According to the [Australian Federal Police](http://www.afp.gov.au/), it would appear that at least half a million credit cards 'down under' have been compromised and funds in excess of AUS $25 million (US $26 million) stolen. Although precise details are still coming in, it would seem likely that nothing more complicated than a bit of simple scanning for point of sale terminals which looked vulnerable was used to locate potential victims in the small retailer market rather than run the greater risk of detection by targeting banks or bigger business. Lessons learned from the Subway caper in the US last year no …

Member Avatar
Member Avatar
+2 forum 4

Black Friday has historically been a very American phenomenon, marking the start of the seasonal Xmas shopping rush and happening the Friday after Thanksgiving. In the past it has led to scenes of semi-rioting and chaos in some stores as the Walmartarati fight over bargain electrical goods. The UK got a taste of the madness yesterday, with shoppers working themselves into a frenzy at various Walmart-owned ASDA supermarket stores across the country. Some of the most violent scenes were witnessed at the West Belfast, Northern Ireland branch of ASDA where one woman was hospitalized and [reports](http://www.independent.co.uk/news/uk/home-news/asda-stores-witness-black-friday-chaos-as-fights-break-out-over-televisions-8973447.html) of pensioners being pushed …

Member Avatar
+0 forum 0

[ATTACH=RIGHT]22544[/ATTACH]Three and a half years ago, DaniWeb was reporting how [URL="http://www.daniweb.com/hardware-and-software/networking/news/218954"]stolen credit cards could be purchased online[/URL] for as little as $10 per card, complete with a guarantee that the accounts behind the cards were active, when purchased in larger volumes. So how has the market changed since the start of 2008? It should come as no real surprise, given the number of high profile data breaches which have resulted in the loss of credit card information from online databases, that the underground cybercrime marketplace has become pretty saturated with credit cards for sale. And whenever a market gets saturated …

Member Avatar
Member Avatar
+1 forum 9

[URL="http://en.wikipedia.org/wiki/Man-in-the-middle_attack"]Man-in-the-Middle (MITM) attacks[/URL] are, sadly, not news these days; they are a fact of online life. But word of how the latest SpyEye Trojan-driven MITM attacks are using clever post transaction fraud systems to effectively erase the evidence of the crime from the victims' view certainly deserve to be. Attacking online bank accounts in both the US and UK, the attacks were first spotted just before the seasonal holidays took hold by researchers at [URL="http://www.trusteer.com"]Trusteer[/URL], a security company which works with banks to protect customers from just such threats as MITM attacks. What is a MITM attack exactly? Well, simply …

Member Avatar
Member Avatar
+0 forum 2

[ATTACH=RIGHT]22459[/ATTACH]Just how desperately are you looking for love? Unfortunately, for some the answer is all too often all too desperately; to the point where common sense leaps out of the window and is quickly followed by the bank balance. According to new research by the University of Leicester in the UK, hundreds of thousands of people have already fallen to what is being referred to as the online romance scam. In what is thought to be the first formal academic study of its kind, researchers at Leicester University have attempted to measure the true scale of online dating danger from …

Member Avatar
Member Avatar
+0 forum 6

[ATTACH=RIGHT]22256[/ATTACH]England just scraped to a hard fought win against a physical and enthusiastic Argentina side in their opening match of the 2011 Rugby World Cup campaign in New Zealand. But while sports fans the world over get excited about how their country is performing in the initial pool group matches, some folk have other motives for clapping their hands with joy over the current wave of interest in Rugby Union: cyber-criminals are raking in the money with a whole host of Rugby World Cup 2011 scams. Nick Johnston, a senior software engineer with Symantec, [URL="http://www.symantec.com/connect/blogs/419-scammers-take-advantage-rugby-world-cup-fake-lottery"]has warned[/URL] that advance fee fraud …

Member Avatar
Member Avatar
+0 forum 4

A new botnet has been discovered which is not only targeting users of UK banks, but doing so in a new and worrying manner. Said to comprise of in excess of 100,000 infected machines, the Zeus 2 botnet is operated and controlled from Eastern Europe according to [URL="http://www.trusteer.com/company-overview"]secure browsing security provider Trusteer[/URL] which went public with its discovery today. [attach]16386[/attach][URL="http://www.daniweb.com/news/story261766.html"]Zeus botnets are sadly neither new or rare[/URL], however Amit Klein, Trusteer's Chief Technology Officer, reveals that this one is especially worrying as it doesn't just stop at harvesting user IDs and passwords but instead also looks for client side certificates …

