Cards And Unsecured Business

Sony denies hackers attempted to sell back credit card database

2011-05-02T14:27:00.000-07:00

Sony has issued yet another update on the PSN situation, following the security compromise which saw the network being taken offline nearly two weeks ago.

You might recall on Friday there was some speculation on parts of the net that underground forums had alleged credit card details stolen off PSN for sale. Indeed, one report suggested that Sony itself had been offered the chance to buy back the database.

Although it’s true that the source in question was less than convinced that the supposed hackers weren’t pulling their leg and making this whole story up.

However, Sony has clarified that it hasn’t been offered the chance to purchase such a list.

On the EU PlayStation blog, Nick Caplin, Head of Communications at SCEE, wrote: “One report indicated that a group tried to sell millions of credit card numbers back to Sony. To my knowledge there is no truth to this report of a list, or that Sony was offered an opportunity to purchase the list.”

Furthermore, in a clarifying mode, Sony also went on to make a point about the passwords which were pinched off PSN.

It had previously said that these weren’t encrypted and left it at that. However, they were subject to a cryptographic hash function – in other words, they weren’t just stored in cleartext form.

We found it hard to believe that they would have been, but given Sony’s lack of any clarification regarding the passwords, everyone was rather left in the dark as to exactly what security was maintained.

Of course, that doesn’t mean your password is safe by any means. Sony notes: “When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password.”

When PSN comes back online later this week, when users log on a forced system update will ensure they change their password.

But Sony also reminds: “Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.”

By Darren Allen
http://www.techwatch.co.uk

UK Government: Fight online fraud with free iPods

2009-06-10T09:08:00.000-07:00

A senior manager in the UK Department of Trade and Industry has come up with a unique alternative to the government's ID Card scheme — give everyone in the country a free iPod installed with a digital certificate.

Patrick Cooper, head of applications and data services at the DTI, floated the idea — albeit with his tongue firmly in cheek — at a event on Tuesday, hosted by Adobe, to discuss technology predictions for 2006.

Cooper said that two of the main issues facing the IT industry are network authentication and security — particularly when using government services online. He claimed that the ubiquity of ADSL networks has come at a price — and that price is security. ISDN was an inherently more secure medium than ADSL but was too expensive to meet the needs of most consumers or small businesses.

But a mobile phone or an iPod equipped with a digital signature or digital certificate which consumers or business users plugged into their home machines would be an efficient way to solve online authentication and identity management problems, Cooper argued.

"If you had a mobile phone with a digital certificate you could dock it into your PC — an iPod with a digital certificate would also work," said Cooper. "My boss would give everyone in the UK an iPod — that would also mean there would be no reason for anyone to steal one because everyone would have one."

Cooper quipped that the iPod scheme would also be a more cost-efficient alternative to other government plans to combat online fraud, such as equipping the proposed National ID Card with a PIN or password system to enable it to work as an online authentication device.

The Government has been facing mounting pressure to combat online fraud after it emerged in December last year that the tax credit Web site had been hit by over £30m of fraudulent claims.

The cost per ID card could rise to almost £500 due to the cost of integrating the IT infrastructure with other government departments and public sector bodies, according to recent figures from the London School of Economics

"It [an iPod with a digital certificate] would be cheaper than the ID Card scheme because everyone at the London School of Economics has told us how expensive ID Cards are going to be," said Cooper.

Under Cooper's plan, giving everyone in the UK an iPod Nano would work out at roughly £139 — even before factoring in the kind of discount that Apple may offer for a bulk purchase of 60 million units.

The LSE has also calculated that integrating the ID card IT infrastructure with all the government departments and public bodies expected to use the national identity register will cost an extra £5bn to £10bn — bringing the total cost of the scheme nearer to £30bn.

According to Apple, the company sold 14 million iPods in the final quarter of 2005 and 32 million for the year in total.

http://news.zdnet.co.uk/

2009-04-23T13:33:00.000-07:00

Man Arrested For Credit Card Fraud In New York

2009-04-21T12:28:00.000-07:00

Braintree - A man giving the name Alix Z. St. Jean, 30, of Brooklyn, N.Y. was arrested at the South Shore Plaza on the afternoon of April 13 after allegedly attempting to use a fraudulent credit card to obtain 500 Euros and 1000 Pounds from the Travel Ex America international currency kiosk, Deputy Police Chief Russell Jenkins told the Forum.

Officers were first alerted to a problem at the kiosk when an employee, recognizing that the name St. Jean was using had been “flagged” for prior fraudulent transactions, pressed the hold-up alarm.

An employee informed Officer Matthew Crowley that St. Jean allegedly used fraudulent credit cards in New York, New Jersey, and earlier in the day had made an attempt at the Prudential Center.

“While speaking with St. Jean, he attempted to flee, and Officer Crowley, assisted by Officers Joseph Molloy and Thomas Molloy, chased him for a short distance before apprehending him at Milton’s,” Jenkins said. After bringing St. Jean back to the kiosk, the officers learned that he presented an Indiana driver’s license and a credit card in the name of another man.”

St. Jean was placed under arrest and charged with possessing fraudulent credit cards, passing a fraudulent card, disturbing the peace when he fled from the officers and resisted their efforts to control him, attempted larceny of the international currency, and possession of a false driver’s license.

St. Jean was held overnight on $20,000 bail pending his arraignment in Quincy District Court.

http://www.wickedlocal.com/braintree/homepage

Two People Accused For Credit Card Information

2009-04-21T03:09:00.000-07:00

Two people accused of stealing a man’s credit card information while he was eating at a local restaurant are behind bars.

March 31 at 11:02 a.m. Douglas Washington reported to police he lost his credit card at Ryan’s Restaurant, located just off Highway 45 North in Columbus, according to reports from the Columbus Police Department.

Washington told police when he called his credit card company to cancel the card the company told him four purchases were made using the card; he had not authorized the transactions. The card was used at the Shoe Department, Sports Addition, Wal-Mart and Kmart. The credit card company also told him someone attempted to use the card at Tina Watkins 45 store, located at 712 Highway 45 N. in Columbus. Washington contacted the store, and the store clerk supplied him with a description of the person who used the card. The person in question was described as a white female wearing the uniform of a Ryan’s server.

Washington told police he had been waited on by Tina Gaspar, 40, of 511 Lehmberg Road in Columbus. Gaspar was arrested Tuesday by the CPD on one count felony credit card fraud, intent to defraud.

Further investigation by Washington turned up two credit card receipts from a purchase made using his card at the Shoe Department. Police believe the purchases were made by Chase Adam Fields, 22, of 280 Thaxton Road in Columbus. He was arrested Wednesday on one count felony credit card fraud, intent to defraud.

Bond for Gaspar was set at $2,500. No bond or court hearing has yet been set for Fields.

http://www.cdispatch.com/index.asp

Petrol Station Fraud

2009-04-21T03:00:00.000-07:00

Customers at a busy petrol station have been questioned after an investigation was launched into credit card fraud.

A number of customers using the Shell garage on the Chatham-bound carriageway of Blue Bell Hill are believed to have fallen victim to card cloning.

It is not yet known how many customers have been affected. Some motorists have found withdrawals from their accounts have been made across the world, including Thailand, Malaysia, India and Canada.

Shell is now working with Kent Police and banks to investigate the matter and resolve it quickly.

One motorist, who did not want to be named, said: “I have been contacted by my bank because I have had two of my credit cards cloned. One has been used to try to withdraw cash in Thailand but the transaction was unsuccessful.

“On the other card there have been seven attempts to draw money out in Malaysia over the space of three or four days. Four of these were successful, totalling about £400.”

Det Sgt Dave Liffen of Kent Police said: “An investigation has begun into the compromise of payment cards with the full co-operation of the management at the service station concerned, and the relevant financial institutions."

http://www.kentonline.co.uk/

Safe From Credit Card Fraud

2009-04-20T05:03:00.000-07:00

Sameer (name changed) is a businessman who has always been prudent with his money. Whenever he used his credit card, he ensured that he would pay his dues back immediately.

He also made sure that he never used his credit card for expensive purchases, using cash instead. Imagine his unpleasant surprise, when he got a credit card bill showing that he had used up his entire credit limit.

On checking his statement, he saw purchases that he had never made. He went through hell trying to making payments over those purchases. Apparently, Sameer was the victim of credit card fraud.

Credit card frauds are on the rise these days. The credit card number, the Card Verification Value (CVV) or the Card Security Code (CSC), date of birth, credit card limit, residential address (stored on your card's magnetic tape) is all that is needed for someone to misuse your credit card.

Being vigilant while using your credit card is the only way of preventing fraud. Here are some tips.

Card Verification Value (CVV) or the Card Security Code (CSC)

The CSC or CVV number is a security feature for credit or debit card transactions, giving increased protection against credit card fraud. It is not embossed like the card number, and is always a group of numbers printed on the back signature panel of the card.

This provides a level of protection to the bank/card holder, in that a corrupt merchant cannot simply capture the magnetic stripe details of a card and use them later for 'card not present' purchases over the phone, mail order or Internet.

Whenever you use your card, always ensure that the transaction is completed in front of you and that no details are written down by the merchant. Do not provide photocopies of both sides of the credit card to anyone.

The card verification value (CVV) which is required for online transactions is printed on the reverse of the card. Anyone can use the card for online purchases if the information is available with them.

Using cards online

When using your credit cards for making purchases online:

* Ensure that Web site is a secure site. This can be done by checking whether the site is secured by a reputable net authentication agency like VeriSign.
* Do not click on links in e-mail seeking details of your account; they could be phishing e-mails from fraudsters. Most reputed companies will ask you to visit their Web site directly.
* Do not give out your credit card details on unknown or suspicious Web sites.

Stolen card and suspicious transactions

The first and foremost thing to do, after you have confirmed that you have lost your wallet or card or have seen suspicious transactions on your credit card statement, is to call up the bank's 24-hour call centre and deactivate the card or inform the customer service representative about the suspicious transactions.

The representative will help you file a complaint in regard to this. In case of lost cards, check if any transactions have been made on the card and if there are any; inform the bank about the ones that are not yours.

This has to be done within a particular number of days which varies between 30 and 60 days according to different banks.

Some general tips

* On receipt of a new card ensure that it is in sealed condition and that the seal is not tampered with.
* Sign on the back of your new card as soon as you receive it.
* Monitor your account regularly either on the Internet or from call centers. Also subscribe to e-mail and mobile alerts to keep track of card usage.
* Memorize your card's PIN number.
* Destroy and dispose all documents that mention the card number, such as copies of receipts, airline tickets, travel itineraries, etc.
* Personal account information should never be shared with anyone unless payment for the purchase is being done from that account.

Another important thing is keeping any useful information such as card number, expiry date, CVV number, and pin number, etc of your cards handy.

However, that does not mean that you keep the information in places where it is easily accessible. Protect your card information as you would protect your money.

Finally, always stay at least 40 per cent below your credit limit and review your account information either online or through the credit card company's call center frequently. This will help you identify any suspicious transactions immediately.

Credit cards, though an easy way to have access to money without carrying around a lot of cash can become a big liability if not used prudently and carefully. Ensure that you use the card responsibly.

http://www.rediff.com/

Scam warn from McDonald

2009-04-20T03:01:00.000-07:00

The McDonald's restaurant chain is warning of an email scam offering $50 in McDonald's vouchers in exchange for credit card and address details.

A spokeswoman said the fraud had been tried about a month ago in a less polished and less widespread form.

It had re-emerged and was now more sophisticated - the authors had managed to spell New Zealand correctly.

The latest email asks people to click through to a website not linked to McDonald's.

McDonald's New Zealand has displayed a warning on its homepage, but all yesterday the website was inaccessible because of overloading.

The spokeswoman said some customers had been deceived and had submitted their credit card details.

She said McDonald's used reputable research companies and would never request customers' bank or credit card details.

"The source of the email scam is unknown, and it has been reported to the appropriate authorities," the spokeswoman said.

http://www.nzherald.co.nz/

Pakistani credit card fraudsters nabbed

2009-04-20T01:00:00.000-07:00

Police have arrested eight alleged credit card fraudsters who they say stole almost Dh180,000 (US$49,000) from bank customers.

Brig Musa Yousuf al Naqbi, director of the criminal investigation department at Sharjah Police, said a bank employee had given the Pakistani gang confidential information on clients, which they then used to make credit card purchases. They bought Dh110,000 of jewellery and withdrew Dh68,000 in cash using this method, he said.

Having got a customer’s details, the gang would then phone the bank’s call centre, change their registered phone number to stop the victim being alerted by text message and report the card stolen. They would then use fake IDs to collect the replacement cards and start withdrawing the money in large sums and buying expensive items, said Brig al Naqbi.

http://www.thenational.ae/

Credit Card Fraud Data Worth 50p

2009-04-20T00:09:00.000-07:00

Credit card information and personal details are being traded for less than the cost of a can of cola, according to a new study.

IT security firm Symantec's latest annual security threat report revealed that criminals are buying people's card details, name, address and date of birth for just 50p.

With this information, fraudsters are able to commit identity fraud and scam large amounts of money from the cards.

Symantec chief scientist Guy Bunker warned that "there are signs of a price war developing, as online criminals find it increasingly easy to steal private details, and barter to sell them for bargain prices".

He added: "As above ground the world economy spirals, the underground economy has never been healthier."

According to UK payments association Apacs, card fraud losses reached £609.9m in 2008.

Transactions which do not require chip and pin protection - such as online payments - were the main drivers of growth in card fraud, Apacs claimed.

http://www.compareandsave.com/

Hackers Tested Credit Card Vulnerable System

2009-04-19T21:18:00.000-07:00

The number, scale and sophistication of data breaches fueled by hackers last year is rekindling the debate over the efficacy of the credit card industry's security standards for safeguarding customer data.

All merchants that handle credit and debit card data are required to show that they have met the payment card industry data security standards (PCI DSS), a set of technical and operational requirements designed to safeguard cardholder information from theft or unauthorized access.

Yet, some of the most notable data breach incidents last year targeted companies that had recently been certified as compliant with those standards, raising the question of whether the standards go far enough, or if entities that experienced a breach are falling out of compliance with the practices that led to their certification.

In a recent hearing on PCI standards at a House Homeland Security Committee panel, experts from the retail sector charged that the entire PCI scheme is only a tool to shift risk off the banks and credit card companies' balance sheets.

"The premise behind PCI -- that millions of retail establishments will systematically keep pace with the ever-evolving sophistication of today's professional hacker -- is just not realistic," said David Hogan, senior vice president and chief information officer for the National Retail Federation.

Merchants and retailers who experience a breach and are later found to be out of compliance with the PCI standards face steep fines from the credit card companies, and may eventually be forced to pay banks the costs of reissuing compromised cards.

Michael Jones, chief information officer for Michaels Stores Inc., a craft store chain, maintains that the PCI mandates were developed from the perspective of the card companies, rather than those who are expected to follow them.

For example, major tenet of the PCI standards is that hackers cannot steal credit and debit card data if retailers simply choose not to store the data. But Jones said retailers are required to store the data to defend themselves from chargebacks, a dispute that can be initiated by a bank or by a bank's customer. If a retailer cannot produce a copy of the receipt in the face of a chargeback, that retailer is forced to pay the cost associated with that chargeback, Jones said.

"This could have been fairly easily solved using a unique approval ID for each transaction, thus eliminating the need for credit card number storage by the retailer," but the credit card companies have balked at that suggestion, Jones said.

Also, while retailers that do digitally store cardholder data are required to encrypt the information, the PCI standards do not require merchants to encrypt data as it travels over their internal, private networks. This became an issue last summer, when hackers broke into the internal network of Heartland Payment Systems, a major credit card processor in Princeton, N.J. In that attack, the thieves siphoned card data by installing software that watched for and recorded card data as it was sent unencrytped over the company's internal processing networks.

"The credit card companies' financial institutions do not accept encrypted transactions" over these private networks, Jones said. "We at Michaels have asked for three years for the ability to send encrypted information to the bank. To date, this has not happened."

But Bob Russo, general manager of PCI Security Standards Council, said the council has never found a breached entity that was later found to have been in full compliance with the PCI standards at the time of a breach.

"We also recognize that the dynamic nature of any organization can render a validated system noncompliant almost immediately after a satisfactory compliance report has been issued," Russo said.

Joseph Majka, head of fraud control and investigations at Visa, said while there have been a few cases recently in which a business previously validated for compliance with PCI was a victim of a breach, "in all cases our review concluded gaps in PCI DSS controls were major contributors to the breach."

A study released this week by Verizon Business, a company routinely asked to investigate major corporate data breaches, found that in three-quarters of the confirmed breaches it investigated last year the victims were not compliant with PCI DSS or had never been audited. Another 19 percent were found PCI compliant during their last assessment.

Verizon also found that a common reason among businesses that were not compliant with PCI standards was that they failed to monitor all of their network resources or regularly test security systems and processes.

Those two findings were echoed by Nicholas Percoco, vice president of SpiderLabs, the incident response department at Chicago-based security vendor Trustwave, a company that responded to roughly 150 data breaches last year. Percoco said that in many of those cases, the attackers gained access to data through portions of the company's network that were rarely used, much less monitored or maintained.

"In many cases we investigated, the first entry points were Web pages that had 'Copyright 2005' or 'Copyright 2006' written at the bottom," Percoco said. "We talked to several entities who said they knew the sites were old and were planning to decommission them. In some cases, though, the sites had just been merged into the company's property because of some corporate acquisition, and the people in charge didn't even know the sites existed."

In addition, many of the hacks Trustwave investigated last year dealt with breaches where the attackers were present on the victim's internal networks for weeks, even months at a time. With that kind of time, attackers often will be able to write their own custom hacking tools designed to siphon financial data from the victim's computers and network, tools that could easily evade data storage protections as mandated by the PCI standards.

Percoco said his company has seen breaches involving malicious software designed to attack companies that were encrypting data as it moved from point of sale terminals to the victim's internal computer network. In some cases, the thieves intercepted card data by hacking the USB-based card readers that plug in to point-of-sale terminals, he said.

Verizon's breach report, available here (PDF), describes another advanced technique used to steal card data, called "memory scraping," which involves dumping sensitive data that is stored in a computer's memory before or after it can be encrypted.

"Criminals have re-engineered their processes and developed new tools--such as memory-scraping malware--to steal this valuable commodity," the report reads. "This has led to the successful execution of complex attack strategies previously thought to be only theoretically possible. As a result, our 2008 caseload is reflective of these trends and includes more targeted, cutting edge, complex, and clever cybercrime attacks than seen in previous years."

Regardless of the methods used by the attackers, the most important protection businesses can have in place is the ability to detect breaches quickly after they happen, said Bryan Sartin, vice president of investigations at Verizon Business.

"If there is any one thing you can always learn from a company who's been through one of these big breaches, it's the importance of the ability to react to the underpinnings of a breach before it blows up and becomes a major problem," Sartin said.

http://www.washingtonpost.com

Minimize credit card fraud

2009-04-05T10:55:00.000-07:00

1) Ask for picture identification with every purchase.

For online/over the telephone orders; take a few extra steps to validate each order. Don't accept orders unless complete information is provided - require address verification for credit card orders.

2) Be wary of orders with different "bill to" and "ship to" addresses -- require anyone who uses a different addresses to send a fax with their signature and credit card number authorizing the transaction.

3) Be careful with orders that come from free email services -- there is a much higher incidence of fraud from these services. Many businesses won't even accept orders that come through free email accounts anymore. It's easy for a scammer to open a free, anonymous email account in another person's name and then send you, the business, an order using the fake email account and a fraudulent credit card number.

4) Be careful of orders that are larger than your typical order amount, and orders with next day delivery. Crooks don't care what it costs, since they aren't planning on paying for it anyway.

5) Pay extra attention to international orders and validate the order before you ship your product to a different country.

6) If you're suspicious, pick up the phone and call the customer to confirm the order.

7) Consider using software or services that can help you fight credit card fraud online.

8) If you the business are scammed by a credit card thief, contact your merchant processor immediately and inform them of the situation.

Credit Card Fraud Prevention Tips:

1. Keep an eye on your credit card every time you use it, and make sure you get it back as quickly as possible. Try not to let your credit card out of your sight whenever possible.

2. Be very careful of who you give your credit card. Don't give out your account number over the phone unless you initiate the call and you know the company is reputable. Never give your credit card info out when you receive a phone call. (For example, if you're told there has been a 'computer problem' and the caller needs you to verify information.) Legitimate companies don't call you to ask for a credit card number over the phone.

3. Never respond to emails that request you provide your credit card info via email -- and don't ever respond to emails that ask you to go to a website to verify personal (and credit card) information. These are called 'phishing' scams.

4. Never provide your credit card information on a website that is not a secure site.

5. Sign your credit cards as soon as you receive them. Many cops write "check ID" on the back of their cards.

6. Shred all credit card applications you receive.

7. Don't write your PIN number on your credit card -- or have it anywhere near your credit card.

8. Never leave your credit cards or receipts lying around.

9. Shield your credit card number so that others around you can't copy it or capture it on a cell phone or surveillance cameras.

10. Keep a list in a secure place with all of your account numbers and expiration dates, as well as the phone number and address of each bank that has issued you a credit card. Keep this list updated.

