Remote is one freebie that you're going to want to use every time you turn on your TV. And keep using for hours, even if you don't make a single phone call or surf to a single Web site. There's a method to Apple's generosity: It hopes you'll never put your iPhone down.
|
Boxee Gives New Meaning to Plug and Play February 04, 2009 
If you're longing for media convergence but not yet sure you want to spend big bucks to make it happen in a still-shifting television landscape, Boxee might be just the app for you. MacNewsWorld reviewer Kimberly Hill, who's been testing the alpha release with her Mac, considers it a great way to wait until the dust settles.
|
The Plight of Advertisers in a Multichannel World January 09, 2009 
Consumers increasingly expect device independence in accessing content, indicates a new survey from Deloitte. The trend is most pronounced among younger people, but Baby Boomers and older adults -- those likely to be bigger spenders -- are also mixing it up. What's an advertiser to do?
|
Get Business and Technology News Alerts
Most Popular | Spotlight Features | Exclusives
This Week on ECT News Network | Podcasts
WiFi Hotspot Locator 
Inside TechNewsWorld
|
Reader Services
|
Corporate
|
Headline Feeds
Talkback: 