Member Avatar
Member Avatar
+0 forum 2

Earlier this morning, Mercury News reported that a midlevel global supply manager at Apple, Paul Shin Devine, has been accused of accepting $1 million in kickbacks from iPod/iPhone accessory developers. He was arrested on charges of wire fraud, and money laundering, resulting in a federal indictment and a private civil suit from Apple related to the kickbacks. [ATTACH=RIGHT]16651[/ATTACH]Devine‚Äôs position within Apple meant that he was privy to sensitive trade information, which he would turn around and sell to Asian suppliers like Andrew Ang of Singapore. No specific companies were named, but they are described as suppliers of iPhone and iPod …

Member Avatar
+0 forum 0

The annual [URL="http://www.infosec.co.uk"]Infosecurity Europe[/URL] show is set to kick off in London tomorrow, which is good news for lovers of security research as the surveys are starting to flow today. Like the one conducted by the organisers of the event which reveals that banks are not to blame for credit card fraud and identity theft according to the victims of those crimes, retailers are. The survey of 1000 commuters in London suggests a veritable tidal wave of fraud and ID theft in the UK, with 44 percent admitting they had fallen victim to card fraud and 42 percent said their …

Member Avatar
Member Avatar
+1 forum 3

On Thursday, notorious computer hacker [URL="http://en.wikipedia.org/wiki/Albert_Gonzalez"]Albert Gonzalez (aka SoupNazi)[/URL] was sentenced to 20 years in prison. That is the longest sentence ever to be slapped on someone for hacking. He was accused of targeting a bunch of retail stores in the U.S. including Barnes & Noble, BJ's Wholesale Club, OfficeMax, The Sports Authority and TJ Maxx to name a few. According to [URL="http://www.law.com/jsp/article.jsp?id=1202446860357&Computer_Hacker_Albert_Gonzalez_Sentenced_to__Years"]Law.com[/URL], on September 11, 2009 [ironically] this cyber terrorist pleaded guilty to several counts of computer fraud, wire fraud, access device fraud and aggravated identity theft. It was believed that Gonzalez would hack into and steal information from …

Member Avatar
+0 forum 0

Chip and PIN credit card attack leaves banks on shaky ground according to one analyst, although oddly enough the banks appear to disagree. Researchers at the University of Cambridge Computer Laboratory have revealed how the Chip and PIN credit card security system is flawed and left vulnerable to fraud. Steven Murdoch, Saar Drimer, Ross Anderson and Mike Bond, the researchers in question, have apparently tested the 'wedge' attack scenario against cards issued by most of the mainstream banks in the UK and found them all to be equally vulnerable. Of course, this is not the first time that cards have …

Member Avatar
Member Avatar
+0 forum 3

Internet security giant Symantec has just published the latest [URL="http://www.symantec.com/enterprise/theme.jsp?themeid=threatreport"]Internet Security Threat Report[/URL], based on an in-depth analysis of global Internet traffic and email during the last six months. Beyond all the usual who is hosting what and where, how much malware is contained in spam and which threats are continuing to cause problems data, there is one truly shocking statistic buried within the 134 page document: stolen information is dirt cheap on the black web economy. The report suggests that cyber crime has become a professional, even a corporate, business. Organized crime units across the world are rolling out …

Member Avatar
Member Avatar
+1 forum 1

The other day I was on Facebook and a chat window popped up from a college friend of mine. [I]Bob: Hey there. How are u doing? Sharon: ok. you? Bob: Am not too good. Im in some kind of deep mess right now Sharon: uh oh. what happened?[/I] What "Bob" didn't know was that I was already suspicious of him by then. [I]Bob: Im stranded in London. I got mugged at a gun point last night![/I] Sure you did, "Bob." This is a classic example of the "I've been mugged!" scam that's been going around Facebook chat. A friend starts …