By Alison Rauch

Craiglist and credit card fraud

2009-04-05T10:28:00.000-07:00

Two East Bay residents were arrested Thursday in Novato in connection with a credit card fraud case involving bicycle sales over the Internet.
Jonathan Cutrer, 35, of San Leandro, and Carla Wilson, 30, of Oakland, were arrested just after 6 p.m. Thursday during an arranged meeting in the parking lot at the Vintage Oaks Shopping Center with an undercover detective from the Marin County Sheriff's Office.

Detectives set up the meeting by answering a Craigslist ad as part of an investigation of credit card fraud involving the theft of four bikes valued at about $13,000 from Mike's Bikes, which has stores in San Rafael and Sausalito among its Bay Area locations.

The bicycles had been stolen and then re-sold through Craigslist, according to officials with the sheriff's office.

Detectives, who confronted Cutrer and Wilson in their parked car near Costco, found one of the bikes in the car.

Cutrer was booked into Marin County Jail on suspicion of commercial burglary, credit card fraud and a parole violation. Wilson was booked on suspicion of receiving stolen property and conspiracy to commit a crime.

Bail was set at $15,000 for Cutrer, $10,000 for Wilson. An initial court appearance is pending.

Jim Staats
jstaats@marinij.com

Credit card fraud case for college droupouts

2009-04-05T10:20:00.000-07:00

THANE: Two college dropouts from Bhiwandi who defrauded an Ambernath resident of Rs 19,000 by misusing his credit card details were arrested by the
cyber crime cell of the Thane police.

Sufiyan Ansari (24), who runs a STD/PCO centre from his home along with friends Anjum Shaikh (26) and Tariq (absconding) used the credit card details of Mahesh Bhagwan Sakpal and took the help of technology to rob him of his money.

PSI Usha Suryavanshi said, "They secured Sakpal's credit card number, the CVV number printed on the reverse and the card's validity date.'' The PSI said Tariq, who worked as an executive with a private bank and handled credit cards as well as details of the customers, had passed on the information to his friends.

The scandal came to light on December 25, 2008, after Sakpal got an SMS from the bank informing him that the money had been removed from his account. However, it took the police nearly four months to nab the fraudsters as the SIM cards were obtained by submitting false documents and photographs.

"The amount of Rs 19,000 was used to settle Sufiyan's STD phone bills. He was subscribing to a phone company which provides an M-check facility. Sakpal's credit card details were SMSed to the bank which, in turn, disbursed the amount to Airtel,'' Suryavanshi added. "Two of the mobile numbers were activated in Bhiwandi and two others at Delhi,'' Suryavanshi told TOI. Crime branch officials have held the cellphone company equally responsible for the crime.

http://timesofindia.indiatimes.com/

Credit card fraud worths Rs 2.5cr busted with 3 held

2009-03-11T12:29:00.000-07:00

NEW DELHI: 3 persons, including former direct selling agent from multi-national bank, had been arrested in a case of credit card fraud assuming Rs 2.5 crore. The accused identified by the name Gurmeet Singh Randhawa (28), Jai Narain (34) and Amit Dalal (27) allegedly laundering off money from several banks.

Randhawa, the alleged mastermind of the gang, earlier used to worked as DSA in some multi-national banks. He procured a numbers of credit card on the basis of fake bank accounts and
then in connivance with 2 shopkeeper, swiped those cards. Police seized 700 credit cards, six PAN cards, five electronics data capturing (EDC) machines and bank account papers.

Additional CP (crime) Satyendra Garg says, "The gang got credit cards issued by the multinational banks vy forged document. Randhawa contacts 2 shopkeepers who had EDC machines. Using these credit cards Narain & Dalal used to shows some fictitious sales of goods. When credit card company send the outstanding bills to the addresses of the cardholder, they found it as a fake. The money was divided between the 3 and bank had to held for losses.''

The gang had an operational for the past few years. Randhawa allegedly have 6 bank accounts on under the name of Amit Tandon.

Narain, ITI graduate diploma holder, was from Delhi. He have 2 shops in Mukundpur & Naraina. Dalal was graduate from Rohtak University and runs a garment shop in Paschim Vihar.

Times of India

Australian paying more bank fees than US and Britain

2009-03-11T05:41:00.000-07:00

AUSTRALIANS pay more in bank fees than customers in Britain and US annually, according to a new report from Fujitsu Consulting bank surveys. The Fujitsu Consulting bank fee survey of 2009 reported that Australian households are paying about $1000 a year for their banking services, while in Britain is less than $749 and less than $850 in United States.

Despite the economic downturn this year, the reports predicted that fees is going to increase about 10 percent above the inflation rate of 3.7 per cent. The study also found the following results about Australian Banks.

1.Charge higher fees for additional credit cards (higher than U.S & Britain)
2.Higher fees for overlimit credit (higher than U.S & Britain)
3..Have higher fees on their transaction accounts
3.Charge more to use ATMs overseas and for foreign transactions
4.Make customers pay higher charges for overdrafts.

"Australia has a greater range of fees and higher rates than Britain and the US, which are the most closely comparable markets to Australia." Mr North said many types of Australian bank fees were almost unheard of overseas.

"Personal loans in Britain usually have either no application fees or only $50 in Australia, banks charge $150," he said. "In Australia, banks typically charge $20 for a second credit card in Britain there is no charge, in the US they sometimes charge $3-$5 to make the card." Penalty es ftr early repayments for mortgages were another area Mr Martin said Australians were getting slugged, compared with overseas.

"Consumers are being charged up to $2000 for early repayment, whereas in the US and Britain they almost don ’t exist," he said. Even when British and US banks do charge similar fees, their Australian counterparts charge more. "When you spend over on your credit card in Australia, banks charge penalty rates which are higher than is charged overseas."

"In Britain, the Government has stepped in to regulate fees to make sure they correspond to the costs to the bank, but there is no requirement for bank charges to bear any relationship to the actual cost here," he said.

The news comes as a banking expert says that Australian banks are "regaining pricing power" in an ominous sign that they may start to hike charges even more in the coming months.

David Morgan, former boss of Westpac, said the withdrawal of many foreign banks and weakness among the non-banks meant that the big players could consolidate their position and raise prices.
Even taking into consideration increased funding costs, Mr Morgan said these extra expenses could generally be passed on to consumers.

Choice spokesman Christopher Zinn said the fact Australians pay the highest fees comes as little surprise.

Summaries from
Cairns Post, Queensland,
Australia

Late payments hit UK firms

2009-03-09T12:44:00.000-07:00

Around 46 per cent of UK firms have reported a sharp slowdown in the speed of debtors’ payments for goods and services, a new survey claims.

Creditsafe’s study on the problem of late payment found that these firms saw payments slow in the last three months of 2008, while 33 per cent said they now have to wait more than 30 days beyond the terms and conditions to get paid.

Some 66 per cent of firms said they were owed debts which had not been paid within the period set out in the terms and conditions of contracts. Creditsafe surveyed 658 businesses between 1 December 2008 and 20 February 2009.

David Knowles, marketing director of Creditsafe, said: "Delaying the payment of invoices has become part of the business culture in the UK. Companies hold onto cash as long as possible to earn interest and contribute to their liquidity position. The knock-on effect of this practice on the businesses they deal with has, up until now, has been mitigated by the widespread availability of credit from the banks."

He added: "Now this access dried up, late payment is becoming an issue which threatens to have disastrous consequences for some UK businesses."

Creditsafe’s survey emerged after figures from the Confederation of British Industry (CBI) last week showed that tightened access to credit was hitting UK businesses hard. The CBI’s second monthly Access to Finance Survey, conducted in February, found that almost 60 per cent of firms that sought new or renewed finance lines said its availability had deteriorated in the past three months. Around 41 per cent had seen no change and no firms saw an improvement, giving a balance of -59 per cent.

Knowles said many companies are holding onto their money for even longer as they try to protect their cash position during the recession.

He added: "Others are facing liquidity issues and business payments are slowing down further at just the wrong time. Disruption to business cashflow is one of the biggest contributors to company insolvencies and when combined with more limited access to credit facilities may put thousands of businesses at risk of going under."

http://www.credittoday.co.uk/news/index.cfm

An Inside Look at Credit Card Fraud

2009-03-09T10:19:00.000-07:00

Since 2005, hackers and thieves have stolen more that 140 million credit card numbers, which resulted in $67 billion in annual losses. Credit card fraud and identity theft are running rampant and will probably only get worse with the troubled worldwide economy.

Do you ever wonder how crooks obtain access to credit card information that allows them to use stolen cards? The network of credit card fraudsters is worldwide in nature and is driven by a relatively small number of sophisticated hackers and thieves.

We found a fascinating article published by Wired Magazine called One Hacker’s Audacious Plan to Rule the Black Market in Stolen Credit Cards. The article goes into detail about how one entrepreneurial hacker tried to take over the business of trafficking stolen credit card numbers. This is an article that is well worth the time to read from start to finish.

The article focuses on the criminal career of a very knowledgeable and ingenious hacker named Max who launched a plan to take over the carders marketplace, which includes a number of underground web sites where criminals buy and sell stolen credit card numbers, Social Security numbers and other data essential for credit card fraud and identity theft. Some of these web sites have thousands of members. The culprit hacked the major carders sites and after stealing all of their ill-gotten data and member lists, consolidated it into his own web site where he sold the data.

Buyers and sellers of credit card numbers are global in nature and can be found in almost every country. A recent 2008 bust of one network of card hackers found that 41 million credit card numbers had been stolen. Members of the gang included hackers from the USA, Ukraine, China, Estonia and Belarus.

The article is essentially a tutorial and an inside look into how credit card fraud occurs. It is no longer just a simple matter of a waiter or waitress stealing a carbon copy of a credit card receipt or taking a snapshot with a cell phone. Today they may have pocket-sized credit card skimmers that capture the information from the magnetic stripe on the back of a card. This information is called a dump and is very valuable, because the information is from a verified valid card that may be used to fraudulently purchase goods online before the customer leaves the restaurant.

Credit card information is spread across so many networks that it is difficult to secure the data. Max and his crew also went after primary sources of data, such as banks and credit unions. He used the FDIC’s web site to target small banks and credit institutions that were not likely to have sophisticated security in place.

The team managed to produce physical credit cards using stolen numbers. The cards were complete with raised numbers and holograms. The phony cards were then used to purchase luxury goods, such as expensive ladies leather handbags, shoes, watches, etc., that could easily be fenced or sold on eBay.

There was no shortage of guts with Max and his associates. At one point, they send e-mails to several employees at Capital One. The e-mail provided a link and indicated that their name was mentioned in a report that ran in Financial Edge regarding a leak of customer records from Capital One. Financial Edge was one of Max’s phony web sites and when employees at Capital Once clicked on the link to view the article, they were presented with a blank screen. While they were wondering what that meant, Max send malicious scripts through the employees Internet connection to Capital One’s systems. The exploit was discovered and stopped, and there wasn’t any leak of customer information, but there could have been if Capital One did not identify and stop the hack attempted by Max.

Max was eventually busted and now faces 30 years to life in prison. His sentence will be particularly harsh due to new sentencing laws for credit card fraud, and also due to the fact that he had been busted and imprisoned multiple times in the past for credit card theft and similar crimes. Every time he got out of prison, it didn’t take long before Max was back doing what he did best–finding more sophisticated methods for stealing credit card information.

For every credit card scammer who gets caught and put behind bars, there are hundreds or possibly thousands of other credit card hackers who do not get caught or are operating in countries beyond the reach of western governments. The bottom line is that you can do everything in your power to protect your identity and your credit card numbers, but there are always ways for hackers to obtain the information that are beyond your control. It is wise to scrutinize your credit card statement every month and report any suspected case of credit card fraud to the credit card company.

http://www.homedefensehq.com/

FBI tips for avoiding internet fraud

2009-03-09T09:20:00.000-07:00

Chicago's one from the finest lawyers, Peter S. Lubin & Fraud Consumer lawyer, Vincent Ditomasso had wrote a very good articles regarding FBI tips for consumers to avoid internet fraud.
The FBI maintains a number from web pages on fraud & internet fraud topics. The FBI web page on internet fraud provides tips for avoiding those scams "to protect yourself & your family from various forms from Internet fraud." The following are the tips provided on the FBI's web page:

Avoiding Internet Auction Fraud

Understand as much as possible about how the auction works, what your obligations are as a buyer, & what the seller's obligations are before you bid.
Find out what actions the web site/company takes if a problem occurs & consider insuring the transaction & shipment.
Learn as much as possible about the seller, especially if the only information you have is an e-mail address. If it is a business, check the Better Business Bureau where the seller/business is located.
Examine the feedback on the seller.
Determine what method from payment the seller is asking from the buyer & where he/she is asking to send payment.
If a problem occurs with the auction transaction, it could be much more difficult if the seller is located outside the US because from the difference in laws.
Ask the seller about when delivery can be expected & if there is a problem with the merchandise is it covered by a warranty or can you exchange it.
Find out if shipping & delivery are included in the auction price or are additional costs so there are no unexpected costs.
There should be no reason to give out your social security number or drivers license number to the seller.

Avoiding Non-Delivery from Merchandise

Make sure you are purchasing merchandise from a reputable source.
Do your homework on the individual or company to ensure that they are legitimate. Try to obtain a physical address rather than merely a post fromfice box & a phone number, call the seller to see if the number is correct & working.
Send them e-mail to see if they have an active e-mail address & be wary from sellers who use free e-mail services where a credit card wasn’t required to open the account.
Consider not purchasing from sellers who won't provide you with this type from information.
Check with the Better Business Bureau from the seller’s area.
Check out other web sites regarding this person/company.
Don’t judge a person/company by their web site.
Be cautious when responding to special fromfers (especially through unsolicited e-mail).
Be cautious when dealing with individuals/companies from outside your own country.
Inquire about returns & warranties.
The safest way to purchase items via the Internet is by credit card because you can fromten dispute the charges if something is wrong.
Make sure the transaction is secure when you electronically send your credit card numbers.
Consider utilizing an escrow or alternate payment service.

Avoiding Credit Card Fraud

Don't give out your credit card number(s) online unless the site is a secure & reputable site. Sometimes a tiny icon from a padlock appears to symbolize a higher level from security to transmit data. This icon is not a guarantee from a secure site, but might provide you some assurance.
Don't trust a site just because it claims to be secure.
Before using the site, check out the security/encryption sfromtware it uses.
Make sure you are purchasing merchandise from a reputable source.
Do your homework on the individual or company to ensure that they are egitimate.
Try to obtain a physical address rather than merely a post fromfice box & a phone number, call the seller to see if the number is correct & working.
Send them e-mail to see if they have an active e-mail address & be wary from sellers who use free e-mail services where a credit card wasn’t required to open the account.
Consider not purchasing from sellers who won't provide you with this type from information.
Check with the Better Business Bureau from the seller’s area.
Check out other web sites regarding this person/company. Don’t judge a person/company by their web site.
Be cautious when responding to special fromfers (especially through unsolicited e-mail).
Be cautious when dealing with individuals/companies from outside your own country.
The safest way to purchase items via the Internet is by credit card because you can from then dispute the charges if something is wrong.
Make sure the transaction is secure when you electronically send your credit card numbers.
You should also keep a list from all your credit cards & account information along with the card issuer’s contact information. If anything looks suspicious or you lose your credit card(s) you should contact the card issuer immediately.

Avoiding Investment Fraud

Don't invest in anything based on appearances. Just because an individual or company has a flashy web site doesn't mean it is legitimate. Web sites can be created in just a few days. After a short period from taking money, a site can vanish without a trace.
Don’t invest in anything you are not absolutely sure about. Do your homework on the investment to ensure that it is legitimate.
Do your homework on the individual or company to ensure that they are legitimate.
Check out other web sites regarding this person/company.
Don’t judge a person/company by their web site.
Be cautious when responding to special investment fromfers (especially through unsolicited e-mail).
Be cautious when dealing with individuals/companies from outside your own country.
Inquire about all the terms & conditions.
If it sounds too good to be true it probably is.

Avoiding Business Fraud

Purchase merchandise from reputable dealers or establishments.
Try to obtain a physical address rather than merely a post fromfice box & a phone number, call the seller to see if the number is correct & working.
Send them e-mail to see if they have an active e-mail address & be wary from those that utilize free e-mail services where a credit card wasn't required to open the account.
Consider not purchasing from sellers who won't provide you with this type from information.
Purchase merchandise directly from the individual/company that holds the trademark, copyright, or patent.
Beware when responding to e-mail that may not have been sent by a reputable company.

Avoiding the Nigerian Letter Scam

Be skeptical from individuals representing themselves as Nigerian or foreign government from officials asking for your help in placing large sums from money in overseas bank accounts.
Do not believe the promise from large sums from money for your cooperation.
Guard your account information carefully.

Businessman acquitted of credit card fraud

2009-02-20T12:30:00.000-08:00

KUALA LUMPUR: A businessman was acquitted and discharged without his defence being called by the Sessions Court here yesterday from a charge of having used a fake credit card to purchase goods at Carefour Wangsa Maju, in 2005.

Judge Rosbiahanin Arifin made the decision after finding the prosecution had failed to prove a prima facie case against Lee Chuan Tein, 40, and also had failed to produce a material witness in the case.

"Besides this, there is also no solid evidence the credit card belonged to the accused," she said.

Lee, from Sungai Buloh, Selangor, was alleged to have been in possession of a Visa credit card in the name of CK Lai. which he knew was a fake and intended to use it to cheat the hypermarket.

He was alleged to have committed the offence at Counter 23, Carefour Wangsa Maju here at 11.20 pm on Feb 25, 2005.

He was charged under Section 474 of the Penal Code which provides for jail up to 20 years and fined, if convicted. - Bernama

Warning over telephone credit card fraud

2009-01-11T20:07:00.000-08:00

TERIES have been warned to be on the alert after fraudsters conned £400 out of a Hawick pensioner.
The lady, who does not wish to be named, was duped into revealing her credit card details over the phone after being told she had won a holiday. The caller said they were from credit card giants Mastercard and that the holiday was a reward for prompt payment of her bills.

Her daughter told the Hawick News: "My mum kept telling them on the phone that she didn't think this was right, but they passed her onto three different people, including a supposed executive and they persuaded her to give over her details. They just made her feel that it was true and real."

The elderly lady was told the so-called "free" holiday would cost between £270 and £280, but when the credit card was subsequently contacted, the £400 sum had been lifted.

Her daughter added: "It's all in the hands of the credit card company now and they're treating it as fraud. My mum was lucky because she hasn't a big credit limit, but I'd hate to think of this kind of thing happening to other people."

By Gavin Gibbon

Local credit card numbers stolen

2009-01-11T20:04:00.000-08:00

Two men are in custody and under investigation by the FBI in an identity theft scheme that victimized 2,500 Cache County residents, Smithfield police officials said Wednesday.

In late 2008, San Francisco police served a search warrant on a Bay Area hotel room where detectives found multiple computers and a machine that manufactures magnetic strips used on the back of credit, debit and gift cards, Det. Travis Allen said.

In the computers’ hard drives were the credit card numbers of Cache County residents, many of whom had been notified by their banks of fraudulent charges on their accounts, Allen added.

Smithfield police say they received an unusual number of credit card fraud claims in the fall of 2007.

“We finally found one common factor among everybody that was calling us: They had all used the Family Fun Box,” Allen said.

The DVD-dispensing machines were located in the Summit Creek Sinclair gas station and Lee’s Marketplace in Smithfield. A third operated in the Wellcome Mart in Wellsville.

“We thought maybe somebody had a credit card reading device attached to the machine,” Allen said. “We couldn’t find anything and thought, maybe it’s being internally hacked somehow.”

Smithfield police learned the machines store no account information but encrypt card numbers before sending them to a merchant processor in Dallas, Texas.

The company, Teleasy Corporation, told Smithfield police its servers had never been hacked and that it would know if they had, Dunn said.

Police reports show the unauthorized charges were taking place in Northern California, Illinois, even Spain.

“We did find some instances where someone had gone to a boat shop in Florida and spent several thousand dollars,” added Allen. “In Smithfield, I think we had about 55 victims and over $100,000 in losses.”

Investigators extracted a hard drive from one of the DVD machines and sent it to a computer forensic lab in Salt Lake City where specialists told police there was no evidence of local tampering.

“They could show no compromise to the hard drive,” said Allen. “One thing we don’t know is how the suspects obtained the information.”

Allen presented his findings to the Utah Attorney General’s Office and later to the FBI’s Cyber Crimes Task Force.

Information was distributed to national law enforcement agencies and a tip came when police in California responded to a Longs Drug Store where an individual was allegedly trying to use a gift card that was traced back to a stolen credit card number, Allen said.

An investigation led to the search of a Bay Area hotel where two males were arrested and charged with various crimes, Allen said.

Smithfield police say the names of the individuals have not been released at the request of the U.S. Attorney General’s Office.

“Travis has done an exceptional job on this case” said Smithfield Police Chief Johnny McCoy. “And through the course of that, we’ve identified 2,500 victims just within our area.”

Todd Durrant, owner of the three Family Fun Box machines, said Friday he’s stopped running his business.

