[Dataloss] ID Thieves Turn Sights on Smaller E-Businesses
Dissent
Dissent at pogowasright.org
Thu Sep 28 09:41:16 EDT 2006
http://www.washingtonpost.com/wp-dyn/content/article/2006/09/28/AR2006092800333_pf.html
[...]
While public attention has remain fixed on a series of high-profile
data losses or database breaches at federal government agencies,
large corporations and universities, experts who study financial
fraud say hackers increasingly are targeting small, commercial Web
sites. In some cases, criminals are able to gain real-time access to
the sites' transaction information, allowing them to steal valid
credit card numbers and quickly charge large numbers of fraudulent purchases.
Small e-businesses offer fewer total victims, but they often present
a softer target, either due to flaws in the software merchants use to
process online orders or an over reliance on outsourced Web site security.
Cole's and Galloway's information was recorded being traded in an
online chat room by Dan Clements, co-founder of CardCops.com, a fraud
prevention service that monitors underground chat rooms where
criminals trade in stolen credit cards and information used to commit
identity theft. Clements said many smaller online merchants use
generic shopping cart software that they fail to maintain with the
latest software security patches.
[...]
Related blog by Brian
Krebs:
http://blog.washingtonpost.com/securityfix/2006/09/shopadmins_and_the_id_theft_cy.html
More information about the Dataloss
mailing list