Member Avatar
Member Avatar
+0 forum 1

Heartland Payment Systems, one of the biggest card payment processors in the US, has been the victim of what could well be the biggest security breach of its kind. Malicious software installed onto the Heartland network could have compromised as many as 100 million transactions according to numerous emerging reports. This would dwarf the [URL="http://www.daniweb.com/blogs/entry3772.html"]TJ Maxx breach[/URL] which involved details of some 40 million credit card transactions being stolen. Apparently the hack attack at Heartland was discovered in-house last week and law enforcement agencies notified along with the credit card companies whose customers could become potential victims of the fraud. …

Member Avatar
+0 forum 0

It looks ever more likely that 2009 could indeed be the [URL="http://www.daniweb.com/blogs/entry3781.html"]year of the scam[/URL]. Symantec owned MessageLabs is warning that cases of advance fee [URL="http://www.daniweb.com/blogs/entry1198.html"]419 fraud[/URL], along with other financial scams, have spiked as we enter 2009. From December 22nd 2008, through into January 2009, the number of scams detected by MessageLabs more than doubled. The numbers show that this kind of fraud has increased from 4.2 percent to 10.2 percent during the period. That compares to just 3.1 percent during the same time last year. But that is just the start of it, according to MessageLabs which predicts …

Member Avatar
Member Avatar
+0 forum 2

India-based IT company [URL="http://www.satyam.com/"]Satyam[/URL] is facing scandal after its chairman, Ramalingam Raju, admitted he falsified approximately $1 billion of profit in the last several years. The incident, which some are calling India's Enron, may end up costing hundreds of IT workers in Australia their jobs and undermining confidence in one of the India's largest job markets. Raju, one of the original pioneers of the outsourcing industry, sent a five-page letter to Satyam's board recently outlining assuming responsibility for the cooked books and [URL="http://www.businessweek.com/globalbiz/content/jan2009/gb2009017_807784.htm"]says[/URL] he is "now prepared to subject myself to the laws of the land and face the consequences …

Member Avatar
Member Avatar
+0 forum 1

It seems that botnet usage could have been behind an increase in the number of click fraud clicks cited in the latest [URL="http://clickforensics.com/Pages/click-fraud-index.asp"]Click Fraud Index[/URL] which monitors such things. Running for three years now, the index monitors and analyses data from more than 4000 online advertisers and advertising agencies. The Pay Per Click data is collected from online advertising campaigns, large and small, across all leading search engines. The latest report suggests that while the overall industry average click fraud rate was down 0.1 percent from last quarter to 16.2 percent. it was up from the 15.8 percent rate this …

Member Avatar
+0 forum 0

Researchers at web gateway security specialists [URL="http://www.finjan.com"]Finjan[/URL] have uncovered an underground crime data exchange service which is highly sophisticated in nature. The exchange, known as SellCVV2, promotes the sale of fraudulent credit card data, offering not only volume discounts for fraudsters with bigger ambitions, but guarantees as well. According to Finjan, the site "appears to use Google's Blogspot service" and is "typical of a number of portals promoting the exchange of fraudulent card data." However, Yuval Ben-Itzhak, Finjan's chief technology officer, warns "what is apparent from the SellCVV2 site is the level of commercialization of the traders involved. Prices are …

Member Avatar
Member Avatar
+0 forum 1

A report published today by [URL="http://www.experiangroup.com"]Experian[/URL] suggests that for many a business we are still living in the dark ages as far as making sure customers are who they say they are. Furthermore, the [URL="http://www.qas.co.uk/paperchain"]Electronic Authentication: Breaking the Paper Chain[/URL] report at least partly blames those businesses for the growth of ID fraud, by relying upon fraud friendly paper documents when far more reliable digital alternatives are readily available. Looking at the numbers, 71 percent of companies surveyed claimed that ID fraud presented a significant challenge to their business yet half relied heavily on paper for authentication purposes. The break …

Member Avatar
Member Avatar
+0 forum 5

The cost-per-click model for Google ads could soon be complimented by a cost-per-action one, if the testing for this click fraud busting technology proves successful. The concept is simple enough: advertisers would only get charged when a particular action is performed rather than simply clicking on the thing. Already a growing band of volunteers advertisers have been putting the system through its paces, with a positive reaction if my sources are to be believed. However, if it is so good at combating click fraud, why is Google not going to replace the current system outright? My sources tell me that …

Member Avatar
+0 forum 0

The End.