“The machine at Lee’s was half my business,” he said. “And when that was gone I didn’t have the income and still had loans to pay on the machines.”

Durrant said he experimented with a cash-based membership card for customers who still used the kiosks but business slowed.

“I would love to see whoever does this kind of crime get what’s coming to them,” he said. “They don’t even see the faces of the people they hurt.”

By Matthew K. Jensen

Fruit pickers accused of credit card scam

2009-01-11T20:01:00.000-08:00

A GROUP of former fruit pickers has appeared in court charged over their alleged involvement in a credit card fraud syndicate.

Two of those accused appeared in Brisbane Magistrates Court today and four more are expected to appear this afternoon.

It's alleged the six - who were former fruit pickers - found themselves without money and were recruited into a Malaysian credit card fraud syndicate.

The accused were then allegedly given fake credit cards and sent into Queensland shops to buy gift cards, electronic goods and other items.

Two of those arrested have overstayed their visas.

New generation of Russian hackers pose a global threat

2009-01-11T20:00:00.000-08:00

Not long ago, the simple, anonymous thrill of exposing chinks in American software was enough of a payoff for a Russian hacker.

Today it ’s cash. And almost all the targets are in the United States and Europe, where Russia ’s notorious hackers pilfer online bank accounts, swipe Social Security numbers, steal credit card data and peek at e-mail log-ins and passwords as part of what some estimate to be a US$100 billion-a-year global cybercrime business.

Arid when it ’s not money that drives Russian hackers, it ’s politics with the aim of accessing or disabling the computers, websites and security systems of governments opposed to Russian interests.

That may have been the motive behind a recent attack on Pentagon computers.

A new generation of Russian hacker is behind America ’s latest criminal scourge.

Young~ intelligent and wealthy enough to zip down Moscow ’s boulevards in shiny BMWs, they make their money in cybercubbyholes that police have found impossible to ferret out.

From behind the partition of anonymous online hacking forums, they boast about why they use their program savvy to spam and steal, mostly from the west.

~Why should I take a regular job after graduating and exert myself to earn just US$2,000 a month, rather than grab this chance to make money?" says a Russian hacker on a cybercrime forum that specialises in credit card fraud.

~1t makes sense to get as much as you can, as quickly as possible, rather than wasting time working for someone else." Cybercrime, by some estimates, has outpaced the amount of illicit cash raked in by global drug trafficking. Hackers from Russia and China are among the chief culprits, and the threat they pose now extends far beyond spain, identity theft and bank heists. Besides the recent attack on computers at the US Defence Department which may have originated in Russia, according to military leaders in Washington, Russian hackers are also believed to be behind highly co-ordinated attacks that brought down government websites in Estonia in 2007 and in US-allied Georgia when war broke out between Russian and Georgian forces in August.

They are even suspected of hacking into the computer systems of Barack Obama and John McCain during the US presidential campaign; technical experts hired by Mr Obama ’s campaign suspected the attacks may have come from Russia or China, according to Newsweek.

So far there has been no evidence of a link between the Russian government and any of the attacks on American, Georgian and Estonian websites and computers.

Nevertheless, the need to step up security of American cyberspace is being discussed with greater urgency in Washington. Last month, a commission on cyber-security delivered a report to Congress calling for the creation of a new White House office that would gird the US against computer attacks from hackers and foreign governments.

According to the commission, unimown foreign entities" in 2007 hacked computers at the departments of defence, homeland security and commerce, as well as Nasa. Hackers broke into Defence Secretary Robert Gates ’ unclassified e-mail and probed Defence Department computers "hundreds of thousands of times each day", said the commission, a panel of leading government and computer industry experts.

A senior State Department official told the commission that the department had lost thousands of gigabytes of data due to computer attacks, and among the homeland security divisions reporting computer break-ins was the Transportation SecurityAdministration, which provides airport security.

After the Soviet collapse in 1991, Russian hackers were primarily motivated by mischief. Now, most hackers in Russia are in it strictly for the money. Cybercrime gangs approach computer program graduates from Moscow ’s technical universities with offers of making sums of US$5,000 to US$7,000 a month, a far cry from Russia ’s average monthly salary of US$640, says Nikita Kislitsyn, editor of Hacker, a glossy Russian magazine with how-to information for budding hackers.

Russian police departments have cybercrime divisions, but arrests of major cybercriminals are rare.

"It comes down to a question of volume," said Steve Santorelli, investigations director at Team Cymru, a Burr Ridge, Illinois-based internet security research firm. "In Russia, there simply aren ’t the resources." McClatchy-Trjbune

New Sunday Post,
Hong Kong

ID check leads to alleged credit card fraud

2009-01-11T19:57:00.000-08:00

Alert police arrest woman at Park Royal

A chance encounter at the mall led West Vancouver police to uncover an alleged credit card fraud and identity theft operation in Vancouver on Dec. 20.

A New Westminster woman has been charged with fraud and possessing stolen property in connection with the investigation.

"Everything's really bizarre in how it came together," said police spokesman Cpl. Fred Harding.

A pair of astute police officers on duty at Park Royal Shopping Centre recognized Heidi Mills, 35, as someone suspected of criminal activity throughout the Lower Mainland.

The two constables were called to the mall at about 7 p.m. to remove a man who had refused to leave a store and was yelling loudly. Not long after they arrived, Mills approached the officers -- she knew the noisy man, and had been with him earlier that day.

"One of the officers immediately recognized who she was," Harding said.

After a search, the constables discovered that Mills was carrying allegedly stolen credit cards and fraudulent identification. They followed her to her pickup truck, where they noticed several newly purchased items that they now believe had been purchased with stolen credit cards.

Later that day, police searched a rooming house in the 3500-block of Kingsway in Vancouver, and found about 20 complete identity packages, including credit cards.

"They found everything to create fraudulent identities such as names, addresses, phone numbers, dates of birth, social insurance numbers and credit cards," said Harding.

Officers seized a laptop computer with a printer attached, which they believe was used to create the phony IDs. They also seized boxes of electronics, toys and DVDs, all allegedly purchased with fraudulent identification.

"This is one of those mixtures of great police work, great timing, and just everything was coming into play," Harding said. "We have removed, hopefully for some time, the kind of person who preys on the vulnerable and those who least expect it, which is you and me."

Mills is also facing charges of unlawful confinement, robbery, assault with a weapon, uttering threats, and breaking and entering, all related to a separate incident in Vancouver.

She made her second appearance on both sets of charges in Vancouver provincial court on Dec. 23. The police investigation into the fraud operation is continuing. Police suspect that other people might have been involved.

Australia new soft target for criminals

2009-01-11T19:56:00.000-08:00

POLICE are investigating possible links between a Malaysian criminal organisation and the discovery of hundreds of counterfeit credit cards and machines used in their productionin southeast Queensland.

While police believe credit card fraud is a growing problem worldwide, Detective Superintendent Brian Hay from the state fraud and corporate crime group said activity originating in Malaysia was of particular concern to investigators in Australia.

"Malaysia has been an epicentre for card skimming operations and counterfeit card production for some years now," he said.

"Since the Malaysian Government introduced chip/PIN technology on their credit cards within Malaysia they (the criminal groups) have had to look for other places to ply their trade." Det-Supt Hay said although police had been investigating the most recent cases of alleged fraud for several months, investigators had been aware of Malaysians linked to co-ordinated crime syndicates operating in Australia since 2000.

"We are seeing more activity, however, in the last 12 months.

Australia still predominantly relying on magnetic striped data on our credit cards makes us a soft target."

Gold Coast Bulletin,
Queensland,Australia

Update: Hatfield family's Christmas joy hit by credit card fraud

2009-01-11T19:54:00.000-08:00

A MUM-OF-FIVE is warning people to be on their guard after she became the victim of card fraud just a week before Christmas.

Michelle Denty, from Hatfield, had stopped at a petrol station on Wednesday morning to use a cash machine.

And to her horror, she found £250 had been removed from her account.

Mrs Denty told the WHT what happened next.

"I immediately rang Nationwide," she said.

"They told me the money was taken out at 6.30am in Harlow, but I was sorting the children out at home then."

The 27-year-old was told it appeared her cashcard had been cloned, but she cannot recall a time when this could have happened.

She added: "I am normally very vigilant when I go to the cash machine and I always shield my PIN."

Mrs Denty, of The Downs, described the fraud as "upsetting" and said it had put a "major dampener" on her festive preparations.

"My husband is on the minimum wage, so we rely on tax credits to help us pay the bills," she said.

"We are on a very limited budget now for Christmas.

"The children now won't be able to have the extras I would hope to have been able to give them."

She also gave the following advice: "Be very vigilant and on your guard when using a cash machine."

Nationwide Building Society would not comment about Mrs Denty's individual case, but a spokeswoman said: "Where suspected fraudulent activity has taken place, Nationwide will investigate the case fully and refund all account holders who have been innocent victims of fraud.

Two charged in credit card theft may be part of larger fraud ring

2009-01-11T19:53:00.000-08:00

ROSEVILLE -- Police have charged two Detroit men for trying to buy more than $2,000 in goods with a stolen credit card, officials said today.

Police believe Reshaun Keith Palmer, 29, and Will Deshawn Lynn, 27 are part of a larger identity theft and credit card fraud ring and continue to investigate, Deputy Police Chief James Berlin said.

Palmer was charged with receiving and concealing stolen property, a four-year felony, and conspiracy to commit credit card fraud, also a four-year felony, Berlin said.

Lynn was charged with credit card fraud, possession of stolen credit card, a four-year felony, and identity theft, also a four-year felony, officials said.

Police arrested Palmer and Lynn at about 8 p.m. Friday after the two suspects tried to buy $2,000 in merchandise from the Meijer store at 13 Mile and Little Mack.

The men were using a fake driver's license and a stolen American Express credit card, police said.

At the time of the attempted purchase, the suspects became suspicious when a store employee delayed the transaction to enable police officers to arrive.

The suspects fled and were spotted in a vehicle traveling westbound on Interstate 94.

Police stopped the vehicle, were able to determine the occupants were the suspects they sought and arrested them. Police also recovered about $3,500 in merchandise purchased fraudulently from other retailers, Berlin said.

You can reach Charles E. Ramirez at (586) 468-2905 or cramirez@detnews.com.
Charles E. Ramirez / The Detroit News

Two M’sians jailed in Vietnam for credit card fraud

2009-01-11T19:51:00.000-08:00

HANOI: Two Malaysians were sentenced to seven years in prison on Wednesday by a Hanoi court on charges of using fake credit cards, the Vietnam news agency reported.

The news agency said Tan Wei Hong, 26, and Cham Tack Choi, 23, were arrested on December 21, 2007 when they went on a shopping spree at the Louis Vuitton fashion shop in Ngo Quyen street, Hoan Kiem district here.

They bought suitcases and bags costing almost US$6,000 (RM2I,244), As Cham was paying the cashier with three international credit cards bearing his name, a shop staff recognised him as he had previously used counterfeit credit cards to pay for goods in the same shop.

The police were alerted.

Tan later admitted to the police that he had visited Vietnam on three occasions and used fake credit cards to pay for US$17,000 (RM6O,218) worth of goods.

Meanwhile, Cham had made two visits to Vietnam for the same purpose and had used counterfeit cards to rack up more than US$16,200 (RM57,341) in goods.

The Star,
Malaysia

Gambler’s card lands him in jail

2009-01-11T19:50:00.000-08:00

HE came to Australia with one purpose to gamble his way through Christmas.

But in two days, Malaysian holidaymaker Hoo Foo Lim was in jail after becoming an inadvertent "mule" for an elaborate credit card fraud syndicate.

Yesterday Lim, 62, a retired building site manager, was jailed for six months after being found guilty of 12 fraud charges.

He admitted knowing it was wrong to use fake credit cards to buy $3000 in gift vouchers from David Jones in Castle Towers Shopping Centre, in Sydney ’s west, but said he was targeted by a fraudster outside Star City Casino minutes after losing $3000 his entire holiday budget in one gambling session.

He said a man named Sam outside the casino asked him: "Do you need help?" Magistrate James Garbett said credit card fraud was at "plague proportions" and sentenced Lim to a maximum of one year in jail.

Daily Telegraph,
Sydney,Australia

Crooked, scheming merchants

2009-01-11T19:49:00.000-08:00

CREDIT card-issuing banks which turn a blind eye to credit card scams are just as shady as crooked, scheming merchants. This is the claim of the National Consumer Complaints Centre (NCCC).

"There are just too many complaints of credit card fraud cases where banks refuse to take responsibility, insisting that it is the customer ’s own fault," said Muhammad Sha ’ani Abdullah, chief executive of NCCC.

"Aiiy unusual credit card transaction is recorded and if banks are not taking measures to help their own customers then it is as if they are endorsing what the crooked traders are doing.

After all, the banks profit from these." Muhammad Sha ’ani addressed several issues at a Press conference yesterday at the NCCC operations centre.

He also highlighted the ease of purchasing fuel with credit cards without the need for any authentication to prove that the user is the actual card holder.

He claimed that in 2007 there were 809 complaints of lost credit cards and the number increased to more than a thousand last year.

"In almost all of these cases, the victims ’ credit card statements displayed excessive fuel purchases.

"We are proposing the requirement of passwords or PIN numbers when purchasing petrol with credit cards as a form of added security for consumers," he said, adding that NCCC would send the proposal to Bank Negara this week.

He also suggested that the merchants involved in credit card fraud should be investigated to put the brakes on more scams.

"There are laws to punish these cheats but there has to be more enforcement." Other suggestions in the NCCC ’s proposal is the prohibition of credit card recruitment by third parties other than licensed banks.

"This way, banks will not be able to shift the blame to third parties if credit card users are only recruited by their own people," said Muhammad Sha ’ani.

The NCCC, formed in 2004, is an initiative between the Consumer Research and Resource Centre, the Consumer Association of Selangor and Kuala Lumpur. and the Domestic Trade and Consumer Affairs Mmistry. It adopts a cheeky tagline, "NCCC Now everyone can complain".

Joseph Kaos Jr
Malay Mail,
Malaysia

Credit card fraud hits $2m

2009-01-11T19:46:00.000-08:00

THE discovery of counterfeiting machinery on the Gold Coast and the arrest of 10 people this week is linked to the same Malaysian criminal syndicate as another 10 people taken into custody late last year, say police.
The largest credit card fraud operation ever detected in Queensland was dismantled during the week after police arrested the three suspects on the Gold Coast and seven in Brisbane, in connection with what they allege is a multi-tiered, international illegal enterprise.
Almost 200 fake, blank credit cards, the counterfeiting machinery, stolen credit card details and computers were seized during a raid at a Southport home on Wednesday.
An examination of the equipment has so far retrieved the allegedly stolen details of almost 500 credit cards.
Police estimate the average loss from a compromised credit card account to be $4000 bringing the potential worth of the counterfeiting and fraud operation to $2 million dollars.
Police from the fraud and corporate crime group are expecting to retrieve more account details from the confiscated equipment.
They did not rule out further arrests.

Andrew Macdonald
Weekend Gold Coast Bulletin
Queensland,Australia

NCCC calls for newguidelined to curb credit card fraud

2009-01-11T19:43:00.000-08:00

KUALA LUMPUR: TheNational Consumer Complaints Centre (NCCC) has urged Bank Negara to introduce new guidelines for banks to curb credit card fraud.

NCCC chiefexecutive, Muhammad Sha ’aniAbdullah, said the number of cases involving credit card fraud and loss of credit cards at pump stations nationwide exceeded 1,000 last year compared to 809 in 2007. "For example, fraud cases at pump stations happen because there are no security characteristics when users pay using credit cards.

"They only need to swipe without entering pin numbers or passwords.

Hence, people can easily use credit cards belonging to others without any confirmation or passwords when maldng transactlons7 he told reporters here yesterday.

He said banks should require their customers to use passwords when maldng credit card trasactions at pump stations, online and on the phone. Sha ’ani said Bank Negara should also disallow a third party from applying for credit cards on the behalf of others.

Eastern Times,
Sarawak,Malaysia

Avoid Becoming a Victim of Credit Card Fraud

2008-12-22T09:59:00.000-08:00

Credit card fraud has become a major problem over recent years, and every year many people fall victim to this type of fraud.

Often this is through no fault of their own, but in some cases the reason why people fall victim to credit card fraud is because they have been careless with their credit card details, which is something that fraudsters prey on.

With credit card fraud levels still rife it is vital that cardholders are more careful with their details, as otherwise the risk of becoming a victim of card fraud is all the greater.

Certain types of credit card fraud levels are greater than others, and this includes CNP or Card Not Present fraud, which is where the credit card is not needed to conduct a transaction such as with online or telephone purchases made by credit card.

With an increasing number of people shopping online for various items from groceries to clothes and entertainment it is vital that more caution is exercised with online credit card transactions.

This includes ensuring that the site you use is a secure site, and also not linking to websites from emails and then putting in your card details. You should also avoid saving your card details on any sites that you purchase from if you have a shared computer, as this can also heighten the risk of becoming a victim of credit card fraud if someone with dishonourable intentions gets hold of the details.

Another thing to be careful of with your credit card is ordering or making purchases by phone. You should never give out your credit card details to someone who has called you out of the blue stating that they are from some company or other, because unless you have phoned the firm yourself you actually have no idea who you are talking to.

Also, be careful about shouting out your credit card details on the phone when there are other people around that you don't know as this could result in someone getting hold of your details.

One thing that many people do is dispose of their credit card statements by simply throwing them in the waste paper basket, which then gets emptied into black bags and put outside ready for collection day.

However, some fraudsters will go as far as to search through bin bags in order to find documentation such as this, which they then use to commit card fraud. You need to ensure that you shred all credit card statements and dispose of them carefully in order to avoid this happening.

Many credit cards now offer increased levels of protection and security against fraud.

This can include offering fraud guarantees that offer a zero liability policy if your credit card details are used without your knowledge or consent.

Credit card providers have now started offering identity theft protection services, including Barclaycard credit cards and Capital One credit cards.

Capital One credit cards, including the Capital One Classic credit card, also offer free access to Equifax alerts – sending you an alert if anything changes on your credit file and also offering you two free Equifax credit reports per year.

Whether you need a bad credit rating credit card or a mainstream credit card - you should be able to compare credit cards and improve the level of security against fraud offered by your credit card company.

Women's Access To Credit Affects Efficiency In Rural Households

2008-11-06T08:06:00.000-08:00

Rural strategies designed to induce economic growth often emphasize the need to improve access to capital for poor households. However, this approach implicitly assumes that family members pool all their resources and allocate them to their most efficient use.
Men and women may differ in their access to credit and may choose not to alleviate their partners’ constraints.

A new study shows how rural households in which women are not able to meet their needs for capital do not produce as much as they could.

Diana Fletschner, PhD, of the University of Washington utilized information from a survey to assess individual access to credit of husbands and wives in 210 rural households.

Data analysis showed that households in which women are reportedly unable to meet their credit needs are not producing as much as they could. The costs of these constraints to society are substantial, because for the average family, the woman’s constraints are associated with an 11 percent loss in efficiency.

Consequently, policies and programs designed to promote economic growth must address obstacles that limit access to credit for poor women, not just for poor households. Studies that are based solely on the household’s head may significantly underestimate the true economic impact of credit constraints.

“The study shows that there are economic arguments for enhancing women’s access to capital,” Fletschner concludes. “Policies and programs that improve women’s access to credit would in turn lead to more efficient allocation of resources and increased production.”

Fletschner et al. Women's Access to Credit: Does It Matter for Household Efficiency? American Journal of Agricultural Economics

People More Likely To Overestimate Their Credit Quality

2008-11-06T08:02:00.000-08:00

A new study examined consumers’ self-assessments of their credit rating and found that respondents were more likely to believe they had average or above average credit and those who overestimated their credit quality were less likely to budget, save, and invest regularly.

The study's author, Vanessa Gail Perry, Assistant Professor at the George Washington University School of Business, concludes that "Overestimating credit ratings is partly a function of a lack of financial sophistication. In addition, it appears that people who have overestimated their credit rating take less care in managing their finances.”

Professor Perry analyzed data from the Freddie Mac Consumer Credit Survey. The survey collected data on attitudes, behaviors, knowledge and experiences with credit and financial management from around 23,000 people. Results indicate that approximately 32 percent of respondents overestimated their credit ratings, while only four percent underestimated their credit ratings. The findings support previous studies in judgment and decision-making that show that individuals are more likely to be overconfident about their knowledge or abilities.

Those who overestimated their credit ratings had lower incomes, less formal education, and were less likely to own their homes. They were also more likely to be African-American, Hispanic, or female. One possible explanation for these results is that minority consumers in general have less experience with financial markets which in turn affects their tendency to overestimate their credit rating.

Wiley-Blackwell (2008, June 4). People More Likely To Overestimate Their Credit Quality.

Credit-card grace time can save you money

2008-02-24T06:18:00.000-08:00

It's hardly a secret that credit-card companies are always looking for ways to squeeze money out of customers.

That means consumers must always look for ways to hold on to their money.

Many consumers focus on interest rates, but another thing to consider is the grace period — the time you have before a card company starts charging interest on new purchases.

Some issuers have been shortening grace periods or changing grace-period rules.

The average grace period among the top 10 credit-card issuers is 22 days, according to the 2007 Credit Card Survey by Consumer Action, a nonprofit, membership-based organization that advocates for consumer rights.

That's down from 30 days several years ago, said Bill Hardekopf, chief executive of LowCards.com.

To keep your interest payments to a minimum, it's important to understand the grace period for each of your cards.

There are basically three types of grace periods, according to American Express.

With a typical grace period, you pay interest on all new purchases immediately, unless you have paid your previous month's bill in full.

A card with a full grace period means the average daily interest calculation doesn't include new purchases made that month.

And a card with no grace period means interest is charged on all purchases immediately.

By Vicki Lee Parker
http://seattletimes.nwsource.com

Home detention for credit card fraud

2008-02-24T06:00:00.000-08:00

A woman who caused considerable embarrassment to her employer by using customers’ credit card information, received six months home detention and 150 hours community work in the Christchurch District Court.

Roseana Jasmine McCormack, an unemployed 22-year-old, had admitted charges of dishonestly using a document to obtain more than $40,000 by handing on credit card information to other persons.

She had obtained the information from payment transactions where she worked.

The extent of the loss was considerable and lasted over two years, said Judge Stephen Erber at her sentencing on Friday.

Defence counsel Serina Bailey said McCormack was starting a new job on Monday, with an employer who knew about the offending.

The pre-sentence report assessed her as a low risk of offending, and she had co-operated with the police.

McCormack was ordered to pay $25,000 towards the reparations, in $40 weekly instalments.

www.courtnews.co.nz

Woman arrested in Wayland for credit card fraud

2008-01-23T10:43:00.001-08:00

WAYLAND - A Sacramento woman arrested last Friday for trying to get an illegal cash advance on a credit card skipped her Framingham District Court arraignment on Tuesday.

Judge Paul Healy Jr. issued a warrant for Marjorie Madison’s arrest.

Madison, 35, was arrested Friday at 1:44 p.m. at the Bank of America on Boston Post Road. Bank employees called the police because a woman, later identified as Madison, tried to get money on a credit card that had been flagged, Wayland Police Detective Ruth Backman said in a report filed in Framingham District Court.

Bank employees said a woman matching Madison’s description had been to a Bank of America in Belmont earlier in the week and used her credit card to get a $5,000 cash advance, but was given $6,000 by mistake.

The bank told her it wanted the $1,000 back and she "reached into her purse and took out $6,000 in cash," according to the report.

When questioned at the Belmont bank, Madison gave bank officials a California license. She said she was in Massachusetts for her grandfather’s funeral, Backman wrote.

When questioned in Wayland, Madison said she had paid cash on the credit card so she could get cash advances, but later admitted she knew she was not allowed to get money.

She also changed the reason she was in the state.

"She said her reason for coming to Massachusetts was that she had a sugar daddy who gave her $20,000 for her and a friend to come out and visit him," Backman wrote.

Madison, who is four months pregnant, was charged with improper use of a credit card, attempting to commit a crime and receiving stolen property.

She posted $1,500 bail at the station on Friday and was scheduled to be arraigned on Tuesday.

The Wayland arrest was not the first for Madison. According to Framingham District Court records, Madison served time in a California prison on similar charges.

Norman Miller can be reached at 508-626-3823 or at nmiller@cnc.com
http://www.wickedlocal.com

Cops go slow on online fraud

2008-01-23T07:55:00.000-08:00

AHMEDABAD: A UK citizen, Wilfred Louis, 33, was arrested by Navrangpura police on January 10. But even after ten days, they have got nothing out of the culprit.

Not that Wilfred is a tough nut to crack. The cops have failed for a simple reason that they do not have seem to have the time or inclination to solve the case."

The biggest hurdle they face is lack of expertise in dealing with e-frauds. Police sources said that the case files had been shelved soon after Uttarayan bandobast. The accused has been sent to Sabarmati Central Jail.

Wilfred, who claimed to be a UK citizen, had purchased gold jewellery from a shop on CG Road and offered a credit card for payment. The card reader, however, detected the fraud and generated an automated message that first tipped off the bank and then the police.

Cops promptly arrested Wilfred and also got a seven-day remand. But, Wilfred did not have to talk much as the cops were busy attending to routine bandobast.

"But what we know right now is, he is not a UK citizen, as we confirmed it with the embassy at Mumbai. He has an accomplice in the UK who arranged for his passport and perhaps a fake identity. We suspect him to be a Nigerian but are awaiting substantial proof. We cannot communicate with him as we do not know his language and he does not seem to know ours," said R D Rawal, sub-inspector of Navrangpura police, investigating officer of the case.

But what about checking the five email accounts of Wilfred which seem to be written in a simplistic code which seems gibberish at the first glance? Though the mail accounts contain crucial details on more than 15 credit card accounts, cops have no answers yet.

Now, the crime branch sleuths have joined forces with the city police to probe this racket as "This is a case of cyber crime and expert investigators are needed."

"The crime branch has the right to interrogate the accused but right now, Navrangpura police is probing the case. If needed, we will seek for more remand of the accused," said A K Jadeja, deputy commissioner of police, Zone I.

Jadeja also added that the pressure of routine crime and law and order duty weigh heavy on police and in some cases where technical help is needed, crime branch officials pitch in.

An official told however TOI that the investigation has already revealed other members of this gang of frauds are operating in various locations in India.

"They use financial gateways of international banks on the Internet, popularly known as Visa and MasterCard. When the detail is stolen from other countries, the users of the card may not even know that the detail lies with some other card used in India. They most probably used skimmers to extract the data and then copy it on other cards. The cards and the data were not matching - data was of another card. But it is difficult to check it manually," he said.

The machine identifies the eight-digit number given by the parent company - Visa and MasterCard. For the card reader, it does not matter to the reader. Police have now sought help of other Afro-British people on visit to India.

"From the numbers, we have got from Louis' mobile, we called up his three accomplice but they simply talk gibberish even when approached in English. They know perfectly what we speak but they do not want to answer," said an official.

http://timesofindia.indiatimes.com

Online credit card fraud spreads

2008-01-23T07:41:00.000-08:00

AHMEDABAD,INDIA : After recording 12 cases of credit card fraud in western parts of the city in the last six months, city police have been saddled with a case in Shahibaug. A young trader's credit card was used for online shopping and Madhavpura police are now roping in cyber crime experts to solve the case.

Nirav Modi, a resident of Spectrum Towers, Shahibaug, filed a complaint with Madhavpura police on Saturday for misuse of his credit card on internet for shopping of household items worth Rs 46,721.

Modi got to know of the transaction when he received a bill for the transaction after getting a call from the credit card company. When he got the details, it was for shopping of grocery, washing machine, furniture and small household goods purchased online using his card number and CVV number.

"The card was used over the period of six days from January 11 to 16. Modi got a call from the company to inform him of the transactions and he got a bill for the same on January 18. He was shocked as he did not purchase anything online. Clever fraudsters also did not exceed the limit of Rs 10,000 in a day and made small purchases. We are yet to get details of the transaction and locate the computer used for the fraudulant purpose," said H L Odedara of Madhavpura police.

According to the police figures, misuse of credit card is on constant rise with as many as nine cases registered with the city police in 2007.

Barring one, police have got no clues in any case about the use of the card and whereabouts of the culprits. But in most of the cases, fraudsters booked airline tickets with a particular airline online as it's the safest option available. But with this case, they have ventured into shopping malls offering online service of purchase and delivery at your doorstep.

http://timesofindia.indiatimes.com

2007-12-05T11:04:00.001-08:00

Careful what you click for
Beware when buying in Internet sales boom
By Alex Davis
alexdavis@courier-journal.com

There are 10 people on Fadden Holden's holiday shopping list this year, but don't look for the 28-year-old in any of the local malls.

With the same technique he uses for weddings and other special occasions, the east Louisville resident plans to buy his gifts on eBay, where he expects to find deals on sports memorabilia, magazine subscriptions and more.

"I've been using online shopping for a long time now," said Holden, who will soon graduate from the University of Louisville with a master's degree in mathematics. "It reduces your search costs."

A growing number of shoppers are getting that same idea -- even as a recent Better Business Bureau survey found that six in 10 of those who buy online acknowledge being anxious that their credit card information might be stolen during a transaction.

"Fears over the use and safety of personal information, including credit card numbers, telephone numbers, and home and e-mail addresses, are the main reasons online shoppers second-guess their decisions when making online purchases," said Charlie Mattingly, president of the BBB serving Louisville, Southern Indiana and Western Kentucky.

Yet, online holiday spending in November topped $10.7 billion through Monday, a 17 percent gain from a year ago, according to comScore, which tracks online consumer trends.

And that number is expected to get a big boost Dec. 10 -- that's Green Monday, which falls on the second Monday of December, and is considered the last safe day to ensure shipping by Christmas.

That's "when people spend the most amount of money online," said Jamie Diamond, a spokesman for Symantec, the San Francisco company responsible for Norton Antivirus computer software.

In all, nearly three-fourths of Americans with Internet access will do at least some of their holiday shopping online this year, according to a recent poll from Zogby Interactive. And online marketing consultant Forrester Research estimates holiday shopping sales on the Internet will rise 20 percent this year.

UPS, which has its main air hub in Louisville, measures the rise in online shopping by counting the number of customers who track shipments by visiting UPS.com.

In 1995, 100,000 users checked the status of freight that way. This year, UPS expects 150 million inquiries during the peak the week before Christmas, said company spokesman Mike Mangeot.
Cautious with credit

Experts caution that fears about credit card theft are justified, whether you are shopping online or at the store.

But the credit industry has taken broad steps to combat the theft of consumer information in recent years.

For example, American Express, Discover, Mastercard Int'l and Visa last month approved standards that soon will prohibit any software handling credit or debit card data from storing transaction information -- including personal identification numbers, or names and bank data saved to a card's magnetic stripe.

Such measures are promulgated by Boston's PCI Security Standards Council, a private company formed by all the major credit card companies in late 2006.

Instead of each company setting Internet security and store security rules on its own with vendors, PCI acts as a clearinghouse for security standards accepted by the major credit providers.

"The whole reason for us being (here) is so we can set standards that can protect consumer or payment card data," said PCI spokesman Glenn Boyet.

On the law enforcement side, Internet auction fraud prompts nearly half of all complaints to the Internet Crime Complaint Center or IC3, a partnership between the Federal Bureau of Investigation and the National White Collar Crime Center.

The BBB advises that shoppers protect themselves before buying by checking out the reliability ratings or the BBB rating of any online seller.

CyberSource, which provides retailers electronic payment services, says the fraud rate is holding steady at about 1.4 percent of all online sales.

But consumers should use the same care in shopping online that they would take at malls or other venues, said Reanna Smith-Hamblin, spokeswoman for the BBB in Louisville. That means guarding personal information and researching the company's background, she said.

"Shop with people you know," she said. "If it sounds too good to be true, it probably is."
Taking the online leap

Online retailers say that while shoppers might say they are nervous about Internet crime, it's clear that a growing number are willing to set such concerns aside and punch their credit card account numbers into Web sites.

"There's a growing amount of trust within online retail," said Marc Cowlin, spokesman for CafePress.com, a California company that employs about 300 people at its warehouse in Louisville.

Cindy Mann, 42, of Simpsonville, said she expects to spend about $3,000 on holiday gifts this year -- about 85 percent of that online.

She said she takes precautions -- for example, using only her American Express card because it offers theft protections. And she said she "wouldn't dare ever" use a debit card because that has information about her bank account.

With security tools improving regularly, responsible companies can build a strong reputation with customers, said Cowlin, whose company allows users to design and personalize their own merchandise, such as T-shirts and coffee mugs.

Even so, some shoppers remain shy about opening their wallets online, even if they're savvy with a computer.

For example, Tracey Goff, 37, an educational consultant from Elizabethtown who was shopping Friday at Oxmoor Center, said she never buys online -- partly because of safety concerns but also because, "I like to see it, feel it, touch it."

But Meagan Deeley, 22, of Mount Washington, said that while she works at Von Maur, she expects to do half of her holiday shopping online this year. "It's a big benefit because you don't have to be out in traffic," she said, adding that she relies on her computer's Norton antivirus protection and always checks a Web site's reliability rating.

And Maurice Rhodes, a 20-year-old package handler who lives in Louisville, said he routinely buys such things as Air Jordan shoes on eBay.

"I never worry about security," he said, "I just do it."

Meanwhile, sitting outside a coffee shop near her home in the Highlands, Amanda Baerwalde said she plans to do all of her holiday shopping at small businesses in her neighborhood -- but not out of any great concern about security.

She goes online to buy airplane and concert tickets but said that for other goods, she'd rather walk a couple of blocks and buy in person.

"When everything's so concentrated," she said, "I don't see the point of looking elsewhere for it."

Reporter Alex Davis can be reached at (502) 582-4644. Reporter Jere Downs contributed to this story.

2007-12-05T10:59:00.000-08:00

Few ID thefts from Web
Secret Service files show 10% of cases were from Internet
By Peter J. Sampson

A review of Secret Service files has found that half of the cases of identity theft involved technological devices, such as computers, scanners and digital cameras, and only 10 percent were done exclusively through the Internet.

In 20 percent of the other cases, thieves stole personal data the old-fashioned way.

Low-tech tactics included rerouting mail by sending change-of-address requests to institutions handling credit-card and bank accounts, swiping items right from mailboxes, and "Dumpster diving" -- going through trash for personal information that can be used to produce counterfeit documents and to open credit accounts.

Researchers from Utica College's Center for Identity Management and Information Protection in New York analyzed 517 Secret Service cases of ID theft from 2000 to 2006. It was the first study of closed files from the federal agency, which is responsible for investigating identity theft and fraud.

Among their findings:

• A fifth of the time, identity thieves stole personal data at their workplace. Of them, 60 percent were employed in the retail industry -- stores, car dealerships, gas stations, casinos, restaurants, hotels, hospitals and doctors' offices. Another 22 percent worked for financial services, such as banks and credit-card companies, and 9 percent were in government.

• People were victimized by a family member or friend 16 percent of the time.

• Personal information was stolen from someone's home, car, wallet or pocketbook 12 percent of the time.

• Most of the thefts occurred in the Northeast and the South.

• The median loss was just over $31,000, although in one case a thief spent millions on luxury vehicles and established shell companies to defraud more victims.

The study confirms a recent Consumer Reports poll that found Americans overwhelmingly believe they are more vulnerable to identity theft when a business has their Social Security number. Most respondents said they want companies to stop using the numbers to identify customers.

A Social Security number, coupled with your date of birth and address, is the Holy Grail for identity thieves, said Cindy Wofford, special agent in charge of the Secret Service's field office in Newark, N.J.

"In addition to shredding documents before discarding them, Wofford recommends not storing any passwords on your computer's hard drive. Hackers know how to retrieve them, she said.

Consumers have become more knowledgeable about Internet scams that try to trick them into divulging account numbers, passwords and other personal information.

Doug Bem, an inspector for the U.S. Postal Service, said residents should not use their home mailboxes for outgoing mail. And by no means should they raise the flag on the box if they do.

"That's as much an indicator to a thief, as it would be to a letter carrier, that there's mail to be had," he said.

To prevent fraudulent rerouting of mail, Bem said, the Postal Service uses a dual verification procedure in which confirmation letters are sent to both the old and new addresses to verify the request is legitimate before any mail is forwarded.

In the Federal Trade Commission's 2003 survey of identity theft victims, 4 percent indicated stolen mail was the source of their problems, he noted.

Peter J. Sampson writes for The Record in Hackensack, N.J.

2007-12-05T10:44:00.000-08:00

Recalls, returns can be avoided
Experts say shoppers should find out about products before buying
Sheryl Harris, The New York Times

Most years, it may be better to give than receive, but this year, it's a wash.

It's hard to pick just the right toy when you realize that 25 million have been recalled because they can maim, poison or reduce the SAT-scoring potential of our kids.

What with tainted toys, gift certificate snags, tough return policies and restocking fees, the joy of giving could lose just a bit of its seasonal sparkle.

Luckily, consumer groups have stepped in with some well-timed advice on what to avoid as you shop while the dollar drops.

Toys

Avoid metal jewelry, especially cheap metal jewelry, for young children, most groups say. If metal jewelry is inexpensive, looks like silver and seems heavy for its size, it may contain lead, warns the New York attorney general's office.

Don't buy toys unless they're age appropriate. Age labels on the box don't relate to a child's intellect but are based on his or her developmental stage. A toy suitable for one age group can be frustrating or dangerous for a younger child.

Avoid toys with magnets that can come loose. Many kids hold toys in their mouths, and if they swallow magnets it can result in life-threatening intestinal blockages and tears. If you do give kids magnetic toys, make sure the magnets can't be tugged loose.

Avoid toys from vending machines as well as toys that don't carry brand names, says Consumer Reports. (It's true that well-known brands have been recalled this year, but at least they're easy to identify, and name manufacturers often have a mechanism for exchanging toys.)

Although lead has grabbed most of the headlines, choking is the leading cause of death for children under 4. Any toy small enough to slide through a toilet-paper tube is a choking hazard for a young child. Avoid small toys for children under 3 -- as well as for any older child who still mouths toys.

If you bought presents early, make sure you check toys, art supplies and children's metal jewelry against the growing list of children's items recalled this year. For links to recalls, visit cleveland.com/business.

Privacy

Remove credit cards, Social Security cards and other unneeded documents from your wallet before you head to the mall, says Privacy Rights Clearinghouse. Pickpockets are busy this time of year. Never leave your purse or a jacket containing your wallet or cell phone in a shopping basket. Men should carry wallets in a front pants pocket, which makes them harder to steal.

Read an online retailer's privacy policy before you buy. The Privacy Rights Clearinghouse recommends you patronize online retailers who have agreed to voluntary privacy guidelines through organizations like TRUSTe (www.truste.org), Verisign (www.verisign.com) or BBBonline (www.bbb.online.org). Clicking on the icon should lead you to the icon-issuer's Web site so you can verify.

Never shop online unless you make sure the Web site encrypts account and personal information it collects. Privacy Rights Clearinghouse says to look for "https://" in the URL address or the closed padlock icon to make sure the page is secure. (An open lock indicates it's probably not secure.) Some browsers have color-coded indicators when you click on an encrypted page.

Make sure merchants print no more than five digits of your credit card number on your receipt. By law, electronically printed receipts can't carry your entire number on the customer copy.

Report violators to the Federal Trade Commission at www.ftc.gov.

Buying

Avoid using a debit or check card to pay for purchases. Most debit cards don't carry the consumer protections that credit cards do, and exorbitant overdraft fees can pile up before a consumer realizes what's happening, says the Privacy Rights Clearinghouse.

Not only that, the group warns, some crooks use "skimming" devices to steal card information from merchant card-swipers. A debit card can give them direct access to your bank account.

Using a credit card for purchases provides the best consumer protection because it allows you to dispute a purchase if merchandise isn't as advertised or if there's a billing error. It's the safest way to shop online and the best way to purchase big-ticket items.

Avoid overspending. If you're worried you'll go over your budget if you use plastic, draw up a gift list with price caps and stick to it. You also may want to stash away the cash to pay off your card after each shopping trip. (Technically, paying off a charge lessens your ability to dispute, so you may want to bank the saved money until the presents are opened and you're sure they're as advertised.)

Ignore rebate offers when you're considering whether to buy.

Rebates can be notoriously hard to collect. Ask yourself if you'd buy the item at that price if you couldn't get the advertised rebate. If the answer is no, keep shopping.

Don't forget to ask for gift receipts. It can be difficult to return an item for the purchase price without the gift receipt, advises Consumer World, a Web site for consumers.

Ask before you buy

Check the store's return policy before you buy anything. In some states, retailers can set any return policy they'd like -- including not allowing them -- as long as they post the policy in a conspicuous place.

Check the performance and reliability of appliances and electronics through Consumer Reports or unbiased product reviews before you buy.

Check the reliability of retailers you're not familiar with through the Better Business Bureau (www.bbb.org).

Ask if there are restocking fees on returned products. They may be hard to dodge on electronics, but some retailers slap them on furniture and other goods. Ask whether people who return items are tracked. Privacy Rights Clearinghouse says that, in an effort to combat organized retail fraud, some retailers collect information about consumers who return items and share the data with a central clearinghouse.

2007-11-04T03:35:00.000-08:00

Credit Card Fraud Prevention Using ASP and COM Technology

Hexa Software Development Team
sales@ip2location.com
http://www.devarticles.com

Credit card fraud is a problem. We all know this fact. But what are the appropriate steps to combat this crime. Hexa has listed some protection strategies of their own.

Credit card fraud has become pervasive on the Internet. According to MasterCard International, account takeover fraud has increased by 369% since 1995. It has become one of the fastest growing types of fraud, and one of the more difficult to combat. More than $700 million in online sales were lost to fraud in 2001, representing 1.14 percent of total annual online sales of $61.8 billion, according to GartnerG2.

Even if the credit card company has given the authorization as to the validity of the card, there are several ways fraudulent cards can be used on your site. The card may have been lost or stolen, but the card owner is yet to report its loss. Or the number on the card (and not the card itself) may have been lifted without the knowledge of the owner. There is also a scam called identity theft, where the card has been issued under false pretenses using someone else's identity and data.

As an online merchant, you need to have a system to check the authenticity of orders placed to safeguard your business. While the effort may require additional time and money, it can save you the cost and stress caused by charge-backs for fraudulent orders. You lost your physical products; you lose the sale price; you lose another business opportunity; and you will be fined an additional $15-$50 charge-back fee.

If you have a high percentage of charge-backs, your card services company can even blacklist you and cancel your merchant account. You will also spend time looking up the order and provide the requested information to your card services company. All of these hassles are things you can surely do without.

How can you protect your business from credit card frauds? Here are a few steps that can be taken to ensure that the transaction is being requested by the real cardholder.

* Suspect shipping address. According to ClearCommerce Corporation, a provider of payment processing and fraud protection software for e-commerce, orders from Ukraine, Indonesia, Yugoslavia, Lithuania, Egypt, Romania, Bulgaria, Turkey, Russia and Pakistan have a very high incidence of fraud, and often have unverifiable addresses.
* Untraceable email address. In many fraudulent orders, the customer's email address is often at one of the free email services, like hotmail.com and yahoo.com, which are relatively untraceable.
* Expensive items. Be wary of expensive orders, especially for expensive brand-name items.
* Multiple items. It can be a bad sign, for example, if someone orders three X-Box or three DVD players at once, especially where the items have a high resale value.
* Express shipping. Most fraudulent orders specify overnight or 1-day shipping without hesitation.
* Shipping address differs from billing address. Receiving point and billing address are different in fraud orders. If you are selling valuable items, it can be a good policy only to ship to the billing address of the card’s holder.
* Suspicious billing address. The address looks too simple or invalid. If the billing address is 123 Main St, New York, the order is probably fraud. You can use or online location tool to see if the address can be verified.
* Leave at door or post office box. If the courier service cannot guarantee delivery of goods, the risk of fraud is very high.

The advancement of geo-targeting in the Internet allows us to pinpoint the geographical region for an order. The information can be used to reduce the fraud by verifying it with the billing address and delivery address. This method can identify the scenario where someone from country X has stolen the credit card data from country Y. The IP address lookup service will reveal the real country instead of relying on the country filled in the order form.

IP2Location™ provides technology to translate IP address to country origin. The lookup table is available in several formats such as database and COM. It is the perfect solution to automate the fraud detection using client side programming languages like C++ & Visual Basic; or service side programming languages like ASP, PHP, JSP and CFML.

For example, company XYZ received a credit-card order from IP address 161.139.12.3. The order details are as following:

Name: John Ma
Address: 123 Main St
City: New York
ZIP Code: 1111
Country: United States
Tel: (503) 111-1111
Credit Card No: 1234 5678 9012 3456
Expired Date: December 2010

Credit card merchant processor will authorize this order if the billing address matches the order details. Unluckily, the credit card data has been stolen earlier by Mr. ABC from another country through the Internet. Later, he made a purchase of digital products from company XYZ using the information. His order approved by the merchant because all the details matched John’s record in the bank’s database. IP2Location™ technology can filter the difference between order’s country and record’s country upfront to protect your business. You can classify this kind of order for manual inspection before delivering the goods. You will be surprise how much this method will help in identifying fraud orders.

For the implementation, we use a fully functional IP2Location™ ActiveX component available at http://www.ip2location.com/ip2location-country.zip to query country by visitor's IP address. The unregistered version has a 5-second delay in each query.

First, install the ActiveX component in IIS web server. It could be as simple as running a command in DOS prompt.

C:\> regsvr32 ip2location.dll

We create a script to compare the lookup country and data given in the order authorization flow. It serves as a filter to reduce fraud. All rejected orders will be manual verify by merchants.

verify.asp

<% ' Country info filled in the form (US is only an example) BillingCountry = "US" ' Create server-side object Set ipObj = Server.CreateObject("IP2Location.Country") ' Initialize IP2Location object If ipObj.Initialize("demo") <> "OK" Then
response.write "IP2Location Initialization Failed.
End If
' Get visitor's IP address
IPaddr = Request.ServerVariables("REMOTE_ADDR")
' Detect visitor's country of origin by IP address
CountryName = ipObj.LookUpShortName(IPaddr)
' Free IP2Location object
Set ipObj = nothing
If CountryName = BillingCountry Then
' IP address originates from country in billing address
' Low Fraud Risk
Else
' IP address different from country in billing address
' High Fraud Risk
End If
%>

------------------------

2007-11-04T02:25:00.000-08:00

Protect Yourself From Credit Card Fraud

Unfortunately credit card fraud is really quite common these days, but there are ways that you can help to protect yourself. Becoming a victim of credit card fraud causes a lot of unnecessary hassle and is a very stressful experience.

You should familiarize yourself with the security features that the credit card company includes with your card. If you are looking to get a new credit card, make sure that it offers plenty of security.

One of the best ways to protect yourself against credit card fraud is to check the credit card statements you receive each month and look at the billing entries. This also helps you to understand your spending habits and helps to make sure that your budgeting is on track. By checking your statement you will be able to tell if there are any strange transactions on your account. If you notice a possible fraudulent charge, you should make immediate contact with your credit card company and inform them. The credit card provider will then look into the transaction and if it is not a legitimate entry they will then put measures in place to try to recover the money that was illegally taken from your account.

Another way that you can protect yourself from fraud is to never reply to emails that appear to be sent from your bank or your credit card company. These fake emails try to steal your personal information when you attempt to enter the web address they send for some sort of verification. Emails from banks should always be viewed with caution. Only ever reply if you know for certain that the email was sent from your bank or credit card provider. If you are unsure, either contact the company using a phone number you know to be legitimate or ignore and delete the message.

Always keep your credit card near you, and in sight, when making a payment and ensure that it is given back to you promptly. This will help to keep it safe from ‘skimming’, where an unscrupulous sales person may steal your credit card information to use later. Keep the card in a safe place at all times.

Never share your PIN (Personal Identification Number) with anyone, including members of your family. And never write the number on the card or on anything kept near your card. Your PIN should never be shared with anyone phoning on the pretext of confirming something on your account. Banks and credit card companies will never ask for your PIN.

Transactions using credit cards do not need the physical card so it is up to you to make sure your details are protected at all times. If you ever become aware of any credit card fraud on your account take action immediately to stop any further illegal activity.

Author's Bio
Lyn Bell has been in the finance industry for more than 30 years and is a Certified Financial Planner. She has helped many clients achieve their financial goals. Lyn can be visted at her website www.soundfinance.com and her blog at www.soundfinanceblog.blogspot.com
As an avid Squidoo fan she has a lens devoted to finance http://www.squidoo.com/soundfinance

2007-11-04T02:22:00.000-08:00

Combating online credit card fraud
http://money.ninemsn.com.au

One of the risks for merchants when it comes to selling goods and services online is credit card fraud. Basically, you are almost operating in a vacuum and you have no idea whether your online customers are trustworthy. Considering you will not actually see your online customers, there are two things you know about them:

1. They want to buy something from you and;
2. They want to use their credit card.

The next question is how do you know that your customer is not a child with his/her mother's credit card or a thief with a stolen credit card? You don't and that is why it is a good idea to identify suspicious customer behaviour. Just as you would watch a suspicious character in your offline premises, it is also important to be aware of the tell-tale signs of credit card fraud.

There are fundamentally two credit card fraud types:

* The smash and grab where the number of fraudulent acts is small, sometimes just a one-off, but the product value may be high.
* The "drip effect" where the number of acts is large and the value small.

According to the Worldwide E-commerce Fraud Prevention Network, an international survey highlighted online fraud as a significant problem. However, 70 percent of the respondents believed fraud prevention tools could keep it to a minimum.
Fraud reduction tools

The four most popular fraud reduction tools being used have been identified as:

1. Address verification systems (70 percent)
2. Customer follow-ups (54 percent)
3. Real-time authorisations (54 percent)
4. Post-process fraud management (43 percent).

According to the Worldwide E-commerce Fraud Prevention Network, an international survey highlighted online fraud as a major stumbling block.

However, when they were asked to list the most effective reduction methods the survey members put address verification systems in top place followed by real-time authorisations.

Almost 50 percent of online merchants surveyed said fraud had cost their business between $1000 to $10,000. Nineteen per cent reported costs at more than $100,000.

And almost 60 percent of merchants said they spent less than one per cent of total revenues on fraud prevention.

When it comes to credit card fraud, it is important to remember:

* Merchants are usually the victims of credit card fraud. It is rarely the customers.
* The card owner has a limited liability. Most of the liability rests with the merchant.
* You need good anti-fraud procedures in place to protect you and your customers.

For useful links to fraud information and prevention tips, see the Merchant Fraud Squad (www.merchantfraudsquad.com) or visit www.antifraud.com.
Fraud warning signs

There are a number of suspicious behaviours which can help highlight a potentially fraudulent act. Knowing what to look for is important. Consider the following:

* Watch out for large orders placed without regard to size, colour, style or price of stock.

* If an international customer demands a speedy delivery without regard to freight and delivery or transport costs, beware. Many international customers will opt for the cheapest method of transportation to keep costs down.

* A first-time customer who makes a very large order and wants it shipped over night should be treated with caution.

* Be wary of customers who always use free e-mail accounts as their reply e-mail addresses. Suspicious customers may use many of these types of accounts. Just proceed with caution until the customers establish themselves as being trustworthy.

* It may be wise to not fully trust customers who won't allow you to call them and insists on calling you or communicating entirely through e-mail.

* A common form of credit card fraud is a child using a parent's credit card. Just be cautious, especially if you get a large order for teenage-type products.

* If you get a number of orders on the same day from the same customer for large quantities of products it is best to make sure it is not someone using someone else's credit card.

* Research has also shown that stores that sell computer equipment, stereos and televisions are the most likely targets for credit card fraud as the goods can easily be resold.

2007-11-04T02:20:00.000-08:00

Online credit card fraud protection
http://www.cmsgeeks.com

Credit card fraud for online purchases seems to be increasing both in scale and dollar amounts day by day. While this problem may seem to be out of control basic steps can be taken by both consumers and merchants to stem the flow. The article below contains information that is intended for merchants who process transactions over the web.

Having worked with companies using shopping carts and online payment systems, I have learned that protecting consumers and businesses is relatively simple. The scope of protection extends beyond the payment system and directly into the hands of merchants that receive payments online.

Unfortunately, credit card fraud exists to the degree that it does primarily because merchants, whether brick and mortar, or on the internet, do not take the necessary precautions to verify the authenticity of the purchasers.

Verify online purchases by contacting the person who created it.
If you cannot make contact with your customer by phone or email, cancel the order and send a response explaining why the purchase was cancelled. Don't make the assumption that a website is simply a tool to automate the purchasing process. Criminals rely on this assumption and exploit it often.

Make sure that personal data sent to and from your website is sent over an encrypted connection (HTTPS).
This is yet another step that makes access to personal information more difficult to those who do bad things with it. Although there is a slight financial cost for doing this it is well worth the investment. Savvy web surfers look for this and may not make purchases from your site if their information is transmitted over a non-encrypted connection.

Track and check the country of origin of the purchase against the credit card data.
Transactions that involve a different country than the address of the credit card are typically fraud and should be treated as such until it can be proven that they are legitimate. If you do not have the ability to track this data with your ecommerce software contact your developer team or IT staff to determine how to track this information.

Report suspicious credit card transactions.
If you suspect that a credit card is being used fraudulently contact the owner of the credit card or the credit card company.

Don't store customer financial data in your website database.
Unless you have an experienced IT staff that understands data security and the steps to keep this kind of information safe just don't do it. There are other ways to track data which don't reveal or expose critical information. Contact your developer or IT staff if you have specific questions regarding your customer information security policies.

Ensuring your purchases are legitimate helps to reduce the incidence of credit card fraud and conveys to your customer that you care about them and not just their money.

2007-11-04T02:13:00.000-08:00

APACS and UKPIA announce National Card Fraud Prevention Campaign
Thursday, 01 Nov 2007 13:09

National Card Fraud Prevention Campaign to run from 5-12 November
- 14m advice cards to be distributed at many petrol stations throughout the UK

APACS, the UK payments association, and the UK Petroleum Industry Association have today (1 November 2007) announced details of a National Card Fraud Prevention Campaign. The week-long campaign is designed to act as a reminder for customers to keep their cards and PINs safe and secure at all times.

Beginning next Monday 5 November, customers paying by card at many petrol stations throughout the UK will be handed a small advice card reminding them to remain vigilant to the risks of fraud. The cards contain three simple messages:

1. Guard your card: don't let your card out of your sight when making a transaction
2. Shield your PIN: use your free hand and your body to shield your PIN from any prying eyes or hidden cameras
3. Be alert: try to ensure that nobody is watching you and that there is nothing unusual about the chip and PIN terminal or cash machine you are using.

APACS figures show that, thanks to chip and PIN, card fraud losses on the UK high street have decreased by 67 per cent in the last three years. However, fraudsters continue to try and copy our cards' magnetic stripe details to create fake cards that can be used overseas, in countries that do not have chip and PIN. Raising consumer awareness about the importance of keeping cards and PINs safe and secure can play an important part in tackling this type of fraud.

Sandra Quinn, director of communications at APACS, says:

"Chip and PIN has been hugely successful in reducing card fraud in the UK but that does not mean that we can lower our guard. Tackling card fraud requires a multi-layered approach and the banking industry continues to work with retailers, law enforcement, the Home Office and organisations such as Crimestoppers to achieve this.

"Consumers can also play their part and we urge them to follow the advice provided on these cards. Simple measures such as shielding your PIN with your free hand whenever you enter it into a keypad will significantly reduce your chances of becoming a victim of fraud."

Research from APACS reveals that not all cardholders are taking the appropriate steps to protect themselves fully from fraudsters. The 2006 Attitudes to Card Fraud survey shows that 20 per cent of cardholders 'rarely' or 'never' shield their PIN when entering it at a cash machine. Similarly, more than one in four people (27 per cent) admit to using the same PIN for all their cards.

Chris Hunt, Director General of the UK Petroleum Industry Association, says:

"Our members take customer security very seriously and are pleased to be supporting APACS in this fraud prevention initiative.

"Our members are alert to potential fraud risks and remain vigilant on this issue. The fight against fraud is a shared responsibility. During this campaign they will be issuing advice cards to customers reminding them to keep their card details safe and secure at all times."

To support this campaign, APACS has recently published two advice guides to educate both consumers and retailers on the necessary safety procedures required for making and accepting card payments. The two guides, Protect your PIN (for consumers) and Transactions with your chip and PIN terminal (for retailers) will help both card-accepting businesses and cardholders minimise their chances of falling victim to fraud.

These advice guides, and details of the Card Fraud Prevention campaign, are freely available from www.cardwatch.org.uk

ENDS

For further information contact the APACS Information Office:
T: 0870 420 3208 E: apacs@fourcommunications.com

UKPIA enquiries to: Nick Vandervell, UKPIA T: 020 7240 0289

Notes to editors:

1. APACS is the trade body that gives banks, building societies and card issuers a forum where they can work together on non-competitive issues. In a nutshell we help manage the way that businesses and individuals in the UK move their money around - this covers cash, credit and debit cards, cheques and automated payments such as direct debits, salary payments and online/phone transactions. We champion the fight against banking fraud and twice a year we publish figures on payment industry fraud losses.

2. The UK Petroleum Industry Association (UKPIA) represents the interests of nine member companies engaged in the UK downstream oil industry on a range of common issues relating to refining, distribution and marketing of oil products, in non-competitive areas. UKPIA's role is to inform its members of proposed legislation and related developments, and to help form and advocate the industry's position. UKPIA is also an authoritative source of information or reference on the UK downstream industry.

3. The 2006 Attitudes to Card Fraud survey is an annual survey of 2,800 people. Some of the key findings include:
o Eight per cent of people say they write down their PIN to help them remember it;
o Seven per cent of people say they've told someone their PIN;
o 53 per cent of people say they feel wary of letting their card out of sight when in a shop or restaurant;
o 75 per cent of people agree (either slightly or strongly) that chip and PIN is more secure than signature;
o 77 per cent of people like using chip and PIN;
o 93 per cent of people say using chip and PIN is easier than signature;
o Most people (47 per cent) first discover that they have been a victim of card fraud when they notice fraudulent transactions on their statements.

2007-11-04T02:10:00.000-08:00

40 Million Credit Card Numbers Hacked
http://www.washingtonpost.com

More than 40 million credit card numbers belonging to U.S. consumers were accessed by a computer hacker and are at risk of being used for fraud, MasterCard International Inc. said yesterday.

In the largest security breach of its kind, MasterCard officials said all credit card brands were affected, including 13.9 million cards bearing the MasterCard label. A spokeswoman for Visa USA Inc. confirmed that 22 million of its card numbers may have been breached, while Discover Financial Services Inc. said it did not yet know if its cards were affected.

MasterCard officials said consumers are not held responsible for unauthorized charges on their cards, and that other sensitive personal data, such as Social Security numbers and birth dates, were not stored in the hacked system. So far, no evidence of fraudulent charges has emerged, they said.

The breach occurred late last year at a processing center in Tucson operated by CardSystems Solutions Inc., one of several companies that handle transfers of payment between the bank of a credit card-using consumer and the bank of the merchant where a purchase was made.

CardSystems' computers were breached by malicious code that allowed access to customer data, said Josh Peirez, a MasterCard senior vice president.

Peirez said MasterCard is certain only that 68,000 of its numbers were taken by the hacker over an unknown amount of time before the breach was discovered. But because the hacker had access to the full database, it is difficult to say how many more numbers may have been taken, he said.

He said the breach was not confirmed until about two weeks ago.

MasterCard said it has begun notifying banks that issue its cards, which in turn are responsible for notifying cardholders.

A teeming black market for stolen credit card numbers allows thieves to make quick purchases, pinning the loss on merchants, which do not get paid when the charge is discovered to be fraudulent. Identity theft experts said credit card numbers, even those that are canceled, have value because they can be used to help establish the credentials of a thief seeking to pose as a consumer to obtain other sensitive personal data.

Officials at MasterCard and Visa accused CardSystems of not meeting agreed-upon computer security standards. Peirez said CardSystems is being given a short time to make corrections.

"We have requirements," Peirez said. "In this case, it does not seem those standards were being followed."

Visa spokeswoman Rhonda Bentz said CardSystems did not comply with Visa's security rules when the breach occurred, though she would not elaborate on what went wrong.

In a written statement, CardSystems said it discovered the breach on May 22 and notified the FBI the next day.

"We are sparing no effort to get to the bottom of this matter," the statement said.

Bentz said Visa did not announce the breach, which it learned about in the past two weeks, because "we have an agreement with the FBI that we do not make an announcement in the middle of an investigation . . . and we hope MasterCard's jumping the gun does not do anything to jeopardize the investigation."

An FBI spokesman declined to comment other than to confirm that the agency is working on the case.

The breach is the latest in a spate of such announcements from a variety of organizations, including banks and companies that buy and sell personal data, universities and government agencies. In some cases information was lost, in others stolen, but the breaches have put identity theft atop the list of priorities for several members of Congress. Many of the cases involved Social Security numbers.

"Hardly a week goes by without startling new examples of breaches of sensitive personal data reminding us how important it is to pass a comprehensive identity theft prevention bill in Congress quickly," Sen. Charles E. Schumer (D-N.Y.) said in a news release.

Peirez said MasterCard supports extending data security laws that apply to financial institutions to any entity that handles consumer information, such as transaction processors and data brokers.

MasterCard also supports a national law requiring that consumers be notified when their information is breached and there is significant risk of identity theft.

But Dan Clements, chief executive of CardCops.com Inc., a privacy protection organization, said financial institutions lack any incentive to take more responsibility for the problem.

Not only do credit card companies and banks that issue cards bear no losses for fraudulent purchases, but banks charge merchants for reversing unauthorized charges.

"It's a revenue stream for them," Clements said.

2007-10-08T11:29:00.001-07:00

Postal Inspectors Fighting Fake Check Fraud

MIRAMAR, Fla. -- The United States Postal Inspector Service is waging a cyberwar against a growing breed of con artists who are using the Interent to rip off Americans.

On Thursday, Miami's postal inspector general displayed thousands of bogus checks confiscated in the mail this year.

Davie resident Michael Copolla said a person in the United Kingdom is trying to swindle him right now. Copolla recently advertised a dining room set for sale on a classified advertising Web site. He said a man in England sent him a check for five times the amount he was asking, then called to say he accidentally sent the wrong amount. Copolla said he was told to cash the check, keep the money for the furniture and send back the rest.

"He keeps calling me telling me to send the money, but there's no doubt in my mind that his check is going to bounce," Copolla told Local 10's Roger Lohse.

Investigators for the U.S. Postal Inspector Service have arrested 77 people as part of a global fraud crackdown, which has intercepted more than $2.1 billion in counterfeit checks bound for the United States since January. The eight-month investigation involved schemes in Nigeria, the Netherlands, England and Canada. It has stopped more than 500,000 fake checks from being mailed to U.S. citizens.

The problem has become so rampant that the U.S. Postal Service has created a new Web site to educate the public on check fraud.

Postal inspectors said the Internet has become a haven for cyber crooks to work their scams.

"In the last 20 something years we have that doubled-edged sword called technology where we've now gone into hyper mode, they can reach out and touch more people quicker," said Henry Gutierrez, Miami's U.S. postal inspector general.

http://www.local10.com/

2007-10-08T11:15:00.000-07:00

Conference addresses check fraud investigation

ST. LOUIS - During an eight-month investigation, the United States Postal Service intercepted $2.1 billion in counterfeit checks intended for American consumers.

To address this investigation and its results, the United States Postal Inspection Service held a news conference Wednesday. This investigation marks the most money in counterfeit checks intercepted by the USPS.

The effort by the USPS involved investigating check fraud coming from Nigeria, the Netherlands, England and Canada. Investigations in these countries led to stopping more than 540,000 checks from being mailed to Americans and the arrest of 77 people.

Postal inspector Don Washington, who works out of St. Louis, recently returned from 34 days of working with the Nigerian government in the worldwide investigation of counterfeit checking scams.

"I think the Nigerian government has recognized some of the problems in their country," Washington said.

Postal inspector Dan Taylor spoke about the frequency of check fraud that originates overseas and targets American consumers. He said more than 18 percent of Americans either fall victim to check fraud personally or through their family. In the St. Louis area, the two most frequent check fraud schemes are a fake foreign lottery or a job processing checks for a foreign company.

"There are victims worldwide, but United States citizens are often targeted because United States' citizens have money to part with," Taylor said.

Taylor and Washington included a video testimonial that focused on the need to avoid the shame and guilt people often feel after being victimized by check fraud in their presentation. The video included a personal testimonial of a woman who lost her sister to suicide after her sister had lost $40,000 by falling for a false international lottery.

Miss Missouri 2007 Lindsay Casmaer spoke at the conference about a friend who fell victim to check fraud during college. Casmaer said her friend was trying to make money for a trip to Europe. Although she was abroad, Casmaer's friend realized her bank account had been entirely emptied.

"The bank was kind enough to return her money, but it was a long process and one that doesn't occur very often," Casmaer said. "She was lucky."

Although check fraud continues, both Casmaer and Taylor said this campaign will help decrease check fraud in the United States.

"I think counterfeit checks will continue, but it's an avoidable crime of what to look for," Taylor said.

http://www.themaneater.com

2007-10-08T11:14:00.000-07:00

Jones pleads guilty to lying in check-fraud scam

NEW YORK (AP) -- Cheating charges have dogged Marion Jones for years. Less known is her role in a multimillion-dollar check-forging scheme that ensnared her ex-boyfriend, sprinter Tim Montgomery.

The case, which resulted in a guilty plea by Jones on Friday, had its roots in the spring of 2005.

At the time, both star athletes were dealing with fallout from the BALCO steroids investigation. Jones was being investigated by the International Olympic Committee, and Montgomery had been charged by the U.S. Anti-Doping Agency with using performance-enhancing drugs.

Amid these problems, Montgomery somehow fell in with a convicted drug dealer in Norfolk, Va., who suggested a way to make easy money: All he had to do was cash a few big checks for some associates in New York.

Over the next few months, Montgomery would pick up at least $20,000 in commissions for depositing checks delivered by this New York crew, which turned out to be a ring of counterfeiters.

Prosecutors said Montgomery also recruited friends to help, including his track coach, the Olympian Steve Riddick, and his agent, Charles Wells.

The scheme didn't last long. Bank investigators quickly discovered the checks were bogus. In one case, the fraudsters in New York had altered a check for $7.12 to make it look like it had been written for $575,000. Another check for $31 was changed to $850,000.

Jones' involvement appeared to be peripheral.

The main evidence connecting her to the case was a $25,000 check that Montgomery had given to her in late April or early May of 2005. This check, unlike the others, was real, but it was drawn on an account established with the proceeds of the counterfeiting scheme.

Prosecutors never publicly accused Jones of wrongdoing for accepting the check, and when criminal charges were filed against Montgomery, Riddick, Wells and a long list of other conspirators in 2006, she was not among the defendants.

Her name also was excluded from court records. An indictment that mentioned the $25,000 check referred to her only as a "close associate of Timothy Montgomery."

As the case played out in the courts, Jones initially seemed to have evaded trouble.

Montgomery pleaded guilty in April to criminal conspiracy and could face more than three years in prison when he is sentenced. Wells, also an agent for Jones, pleaded guilty to bank fraud in March. Riddick was convicted in May of conspiracy, bank fraud and money laundering.

But on Friday, Jones joined the list of the implicated. She pleaded guilty to charges that she lied to federal agents who questioned her twice in 2006 about the check-forging scam.

During those interviews, she said she had no knowledge of the $25,000 check, or of a larger $200,000 counterfeit check Montgomery had deposited in a bank account they co-controlled.

She also told the agent she did not know of Montgomery's involvement in this scheme.

"In fact, I did," she told the court.

http://www.sportingnews.com

2007-10-08T11:09:00.001-07:00

Wineke: Let's stop paying for Iraq with credit card

Would you be willing to increase your federal tax burden by 2 percent to support our troops in Iraq?

How about 12 percent, or 15 percent?

U.S. Rep. Dave Obey, D-Wausau, thinks that if we want to fight a war, we ought to be willing to do something to pay for it -- like pay for it.

He, along with Rep. John Murtha, D-Pa., and Rep. James McGovern, D-Mass., have suggested placing a "surcharge " of between 2 percent and 15 percent on federal taxes to pay the $150 billion the Iraq war is expected to cost next year. Rich people would pay more; poor people would pay less; most of us would pay something.

From the bipartisan reaction to his proposal, you would think Obey had set off a stink bomb at a flower show.

Republicans, whose current answer to any problem seems to be to cut taxes and borrow whatever money is needed, reacted typically, accusing Obey and all Democrats of lusting after tax raises.

But Democrats were no more enthusiastic. House Speaker Nancy Pelosi, D-Calif., responded by castigating President Bush for asking "no sacrifice from the American people except from our men and women in uniform and their families " and then went on to reassure us she doesn 't think a tax hike would be a sufficient "sacrifice. "

In other words, all of us, Democrat and Republican alike, "support the troops " but few of us support them so much we 're willing to give up even one thin dime to pay for their service.

Obey, however, is right.

If we want to take the nation to war, we ought to be willing to pay for that war, not just put it on a credit card.

It is becoming increasingly clear the war in Iraq is going to continue for years. It may not continue at its present level, but it will continue -- and it will continue to cost a lot of money.

The question is not whether we will spend that money. The question is whether we will pay for the war ourselves or just add the cost to the debt load we are leaving our children.

We 're leaving those children quite a legacy of irresponsibility as it is.

The nation 's infrastructure is crumbling and badly needs replacing. We have to replace water mains in our cities; we have to replace our roads and our airports. We need to think about what we will do to respond to the devastation promised by global warming (denial will work just so long).

The number of elderly people in our society is doubling and they will put an increasing burden on the nation 's health services and will, if we don 't act, bankrupt the Medicare program.

And, of course, the world doesn 't stand still. Al-Qaida is not the only group in the world that doesn 't like us. Sooner or later, some new enemy will test our resolve.

We are leaving our children plenty to handle. The least we could do is pay for this war so they aren 't stuck with it, too.

Contact Bill Wineke at bwineke@madison.com or at 608-252-6146.
http://www.madison.com/wsj/

2007-10-08T11:06:00.000-07:00

When you sign up for a credit card, you sign up for arbitration

Would you agree to let someone arbitrate your dispute with a credit card company if you knew he or she almost always decided in favor of the company?

Thousands of consumers do that every day when they sign up for a credit card, says Public Citizen, a national consumer group.

Buried in the fine print is an implied agreement to submit any dispute to binding arbitration. That means you can’t go to court and have a jury decide your case.

Instead, you have to accept an arbitrator that the company chooses — and in many cases pays for.

Reviewing data made public in California, the study found that a major arbitration firm, the National Arbitration Forum, ruled against consumers 95 percent of the time.

The study, which reviewed 19,000 of 34,000 cases involving credit card and collections disputes, supports two bills in Congress that propose changes to ensure consumers are treated fairly.

“The results of mandatory arbitration demonstrate a stunning bias against consumers,” said Laura MacCleery, director of Public Citizen’s Congress Watch Division. “These are agreements buried in the fine print most people don’t even know they are consenting to.”

Business officials, however, dispute the findings, contending that they more reflect a bias toward the trial attorney lobby.

“The plaintiffs’ lawyers’ attempt to undermine the arbitration system is not about justice for consumers, it is about growing the size of their own pocketbook,” said Lisa A. Rickard, president of the U.S. Chamber Institute for Legal Reform.

The American Banking Association said the Public Citizen study fails to say “that arbitration is one of the fairest, most efficient methods for resolving complex disputes between consumers and businesses of all kinds, including lenders.” The ABA said the report varies wildly from previous reports.

In fact, industry-supported studies have found that more than half of respondents find arbitration a faster and more efficient forum for resolving disputes.

But the Public Citizen study is one of the first to focus extensively on mandatory binding arbitration. And while it looked only at credit card cases, it has broad implications because binding arbitration is embedded in many consumer contracts covering everything from cell phones to cars.

For its part, the National Arbitration Forum issued a statement saying: “Consumer outcomes in arbitration are the same as in court.” It also said: “Judges review arbitration awards to make sure they are fair.”

But Mitch Stoddard, a St. Louis lawyer who has had cases before the National Arbitration Forum., disputes that.

It’s hard to appeal or get a court review, he said, mainly because the consumer has already agreed to be bound by a finding. “It really comes down to what role we want the law to play in protecting consumer rights,” said Stoddard, noting that the forums are not bound by traditional rules of evidence.

Even so, there is a valid argument that arbitration, when handled fairly, can be more efficient than going to court.

One problem, though, is that a potential conflict of interest exists when the companies that choose the arbitrators also finance their salaries, said Johnson County real estate lawyer Max Gordon.

But consumers have no way of knowing in advance whether the process is fair because it is cloaked in secrecy.

Indeed, the Public Citizen study is unique because it reviewed data only recently made public in California, which remains the only state that allows public disclosure of arbitration statistics.

Even industry sources agree that binding arbitration should be made more transparent. They say some arbitrators follow consumer protection guidelines. But some don’t.

Michael Geigerman, managing director of United States Arbitration and Mediation Midwest Inc., said consumers should be assured that their arbitrator is neutral. “One question you’d want to ask is, ‘How many cases have you arbitrated for a company, and what were your decisions in those cases,’ ” he said.

Right now, only the companies can know that — putting consumers at a disadvantage.

Paul Wenske's In Your Corner columns appear Sunday in The Star's MoneyWise section. To reach him, write in care of the business desk at 1729 Grand Blvd., Kansas City, MO 4108, call (816) 234-4454 or send e-mail to pwenske@kcstar.com.

2007-10-08T10:59:00.000-07:00

Sharon man sues over tactics used to collect credit card debt

A Sharon man, sued locally over an alleged credit card debt, has turned around and filed a federal suit against the company that bought the debt and the law firm that tried to collect it from him.

Marco Paoletta Jr., 484 Hawthorne Place, Sharon alleges the defendants, who include Hudson and Keyse LLC, a debt collection agency, and attorney Ronald Amato and his firm, Amato and Associates, all of Bethlehem, Pa., violated the federal Fair Debt Collection Practices Act and the Pennsylvania Fair Credit Extension Uniformity Act by engaging in abusive, deceptive and unfair practices.

He also alleges Amato and Hudson and Keyse were negligent and intentionally inflicted emotional distress against him.

Amato, on behalf of Hudson and Keyse, sued Paoletta on Aug. 30, 2006, in Mercer County District Court, Sharon, alleging that Paoletta had defaulted on credit card debt for a card issued by Chase Manhattan Bank. Hudson and Keyse acquired the debt, and sought $8,000 in principal and interest.

Paoletta, who disputes the debt, notified the court that he wanted to defend himself, and a trial date was set for Sept. 29, 2006. Paoletta said he took off work and drove “600 miles from above Scranton, Pa.,” to attend the hearing.

On the day of the trial, Amato sent a letter to District Judge James E. McMahon saying he should grant judgment to Amato/Hudson and Keyse if Paoletta did not attend. The letter also said Hudson and Keyse will not be able to provide a witness and that judgment should be granted in favor of Paoletta if he shows up.

McMahon granted judgment in favor of Paoletta.

Paoletta alleges Amato and Hudson and Keyse had no intention of attending the trial, and tried to use the local court as an “indirect debt collector.”

Two days after the trial date, Paoletta said, Paoletta and Amato reached an agreement over the telephone that he would not file a federal suit if Hudson and Keyse does not appeal McMahon’s decision and removes any negative account reports concerning the alleged debt from Paoletta’s credit statement.

Amato sent Paoletta a draft-written agreement that did not include any of Paoletta’s terms, Paoletta said. Amato told Paoletta that Paoletta’s terms from the verbal agreement would be binding.

During future calls to Amato, the relationship deteriorated. On Sept. 25, 2007, Amato “abused” Paoletta by yelling at him to stop calling and harassing his employees, threatening to call the FBI and saying that Paoletta “better get yourself a good damn lawyer,” Paoletta said.

Paoletta, who filed his suit Sept. 27 without an attorney, is seeking unspecified damages, costs and attorney’s fees.

By Joe Pinchot
Herald Staff Writer
http://www.sharonherald.com

2007-10-08T10:54:00.000-07:00

Online credit card fraud continues to rise

While credit card fraud in the UK has decreased, CNP fraud has risen considerably, according to figures recently released by the Association of Payment Clearing Services (APACS).

Losses from card-not-present (CNP) transactions are up 44 percent on the same period last year, reports APACS. The total loss is around $280 million. However, to put these figures into context, the increase in online shoppers has to be taken into account.

“Losses from online, phone and mail order shopping fraud have continued to increase year-on. However, this increase has to be seen in the context of increasing numbers of people shopping online and ever-growing numbers of online transactions,” said APACS in a statement.

The introduction of chip-and-pin in the U.K. has managed to decrease domestic credit card fraud, however the criminals are now looking overseas to countries with no such protection. U.K. retailers have seen a drop of 11 percent in losses and ATM’s losses are down a massive 57 percent.

Meanwhile online banking fraud losses fell by 67 percent in the first half of 2007, which indicates that the fraud-prevention methods put in place by British banks are having a positive effect.

http://www.bizreport.com/authors/helen_leggatt.html

2007-10-08T10:42:00.000-07:00

Yatra, Barclays to launch online travel credit card

NEW DELHI: Travel services company, Yatra Online and global financial services provider Barclays will soon launch the Yatra Barclaycard, an online-travel co-branded credit card and a multi-carrier frequent flier programme.

The card offers attractive travel benefits and rewards, and is tailor-made to keep pace with the rapidly growing demands of frequent business and leisure travellers, Yatra Online Services CEO and Co-founder Dhruv Shringi said in a statement.

The Yatra Barclaycard is designed for the fast growing group of Indian travellers offering wide global acceptability, flexibility on credit limits and billing dates, while the Yatra Miles programme offers travel-related benefits.

"The range of cards especially targeted at Indian travellers who are increasingly using online travel services without having their spend rewarded," Barclays Bank PLC Head of Cards-India Kusal Roy said.

http://economictimes.indiatimes.com

2007-10-08T10:41:00.000-07:00

What to do when your credit card has been used without your knowledge

The internet is a fantastic thing, but sometimes it is possible for it to jeopardise your finances. This is especially true if you use your credit card for online shopping. There are so many fraudsters out there who are looking to steal your details and they do find extremely clever ways of getting to them. This means that it is possible for your card details to potentially be used against your knowledge and that can mean that you end up in a lot of trouble financially.

So what can you do if this happens to you? Well ideally you will take all possible precautions so that it does not happen, however if it does then the best thing to do is not panic and contact your credit card provider. By contacting your credit card provider you will be able to put a stop to your card before the details can be used again. They will also be able to advise you of what to do next. More than likely you will get a new credit card through the post with different details. You will also be told to contact the police.

However the police do not always take notice of credit card fraud. They simply do not have the resources to deal with a lot of fraud that occurs online and so it is likely that you will not get your money back. However, more power has been given to banks now so that they can work on your behalf to recover any money that you may have lost.

Sometimes your credit card details may even be used without your knowledge on websites that you visit. Whilst this isn’t particularly common, it can happen and if it does then you need to understand that it is illegal. So if you are presented with a bill for something you have not purchased, contact both your credit card provider and the company claiming that you owe them money.

Overall credit card fraud is fairly common and so it is vital that you prevent your details from being stolen in the first place. Obviously you cannot always prevent fraudsters from getting hold of your details, but you should still try your best to prevent it from occurring anyway.

http://www.creditcards-gb.co.uk

2007-10-08T10:40:00.000-07:00

Credit Defaulters Fall to Pre-Card Crisis Level

The number of credit delinquents has dropped to the level of the pre-credit card bubble in late 2002 as many have recovered their credit worthiness through state-run debt workout programs.

According to the data submitted to the National Assembly by the Ministry of Finance and Economy Sunday, credit defaulters stood at 2.7 million as of the end of June, down 91,000 from late last year. The number peaked at 3.72 million in 2003, sharply up from 2.63 million in 2002. Then, it gradually fell to 3.61 million in 2004, 2.97 million in 2005 and 2.79 million last year.

A ratio of credit delinquents to the economically active population came to 7.7 percent in June as peopled aged 15 to 64 totaled 34.9 million. It is down from 8.6 percent in 2005, 10.9 percent in 2002 and 7.7 percent in 2002.

Following the 1997-98 Asian financial crisis, the then Kim Dae-jung administration eased rules on credit card issuance to prop up domestic spending. Card firms indiscriminately issued plastic to university students and others without properly checking their payment abilities.

But the credit card bubble burst in late 2002, creating millions of credit delinquents. Also, card issuers faced a liquidity crisis because of snowballing overdue card bills and had to be rescued by the government through public funds.

The credit defaulters have been marginalized from social and economic activities because of poor credit records. In 2005, the government abolished the credit delinquency registry, as people on the black list had become a major social problem.

Instead of the credit defaulter registration system, the government adopted a seemingly less harsh scheme conducive to a more sophisticated rating system to give a second chance to the stigmatized people.

Those who had over 500,000 won in overdue debt for three months or more, for example, were registered as ``financial debt defaulters.''

http://www.koreatimes.co.kr

2007-10-08T10:27:00.000-07:00

Hackers steal credit card numbers and billing addresses of Ticketmaster customers in Germany free RSS feed from Security Park

Hackers have stolen credit card numbers and billing addresses of 66,000 customers who purchased tickets with a credit card from the Kartenhaus.de website between October 2006 and September 2007. Kartenhaus is based in Hamburg and sells a wide range of tickets for shows throughout Germany as well as artist merchandise, music and videos.

Ticketmaster, the parent company, advised customers to "check your credit card bills as soon as possible to identify any irregularities or abuse".

Paul Davie, founder of Secerno, commented "It is even unlikely that the sort of authentication and encryption solutions required by PCI compliance would have done anything to stop this breach. This just goes to prove the importance of proactive security and predefined policies that can understand the normal behaviour of those accessing the database, and allow intelligent anomaly protection. New technologies exist to enable this and should be adopted without delay."

http://www.securitypark.co.uk

2007-10-08T10:23:00.000-07:00

Restaurants up efforts to beat card crime
By Jade Witten, Zara Nicholson and Lavern de Vries

Cape Town restaurants are being encouraged to fork out about R6 800 to buy portable hand-held credit card machines to protect their patrons from falling victim to credit card criminals.

The arrest last week of 11 waitrons nine from Canal Walk and two from Milnerton in connection with credit card skimming has served as a wake-up call to the industry, with Fedhasa (the Federated Hospitality Association of South Africa) reminding establishments of their duty to protect patrons from credit card scams.

The suspects, aged between 21 and 32, were due to appear in the Cape Town Magistrate's Court today.

A spot survey in the city revealed that restaurants were improving their efforts to prevent credit card crime.

If they did not have the hand-held device that enabled transactions to take place at a patron's table, then patrons were encouraged to leave their table to watch the transaction taking place at the fixed device pay point at the till.

Skimming, which is one of many constantly-changing methods used by credit card criminals, is conducted with a hand-held swiping device that duplicates all the information on the magnetic strip of a credit card.

The criminal then copies this onto a blank card and this card becomes as effective as the original.

The Cape Town Fish Market restaurant in Canal Walk reported that its use of portable machines had limited the possibility of fraud.

"This machine safeguards our clients and the business itself," said co-owner Malcolm Royston.

Royston said fraud had previously occurred at the restaurant, but "this was mainly when a card was used more than once".

Dilshad Karriem, manager of the Spur in Observatory, said after they fired a waiter who was believed to have committed fraud two months ago, cameras were installed directly over the front desk and the manager on duty supervised transactions.

"But nine times out of ten people come to the counter to pay themselves," she said.

However, one restaurant manager in Tyger Valley who did not want to be identified complained that the portable machine was "not cost effective".

"It's a very expensive machine and if a waiter should drop it, it will set us back R6 800," the manager said.

Several restaurants in the V&A Waterfront said they had stepped up security measures after various skimming offences last year.

Ocean Basket improved security after dismissing one of its employees.

"We check cards regularly to see if there are any irregular large amounts. We also ask the waiters to keep copies of the bills to see if anything corresponds and recently we obtained portable machines so that the patrons can see exactly what the waiter is doing," a manager said.

The restaurant also recently acquired a hand-held device.

An Ocean Basket manager - who declined to be named - said that not all establishments were willing to install these devices.

"Sometimes they are not available and they do break quite easily, so maybe certain restaurants don't want to use it because of that.

"There might also be a cost implication because we have to rent the machines from the banks, but we can assure patrons that since we've been using it, no fraud has occurred," he said.

Cape Town Fedhasa chairperson Nils Heckscher said the issue was as a "matter of urgency" and the arrests last week could be used as a "springboard" for discussions to re-align employment practices.

"We will talk with financial institutions to jointly draw up an action plan to eradicate this problem," he said.

Rey Franco, chairman of the Cape restaurants segment of Fedhasa, said consumer assurance and protection for credit cards were "paramount".

"We are re-enforcing the already strict stance on thorough personnel recruitment and firm encouragement for use of portable credit card machines in establishments," he said.

http://www.iol.co.za/

2007-07-13T12:05:00.000-07:00

Prevention tips

The best way to reduce your losses is to avoid taking bad checks. The following tips are suggestions to help you establish good procedures for accepting checks.

Institute a check acceptance policy: A clearly posted check acceptance policy for your employees and customers can go a long way toward reducing your losses. Policies should state which types of checks are accepted and should include the consequences to bad check writers.

Confirm the identity of the check writer: All identification cards can be forged. The most reliable form of I.D. is one that contains a photo and a physical description. Take the I.D. in hand and write the I.D. number, birth date, address and other descriptive data on the front of the check. Ask questions. If the I.D. does not belong to the person writing the check, they might be thrown off guard.

Avoid accepting checks written on a new account: About 85 percent of all bad checks are written on accounts only a few months old and bear check numbers between 101 and 150. Use caution. Do not accept counter drafts.

Get someone’s John Hancock: The signature should be legible and signed in the presence of the individual accepting the check. Do not accept previously signed checks. For a company check, it is vital that the signature is legible. If not, print the individual’s name on the front of the check.

Return to sender: The complete address should be imprinted on the check. Require a street address, in addition to a P.O. Box number. Obtain a phone number as well.

Accept checks only written with today’s date: Pre- or post-dated checks are not accepted in the Bad Check Restitution Program and cannot typically be criminally prosecuted. This restricts any recourse you might have against the check writer if your collection attempts fail.

Make sure written amounts and numbers correspond: Banks will not honor checks with discrepancies between written amounts and numbers.

Avoid accepting checks drawn on an out-of-state bank.

Remember, you are not required to accept a check from anyone. If you feel uncomfortable or suspicious, trust your intuition.

Source: El Paso and Teller Counties Fourth Judicial District Bad Check Restitution Program

2007-07-13T12:01:00.000-07:00

Battling the big bounce
Banks, businesses see increase in counterfeit checks
July 13, 2007

Bogus cashier’s and business checks are becoming big business for counterfeiters.

From July 2 to 5, more than 25 financial institutions contacted the Federal Deposit Insurance Corp. to report that counterfeit cashier’s checks bearing the bank’s name are in circulation. (See this week's Banking & Finance for a complete listing.)

The FDIC issued a special alert June 21 saying it has been receiving an increasing number of reports from financial institutions, businesses and consumers that counterfeit business checks are in circulation. The FDIC does not send individual alerts for counterfeit business checks because there are too many.

These reports are just the tip of the iceberg, because banks are not required to report counterfeit problems to the FDIC and most problems are handled in-house.

More than 2.7 million suspicious activity reports were filed by depository institutions to the Financial Crimes Enforcement Network from 1996 to 2006. In 2006, there were almost 600,000 suspicious activity reports, which is more than nine times the number of reports filed in 1996. Check fraud is the second most reported suspicious activity.

In Colorado, there were more than 40,000 suspicious activity reports filed with the FCEN from 1996 to 2006, which was among the top 20 nationwide.

There were eight times more suspicious activity reports filed in 2006 than there were in 1996 in Colorado.

Colorado Springs-based Peoples National Bank is seeing a rise in fake checks, said Debbie Ball, the bank’s director of operations and retail.

“Our people, by talking to customers and asking them a few questions, are usually catching them before they deposit them,” she said. “But there’s an awful lot of them out there because there are just more scams going on out there.”

The Colorado Springs Police Department, which handles counterfeit check scams locally, has not seen an increase in the number of cases, but that doesn’t mean it isn’t a problem, said Sgt. Randall Johnson, who supervises the financial crimes unit.

“Hardly a day goes by that a report or two of that nature doesn’t cross my desk,” he said.

The counterfeit checks are being used in connection with consumer scams. In many cases, counterfeit business or cashier’s checks are included with correspondences that describe an artificial purpose, and instruct the recipient to cash the check and send a portion of the money via wire transfer to a third party.

Scams that make use of counterfeit cashier’s or business checks typically involve bogus lotteries, sweepstakes or contests, and overpayment for merchandise — often purchased online.

In recent examples, counterfeit checks have displayed the names of well-known and recognizable businesses, according to the FDIC. In other examples, they have displayed the names of what appear to be small or nondescript businesses; but, the check has the routing number and account number used by a financial institution.

Many of the fraudulent checks have misspelled words, the wrong routing number or are missing information normally found on genuine cashier’s checks, Ball said.

“Cashiers checks are seen as being as good as cash, but that’s no longer the truth because now it’s so easy to make counterfeit checks,” she said.

The scam works because people assume that a cashier’s check is as good as money and criminals prey on that assumption, said Rebecca Clark, general council with Professional Bank Service.

Unfortunately, the victims of crimes that involve cashier’s checks rarely get their money back.

“Probably 100 percent of losses sustained locally never get any money back,” Johnson said. “It’s almost impossible for municipal jurisdictions to follow these cases because they are on an international scale.”

Peoples National Bank, which has branches in Colorado Springs, Monument and Leadville, has increased training for tellers about how to recognize counterfeit checks.

Employees attended a seminar conducted by Professional Bank Services Inc., a Kentucky-based company that has been providing consulting and educational services to the financial industry since 1978.

It was the first time Professional Bank Services had hosted a program about check fraud, Clark said.

“There are more and more counterfeit cashier’s checks out there. Criminals are always one step ahead and have found various ways to reinvent these scams and make them appear legitimate,” she said. “We saw this as a very prevalent topic and wanted to train bankers and teach them how to educate their customers.”

Bank trade agencies and the FDIC work with financial institutions to educate the public about scams. The FDIC will be launching a database later this year at www.fdic.gov which will allow bankers to quickly determine a check’s authenticity using modified search engines.

Information about counterfeit items, cyber-fraud incidents and other fraudulent activity should be forwarded to the FDIC’s Cyber-Fraud and Financial Crimes Section, 550 17th Street, N.W., Room F-4004, Washington, D.C. 20429, or e-mailed to alert@fdic.gov.

Sarah.Colwell@csbj.com

http://www.thepbj.com/

2007-07-13T11:10:00.000-07:00

Credit cards cut off gas purchases
IEVA M. AUGSTUMS AP Business Writer
June 15,2007 11:07:33 AM

CHARLOTTE, N.C.—So you're at the gas station filling up your vehicle, and without warning the gas pump shuts off. What? The tank isn't full, and you know your credit card isn't over its limit.

"Using my Visa card, I commonly hit a limit and I would be standing there scratching my head," Shawn Bloomfield, who pumps premium gas into his SUV, said from his home in Allentown, Pa. "I would always assume it is the gas station setting a limit on how much gas I could purchase. It felt like a ration scenario."

As the price of gasoline continues to rise, rules to prevent credit card fraud at the nation's pumps are confusing consumers who just want a full tank of gas.

Caps on transaction amounts—or the total dollar amount of gas a customer can pump into their car—are limiting some drivers of gas-guzzling vehicles.

"When I go to the gas station I now have to use two credit cards just for one tank of gas," said Paul Brisgone of Oxford, Pa. "Kind of defeats the convenience of pay-at-the-pump."

Brisgone, a field operations manager for a telecommunications company, said he alternates between three different credit cards—two Visa and one MasterCard—when filling up the 32-gallon tank in his Ford F-150 pickup.

"When I can go 400 miles a day, it inconveniences me if I need a full tank of gas and can't get one," Brisgone said.

Credit card companies say the policies, which aren't new, are designed to ensure that
Advertisement
merchants and consumers are protected from fraudulent transactions that could occur at a gas pump.

When a customer uses their credit card at a cardholder-activated terminal, such as a gas pump, the transaction is authorized without knowing the final bill of sale.

Typically, consumers who use their credit card are not liable for any fraudulent purchases, and gas merchants are not liable either.

But credit card companies have established a protective layer by setting caps on how much gas a consumer can pump at any one given time.

That means in the event of any fraud, "the merchant is protected from bearing the cost of the fraudulent transaction," said MasterCard spokeswoman Joanne Trout.

But only up to a certain amount.

For MasterCard customers, it's $75. Visa and Discover users have a $50 pay-at-the-pump limit. Transaction limits vary for corporate card holders and American Express users.

Not all gas stations have to abide by the cap. And there are no limits if a customer goes inside and pays with their credit card at the counter.

The caps went unnoticed when gasoline prices were low.

"We get more calls, questions, when gas prices increase," said Visa spokeswoman Rhonda Bentz.

The average price of regular unleaded gasoline increased from $1.50 a gallon at the start of the decade to $2.28 a gallon in 2005, according to the American Automobile Association.

Today, gasoline prices are topping $3 a gallon.

"Yes, it's an inconvenience," said Bloomfield, who often reaches his $50 limit when filling up his Nissan Pathfinder. "I guess you could say it's a necessary inconvenience for more secure transactions."

http://www.mercurynews.com

2007-07-13T11:05:00.000-07:00

Nordea Bank Ab Selects Arcot Systems for Secure Online Payment Implementation
Sunnyvale,California
July 7,2007

The leading bank in the Nordic region, Nordea , has selected Arcot Systems, Inc. to make online payment safer than ever before for their customers. Arcot, a leading provider of secure e-payment and authentication solutions, will provide a comprehensive system called TransFort(TM) to support the bank's implementation of Verified By Visa(TM) and MasterCard® SecureCode(TM) for online payment security. The Arcot system, working with bank-issued smart cards and readers, will provide strong authentication for customers when paying online. Nordea's customers will also use the smart cards and readers to securely access bank accounts online. This marks the first time a bank will use chip and PIN strong authentication for both online payment and banking, and represents an important next step for chip card usage and online security.

Nordea's new online shopping payment security is based on a globally established standard called 3-D Secure, marketed as Verified By Visa, MasterCard SecureCode and JCB J/Secure(TM). Around the world, banking customers rely on this solution to protect payment accounts with a customer-created password that must be presented when paying online. Arcot co-developed, with Visa, the 3-D Secure application and is the leading technology provider now protecting more than 17 million payment accounts, 11,000 banks and 100,000 merchants worldwide. 3-D Secure programs are designed to bring the same level of security to Internet shopping as is available in the physical world by confirming to participating e-merchants that the online buyer is the actual cardholder.

Nordea used extensions to Arcot's TransFort to make online shopping much more secure. Arcot's system works in conjunction with bank-issued smart cards and readers to provide strong, one time password (OTP) authentication for Nordea's customers. When paying, the cardholder first receives a random challenge number from the site. After unlocking the card with a PIN entry on the reader, the customer enters the random challenge. He then obtains a unique number calculated on the smart card microprocessor chip and enters it to complete the payment process. This strongly protects online payment and prevents fraud, because without the card, the reader and the knowledge of the PIN, online payment with the card is not possible.

Arcot's authentication system is compliant with the MasterCard Chip Authentication Program (CAP) 2007 standard and Visa's Dynamic Passcode Authentication for EMV chip-based OTP applications. EMV is a global standard for smart bankcards managed by an organization operated by JCB International, MasterCard International, and Visa International.

"Nordea has always been at the forefront of the e-payment market and Arcot is proud to have such a leading financial services institution choose the TransFort solution," said Elis Nemes, vice president Europe, Middle East and Africa for Arcot Systems. "Sweden has one of the highest consumer adoption rates for online shopping and Internet banking in the world, and the e-security solutions adopted by this country are amongst the world's most robust, sophisticated and advanced. We believe that Nordea will set an example how to gain additional card holder protection in a convenient and efficient way, which many banks in Europe will follow."

About Arcot Systems

Arcot Systems is a leading provider of risk-based authentication, strong authentication, digital signing, and cardholder authentication solutions. The company makes online transactions safe for millions of customers by blocking fraud and protecting access. Arcot technology defends against Internet threats including phishing, man-in-the-middle, and spyware. Its 100% software authentication solutions eliminate the need for hardware tokens and complex login processes providing customers with strong, PKI-based authentication with the simplicity of a username/password interface. Arcot offerings are compliant with U.S. and international standards including 3-D Secure, IdenTrust, SAFE and FFIEC Internet Banking Authentication recommendations. For more information, visit http://www.arcot.com.

Arcot, Arcot WebFort and ArcotID are registered trademarks of Arcot Systems Inc. All other trademarks are the property of their respective owners, and are used for identification purposes only.

For more information visit www.arcot.com.

http://www.earthtimes.org

2007-07-13T11:00:00.000-07:00

Visa Gets More Personal With Data
Courtesy of Information Week
July 2, 2007

Having completed a multi-year upgrade and modernization of its payment processing systems, credit-card giant Visa plans to roll out new, highly customized incentive and reward programs based on more detailed consumer information, including data on purchases, buying habits, and retailer loyalty, company officials said during a tour of the company's central-United States data center.

Crafted two years ago and known as "account-level processing," the plan will enable Visa's payment processing system to manage transactions in real time using the entire 16-digit credit card number, rather than the six-digit bank identification number (BIN) that has traditionally been used. It will allow consumers to carry their account numbers with them if they move up to pricier and more exclusive cards, and merchants to offer new services and benefits, such as loyalty programs, to customers, said senior VP Jim McCarthy, head of consumer products for Visa USA: "This allows us to take a specific action in real time based on consumer behavior at a specific merchant and a specific location."

The shift to account-level processing coincides with Visa's preparation to go public by early next year, a move that is expected to raise billions of dollars to help Visa compete in the increasingly competitive and litigious credit-card processing business.

Last Tuesday, the world's largest credit card network said it had hired Hans Morris from Citigroup Inc. to fill the new position of president of Visa Inc., the new combined entity that will result from the IPO. John Philip Coghlan resigned as president and chief executive of Visa USA, a post he had held since July 2005, the company said.

The move also comes as credit-card processors and financial institutions are under increasing scrutiny and threat of litigation thanks to several massive and well-publicized thefts of consumer credit card information. Earlier this month TJX Companies, the parent company of a family of retailers that includes T.J. Maxx, Marshalls, and other nationwide chains, said it took a $20 million computer-intrusion-related charge for its most recent quarter, related to an IT security breach in which 45 million credit and debit card numbers were stolen. Thieves later used fake cards based on the data to steal $8 million in merchandise from Wal-Mart stores in Florida.

Following huge credit-card data losses from payment processor CardSystems Solutions and from Lowe's hardware stores, the TJX case "was a stark reminder to all of us that such events can have vast reach and consequences," said Coghlan, the former Visa USA CEO, at a data-security summit in March.

Visa has spent five years and hundreds of millions of dollars annually modernizing and upgrading its transaction system, known as Visa Integrated Payments. The company processes some 6,800 transactions per second during the peak holiday season, and its transaction volume is growing at around 20% a year. The central-region data center -- the precise location of which Visa requires visitors not to divulge -- replaced an older data center on the West Coast in 2006 and will process some $1 trillion in transactions this year.

Among other things, the re-engineering of the global authorization engine involved replacing legacy code with new, streamlined software, resulting in a modular architecture that allows Windows Visa to add new functions and deploy new technology on the fly. The Operations Center Central, as the data center is called, is one of two centers in the U.S. and includes Z9 IBM mainframe CPUs running 2500 million instructions per second each, along with disc drives from a variety of vendors. The OCC actually has two separate data center buildings connected by two self-healing SONET rings.

Account-level processing will include sending immediate discount offers and the like to merchants serving eligible customers, to "enhance and improve the customer experience at the point of sale," as McCarthy put it. But Visa will not share actual consumer information with merchants at the edge of its network -- a practice that would automatically increase the risk of fraud since most security breaches take place at the retail level, not in the Visa system proper. While the platform will be able to make instantaneous judgments about customer behavior and qualifications for specific benefits, and alert the merchant based on that information, "the data resides in the same safe walls as all our data does," said Visa spokesperson Elvira Swanson.

The system also will provide what McCarthy calls an "in-flight scoring engine" that rates specific transactions by specific users for the risk of fraud. Using real-time fraud scoring based on certain risk conditions (whether the transaction matches up with past purchasing behavior, for instance), the system can provide a "fraud index" that calculates the likelihood of chicanery. The card issuer can then make a determination about whether to allow the transaction to proceed -- all within milliseconds.

"We build this stuff into the cloud so that issuers and merchants can take action faster," said McCarthy. "It's not good enough anymore to identify negative patterns 15 minutes after the fraud occurs," added Swanson.

The new Visa Inc. will comprise Visa USA, Visa International, and Visa Canada. Visa Europe plans to remain a traditional member association owned by the financial institutions. Visa Inc. will become the third standalone, publicly traded credit-card processor along with MasterCard Inc. and Discover Financial Services LLC. MasterCard shares have more than quadrupled in value since that company went public in May 2006.

Richard Martin, Information Week
http://www.darkreading.com

2007-07-13T10:51:00.000-07:00

Payroll on a card
July 13, 2007

For 71 percent of America's workers, payday means an automatic direct deposit into a bank account. But for as many as 28 million people in the United States who don't have a bank account, payday means cash or a paper check.

Those paper checks aren't convenient for so-called "unbanked" people, who end up paying exorbitant fees to cash a check or pay bills. And it's not great for employers, either, who pay $1 to $2 per paper paycheck and up to $9 to replace one if it's lost.

An increasing number of employers are now finding a solution in a new type of plastic: The payroll card, a pre-paid card that employees can use just like a regular ATM/debit card, and employers can reload with the same ease as direct deposit into the bank.

"Better, faster, safer, more secure," is how William Dunn of the American Payroll Association describes the payroll card option. The association estimates 4 million paychecks are lost or stolen annually.

Electronic payments

"The pay card helps employers increase the number of electronic payments they make to employees," Dunn says. "You don't have to deal with check fraud; if they lose a pay card, it's easier to replace; and it's really good for the employee as well."

Similar to ATM cards, people using the payroll cards to withdraw money are subject to fees at ATM machines not in their network. The money is debited directly from their card accounts.

Employees benefit because they no longer have to pay $5 or $6 fees to cash their paychecks, said Tom Crowder, Discover's general manager of prepaid products. Employers benefit because they save money by depositing money directly into the card account instead of cutting a check every week. (It can cost as little as 20 cents to issue a payment through a card, studies from VISA have shown.)

Brad Kosderka, 29, of Hattiesburg has been receiving a pay card from Manpower Inc., staffing agency for the past several months. He does not have a checking account, and said that his card is much more convenient than paper checks in a variety of ways.

"Initially, I was just getting paychecks, which is hard because you've got to cash the check, and then you've got to run around and pay your bills," he said. "With the card, money is put on there - by Wednesday morning my money's on there - and I can call and just pay my bills (over the phone), so I don't have to worry about that on my day off."

And, he said, the card makes it easier to keep track of his purchases with a statement at the end of the month.

"Nowadays, trying to get a paper check cashed, especially without a checking account, is nearly impossible," he said. "This allows me not to worry about this; my money's on my card. I don't have to carry around cash until my day off."

Leslie Dean, the Hattiesburg branch manager with Manpower, said that many of her employees have begun using the card since they were first offered around three years ago.

"The benefits are really to our employees," she said. "A lot of people are hesitant to have their payroll sent in the mail for security reasons if they have a mailbox. It is a benefit to them and also they receive their pay quicker."

Discover also benefits by having more branded cards in the hands of more consumers, said David Robertson, publisher of the Nilson Report, a newsletter on the payment cards industry.

Pieces of plastic

"If you're a card company, you're looking to get as many pieces of plastic out there with your name on it" as possible, Robertson said. "There is an opportunity to put a payment card into the hands of America's poorer population. They are cash-oriented spenders and this is a way to maybe make them card-oriented."

Card issuers can also gather data on cardholders over time, learning more about their spending patterns and habits, Robertson said. That allows card issuers to eventually use that information to develop and market new products in the future.

Employers loaded about $6.3 billion on about 1.5 million payroll cards in 2005, according to the Mercator Advisory Group, a Waltham, Mass.-based payments industry research firm. Those numbers are expected to increase to 3.2 million cards and $12.1 billion in payments by the end of 2007, and could reach 4.6 million cards with $17.4 billion in payroll deposits by the end of 2009.

It's not only the unbanked population that uses the cards, says Tim Sloane, who directs the Mercator Group's debit and prepaid advisory practice.

Employers also like to use payroll cards when an employee is part-time or works on an as-needed basis, if the employee moves around a lot, or if payments are irregular, such as with contractors or salesmen who earn variable commissions, Sloane said.

JPMorgan Chase & Co. issued its first VISA-branded payroll debit cards in the late 1980s, said Ted Grunberg, the New York bank's product manager for prepaid products.

But only in the last three years have the cards really taken off, Grunberg said. He attributes that to consumers' increasing comfort with plastic. Now more than 1,000 employers - from large corporations to mom-and-pop shops - use Chase's VISA-brand payroll cards, Grunberg said.

"People are getting used to this," he says. "Gift cards have just flown through the ceiling."

Hattiesburg American reporter Kelly W. Brown and Leslie A. Pappas of the (Wilmington, Del.) News Journal contributed to this report.

http://www.hattiesburgamerican.com
Hattiesburg American reporter Kelly W. Brown and Leslie A. Pappas of the (Wilmington, Del.) News Journal contributed to this report.

2007-07-13T10:41:00.000-07:00

Alert for Visa card security
DAVID KILLICK
July 13, 2007 12:00am

HUNDREDS of Tasmanian Visa card holders have been told to cut up their cards after a security breach in Sweden.
Computer tapes containing card holders' details nationwide were among items in a car stolen from a Swedish data processing company in May.

Many Australian financial institutions are affected, but only some are notifying customers.

Islandstate Credit Union has written to card holders this week warning them to cancel cards and to report unauthorised transactions.

"Your islandstate Visa card details may have been compromised on or after May 25, 2007, due to a possible data breach in Sweden," it says. "As a precaution your Visa card needs to be cancelled and a new card issued."

Islandstate credit union spokeswoman Marsha Cadman said fewer than 5 per cent of the credit union's 80,000 customers were affected.

No instances of fraud had been reported and the credit union was taking a precautionary approach, she said.

"This is not an issue our members should be concerned with. It impacted only a small number of members.

"Some other financial institutions on the mainland haven't cancelled cards, they've just let it go, some of them cancel them immediately.

"We prefer to take the middle ground and say check the card, make sure there's no transactions, and we encourage you to come in and cancel."

Abacus Australian Mutuals manager for financial crimes Leanne Vale said there had been no reports the stolen data had been used in crimes.

"It's a low risk event," she said. "Our credit unions are very prudent and they will always err on the side of caution and will reissue cards and contact card holders and maintain a high level of interaction with their customers. Other financial institutions may not choose to do that."

Australian Bankers' Association chief executive David Bell said banks were aware of the breach and were monitoring customers' accounts.

Visa International spokeswoman Pauline Hayes said card holders were protected against any unauthorised purchases by a zero-liability fraud protection policy.

http://www.news.com.au

2007-07-13T10:37:00.000-07:00

Can I have your money please?

Warning worth reading.. I, personally have encountered the first type but not the second one. Whatever it is, be very careful when it comes to your credit card. Alternatively, never entertain all those sales’ cold calls from telemarketers.. (Sorry folks, for those of you in the sales/marketing line)

Credit Card Scam No. 1

I received a call from a company that said they are representing VISA.
They will ask you are you using any visa card, from which bank. Then they said they will send you a Service Card, a new promotion from Visa which is TOTALLY FREE. That card include a free one year insurance cover from AIA RM100,000.

You can enjoy discount from many many of their outlets, then they ask me for the credit card number for verification and they want to make sure my card is still a valid Visa Card. I refuse to give them the card number cos I know that the last 3 digits of our card is actually like our pin number. They keep asking the number and giving me a lot of reason they need to verify my card.

Then I ask that girl who call me their office number, 03-22732600. I said that I am busy right now and I’ll call her back later. Before the conversation end, she told me again that the service card is totally free for whole life, but we need to pay rm499 for the processing fee, ask me not to misunderstand.

Just after I hang up the call, I call back to the phone number that she give me, I ask the receptionist

“What is your company name?” Then she start asking me why I call? She ask me did I agree with the rm499 fee and when I said No, she said “then you don’t need to know our company name!”
It is a SCAM! I already called to my bank to report the incident. Hope that all of you won’t be trapped in this kind Of SCAM.

Credit Card Scam No. 2

Note, the callers do not ask for your card number; THEY already have it. This information is worth reading. By understanding how the VISA & MasterCard Telephone Credit Card Scam works, you’ll be better prepared to protect yourself.

What the scammers want is the 3-digit PIN number on the back of the card. Don’t give it to them. Instead, tell them you’ll call VISA or Master card directly for verification of their conversation.

My husband was called on Wednesday from “VISA”, and I was called on Thursday from “MasterCard”.

The scam works like this: Person calling says, “This is (name), and I’m calling from the Security and Fraud Department at VISA. My Badge Number is 12460 your card has been flagged for an unusual purchase pattern, and I’m calling to verify. This would be on your VISA card which was issued by (name of bank). Did you purchase an Anti-Telemarketing Device for $497.99 from a Marketing company based in Arizona?”

When you say “No”, the caller continues with, “Then we will be issuing a credit to your account. This is a company we have been watching and the charges range from $297 to $497 just under the $500 purchase pattern that flags most cards. Before your next statement, the credit will be sent to (gives you your address), is that correct?”

You say “yes”. The caller continues - “I will be starting a Fraud investigation. If you have any questions, you should call the 1- 800 number listed on the back of your card (1-800-VISA) and ask for Security. You will need to refer to this Control Number. The caller then gives you a 6 digit number. “Do you need me to read it again?”

Here’s the IMPORTANT part on how the scam works. The caller then says, “I need to verify you are in possession of your card “. He’ll ask you to “turn your card over and look for some numbers”. There are 7 numbers; the first 4 are part of your card number, the next 3 are the security Numbers that verify you are the possessor of the card. These are the numbers you sometimes use to make Internet purchases to prove you have the card. The caller will ask you to read the 3 numbers to him.

After you tell the caller the 3 numbers, he’ll say, “That! is correct, I just needed to verify that the card has not been lost or stolen, and that you still have your card. Do you have any other questions?” After you say No, the caller then thanks you and states, “Don’t hesitate to call back if you do”, and hangs up.

You actually say very little, and they never ask for or tell you the card number. But after we were called on Wednesday, we called back within 20 minutes to ask a question. Are we glad we did! The REAL VISA Security Department told us it was a scam and in the last 15 minutes a new purchase of $497.99 was charged to our card. Long story made short – we made a real fraud report and closed the VISA account. VISA is reissuing us a new number. What the scammers want is the 3-digit PIN number on the back of the card. Don’t give it to them. Instead, tell them you’ll call VISA or Master card directly for verification of their conversation.

The real VISA told us that they will n! ever ask for anything on the card as they already know the! information since they issued the card! If you give the scammers your 3 Digit PIN Number, you think you’re receiving a credit. However, by the time you get your statement you’ll see charges for purchases you didn’t make, and by then it’s almost to late and/or more difficult to actually file a fraud report.
What makes this more remarkable is that on Thursday, I got a call from a “Jason Richardson of MasterCard” with a word-for-word repeat of the VISA scam. This time I didn’t let him finish. I hung up! We filed a Police report, as instructed by VISA. The police said they are taking several of these reports daily! They also urged us to tell everybody we know that this scam is happening.

http://www.malaysiandaily.com/

2007-07-08T10:04:00.000-07:00

Cardholder Advice

To help protect yourself from becoming a victim of card fraud, APACS suggests you follow these top tips:

* Guard your card and card details.
* Don't let your card out of your sight when making a transaction.
* Ask the retailer to confirm the amount being debited from your card.
* Carefully discard your receipts from card transactions. Shred all your receipts and documents that contain information relating to your financial affairs.
* Check your receipts against your statements carefully. If you find an unfamiliar transaction contact your bank or building society immediately.
* Never write down your personal identification number (PIN) and never disclose it to anyone, even if they claim to be from your bank, building society or the police.
* When using a cash machine, be wary of anyone who might be trying to watch you enter your PIN and do not allow yourself to be distracted by anyone or anything.
* Don't keep your chequebook with your cards.
* Report lost or stolen cards or suspected fraudulent use of your card account to your bank or building society immediately. The 24-hour emergency number is on your last statement, or call directory enquiries for the number.

Other important tips

* Sign any new cards as soon as they arrive.
* Cut expired cards through the magnetic stripe and/or chip when replacement cards arrive.
* Pay attention to card expiry dates. If your replacement card hasn't arrived call your bank or building society to check the status of the new card.
* Don't leave your cards unattended in a bag, briefcase or jacket pocket in a public place and keep your bag or briefcase on your lap.

If you are a victim of card fraud

* Inform your bank or building society immediately.
* Report the theft or loss to the police immediately. This can be inconvenient and time consuming but it will simplify the process of getting your bank or building society to refund the losses from any unauthorised use of your card.

If someone else uses your card before you tell your bank or building society that it has been lost or stolen, or before you tell them that someone else knows your PIN, the most you will have to pay is £50. In practice the bank or building society will usually refund the full amount lost, but if you are shown to have acted fraudulently or without reasonable care, for example by keeping your PIN written down with your card, you may have to meet all the losses.

http://www.apacs.org.uk

2007-07-08T10:03:00.000-07:00

Types of card fraud

Lost and stolen card fraud — a card is physically stolen from your wallet or home, or it is lost, and is then used by a criminal, posing as you, to obtain goods and services. Most fraud of this type takes place before you have reported the loss.

This type of card fraud has remained fairly static for the past five years, but a decrease is expected once chip and PIN is fully rolled out in the UK.

Counterfeit card fraud (also known as Skimming) — a counterfeit, cloned or skimmed card is one that has been printed, embossed or encoded without permission from the card company, or one that has been validly issued and then altered or recoded.

Most cases of counterfeit fraud involve skimming, a process where the genuine data on a card's magnetic stripe is electronically copied onto another card, without the legitimate cardholder's knowledge.

Skimming can occur at retail outlets — particularly bars, restaurants and petrol stations — where a corrupt employee puts your card through a device, without your knowledge, that electronically copies the data from your card's magnetic stripe. Sometimes skimming takes place at cash machines where tampering has occurred and a skimming device has been fitted. The information is usually then sold on higher up the criminal ladder where counterfeit cards are made.

Often you will be unaware of such fraud until your statement arrives, showing purchases that you did not make.

Card-not-present (CNP) fraud — this includes fraud conducted over the Internet, by telephone, fax and mail order. It is perpetrated when criminals obtain card details through the theft of your card details. It is now the largest type of card fraud in the UK.

The problem in countering this type of fraud lies in the fact that neither the card nor the cardholder is present at a till point in a shop.

Mail non-receipt card fraud — this type of fraud involves your card being stolen in transit, once it has been sent out to you from your bank or building society. At particular risk for this type of fraud are properties with communal letterboxes, such as flats and student halls of residence.

http://www.apacs.org.uk

2007-07-08T08:12:00.000-07:00

Plastic Card Fraud

Cards are always safer than cash. The chances of you becoming a victim of card fraud are still low (fraudulent transactions make up 0.141% of all transactions). If you are unlucky enough to be a victim you will not suffer any financial loss as a consequence providing you have not acted fraudulently or without reasonable care.

Criminals are always looking for ways to get hold of your cards, but the banking industry is committed to fighting the fraudster on all fronts. Chip and PIN is a vital tool to help us further protect cards and we continue to work on a raft of other initiatives.

You can best protect yourself by always looking after your cards and card details, checking your statement to ensure you have not been a victim, disposing of receipts with care and NEVER disclosing your PIN even if somebody claims to be from your bank or the police.

Card Watch is a UK banking industry initiative that aims to raise awareness of card fraud prevention. For comprehensive information on fraud - including the types, levels and what is being done to combat it - visit the Card Watch website at www.cardwatch.org.uk

http://www.apacs.org.uk/

2007-07-08T08:07:00.000-07:00

Cheque Fraud

Risks
As we move towards a cashless society and rely more on credit cards and EFTPOS, cheques are gradually diminishing.

However, cheque fraud still poses a serious risk to the business community and individuals alike. It can result in loss of funds from accounts or loss of goods.

Frauds involving cheques include:

* presenting lost, stolen or counterfeit cheques
* fraudulently cashing cheques
* "bounced" cheques because of insufficient funds in the account
* inadequate cheque clearance procedures
* using unauthorised business cheques

Using cheques out of sequence or ordering a new chequebook before using the previous one can also result in fraudulent activity.

What can you do?
Keep track of your cheques by using them in sequence from the beginning of the book and keeping your chequebook in a safe place.

Other steps you can take include ensuring:

* blank cheques are not pre-signed
* cheques are made payable to a particular business or individual. Never write cheques to cash or bearer.
* transaction details are recorded on the relevant cheque stub
* there are sufficient funds in your account to meet the cheque on presentation

When you receive a cheque
Keep cheques you receive safe and bank them promptly. You can also make a request to the bank for special clearance.

Avoid cheque fraud by making sure:

* cheques payable to a third party are properly endorsed by the payee
* cheque endorsement is in order
* there are no alterations to the cheque
* the cheque has the correct date
* figures match the writing
* signature is okay
* the company issuing the cheque confirms it's validity

http://www.police.qld.gov.au/

2007-07-08T08:05:00.000-07:00

Avoid Cheque Fraud

Cheque fraud is among the oldest and most common forms of financial crime. Even with the advent of electronic payment products, cheques still account for billions of payments each year, making them a prime target for criminals.

There are three main types of cheque fraud:

* Counterfeit - cheques not written or authorized by legitimate account holder
* Forged - Stolen cheque not signed by account holder
* Altered - an item that has been properly issued by the account holder but has been intercepted and the payee and/or the amount of the item have been altered

How can you protect yourself from fraud for items drawn on your account?

1. Reduce the use of risk-prone cheques in favour of electronic payments such as wire payments, direct deposit and pre-authorized payments.
2. Choose envelopes that make cheques hard to detect while in transit. This helps to minimize the risk of cheques being intercepted.
3. Keep cheque stock in a secure location.
4. Destroy unused cheques from closed accounts immediately.
5. Checks and Balances - split responsibilities so that no one person is responsible for cheque issuance and reconciliation.
6. Prompt account reconciliation - Reconcile your statements as soon as they are received. To speed things up, many clients see a significant advantage in products like:
* CIBC Business Banking, our Internet banking platform
* Positive Pay, which matches cheques presented against your own cheque issue files and identifies all exceptions for a Pay/No Pay decision
* Corporate Clearing, which helps large volume cheque issuers manage the daily processing and reporting of paid items
7. When re-ordering cheques, use a continuous set of serial numbers.
8. Order only one set of cheques per account.
9. When laser-printing cheques, issue multiple passwords to those responsible for cheque printing and use cheque paper with toner anchorage to permanently bond toner ink into the paper.
10. Use high quality cheques employing a reasonable mix of security features. Davis and Henderson meet all of CIBC's requirements for cheque printers.
11. Report any old outstanding cheques and suspected fraud on your account immediately.

2007-07-08T08:02:00.000-07:00

Cheque Fraud

In 2005 cheque fraud losses totalled £40.3 million, a decrease of 13% on 2004.

A typical cheque fraud involves a criminal buying goods or services and paying for them with a stolen or counterfeit cheque. The seller waits for the the bank to confirm the cheque has cleared and the parts with the goods. When the fraud is subsequently discovered the funds may be reclaimed.

Over the past couple of years organised gangs have targeted consumers selling high-value goods such as cars. Typically the fraudster will offer you a cheque or bankers’ draft for more than the price of the goods. You are then asked to transfer the amount of the overpayment to a third party after three days, when, it is claimed, the cheque will be cleared.

The cheque or draft isn't genuine and, whilst banks do all they can to stop such cheques in the clearing system, it may only be after you have received value for the cheque that the genuine cheque owner discovers that money is missing from their account. Consequently, the money paid into your account belongs to them and you may be obliged to repay it. This can happen several weeks after the money has been paid into your account by which time you have probably transferred the "overpayment" and handed over the goods you are selling.

The banking industry continues to identify most of these fraudulent/stolen cheques as they pass through the cheque clearing system and before there are any victims. Currently, the industry identifies and stops more than 90% of all fraudulent cheques, thereby preventing customers losing cash. Attempted cheque fraud levels amounted to £631 million in 2004 and £575 million in 2005.

We also are working closely with the police to help minimise the risk of this type of fraud, but the important thing is to be on your guard: anything that sounds too good to be true should set alarms bells ringing, even if the excuses given seem plausible.

Cheque Fraud - How to protect yourself

· Don’t accept a cheque, or bankers’ draft, from someone unless you absolutely know and trust them. Be especially wary when accepting a high-value cheque, for instance if you are selling a car.

· Be aware that, even after the value of the cheque has been credited to your account, there is a risk that the money could be reclaimed if the cheque subsequently turns out to be stolen or counterfeit.

· Always consider other ways of acepting payment for high-value items – an Internet or telephone banking payment or a CHAPS payment. There is a charge for a CHAPS payment but it is a highly secure, guaranteed same-day value payment. If the buyer is unwilling to pay the relatively small cost involved – or to split it with you – then you really do need to be on your guard.

· Keep your chequebook in a safe place, report any missing cheques to your bank immediately and always go through your bank statement thoroughly.

Banks will examine each case of cheque fraud on an individual basis but, generally speaking, if you are an innocent victim of cheque fraud who has had a cheque or chequebook stolen and used fraudulently you will be refunded by your bank. However, if you have accepted a cheque or bankers' draft that turns out to be fraudulent, your bank is likely to reclaim the funds.

If you are a victim of cheque fraud or would like more information, contact your bank for advice or refer to your bank’s terms and conditions. The British Bankers’ Association (www.bba.org.uk) and Metropolitan Police (www.met.police.uk) both have information and facts about cheque fraud on their websites. If you are concerned about the most suitable payment option, your bank should be able to offer you advice.

http://www.apacs.org.uk

2007-07-08T08:00:00.000-07:00

Overpayment Cheque Scam

People selling high-ticket items such as cars, motorcycles or computer gear via the Internet should be aware of a cheque scam that is bilking victims out of thousands of dollars. Although the scam has been around for quite some time, recent trends indicate that it is netting an increasing amount of victims, especially among car owners looking to sell their vehicles.

Typically, an overpayment cheque scam works like this:

* A seller places an Internet advertisement for a car or other item with a high price tag.

* Later, the seller receives a generous offer for the item, usually via an email.

* The seller agrees on the price, and, often, also agrees to the proviso that he or she refuses any other offers for the item.

* The scammers then send a cheque for the item. However, the cheque is for substantially more than the specified amount.

* The scammers invent some excuse for this overpayment and ask that the balance be electronically transferred to a specified bank account. For example, they may claim that the extra funds are to pay the fees of an agent who is handling the sale or to cover shipping costs.

* The seller dutifully transfers the amount out of his or her own funds.

* Later, the seller finds that his or her bank has dishonoured the cheque. In some cases, the bank may actually have cleared the funds, but discovers later that the check is a forgery or was stolen.

* Thus the seller has been bilked out of a substantial amount, with little chance of recovering the money. Furthermore, the item remains unsold and the seller may have rejected legitimate offers in the mean time.

http://www.hoax-slayer.com

2007-07-01T03:29:00.000-07:00

Massive credit card heist suspected
Over 140,000 transactions run through tiny Net firm

A Los Angeles-based Internet company said that 140,000 fake credit card charges, worth $5.07 each, were processed through its transaction system Thursday, in a computer scam that may have affected as many as 25 companies. The apparent fraud suggests that a computer criminal may have obtained a sizable list of stolen credit card numbers and was testing them for validity, credit card fraud expert Dan Clements said.

Paul Hynek, CEO of Web site operator Spitfire Novelties, said its credit card transaction processor, Online Data Corp, approved some 62,000 of the apparently false charges, valued at over $300,000.

Hynek said Online Data representatives revealed to him Friday morning that about 25 of the payment processor’s other e-commerce customers had suffered similar problems Thursday.

But Online Data president John Rante said late Friday that he was “not sure” that any other e-commerce sites were hacked.

The false charges started showing up at Spitfire’s TalkingTP.com Web site at 1 p.m. PT Thursday, Hynek said, but the company didn’t realize what was happening until early evening. By Friday morning, credit card holders who had noticed fraudulent charges on their accounts were peppering Spitfire with questions.

“The phone was ringing every 20 or 30 seconds ... with people asking ‘who the hell are you,’” said Russ Colby, Spitfire’s president. Spitfire, a small e-commerce company that generates five to 30 transactions a day, suddenly was deluged with credit card authorizations.

“There wasn’t a system in place to say, ‘you’ve generated 140,000 charges, that’s more than your normal volume,’” Hynek said.

Online Data is a reseller of Verisign Inc. credit card payment gateway services, according to Verisign spokesperson Janine Dunne, who declined to say how many merchants were impacted by the apparent fraud, but did indicate Spitfire wasn’t the only company hit.

While Verisign actually performed the authorizations, Dunne blamed the reseller, Online Data, for the incident. She said the company issued poor passwords to its customers.

“We encourage resellers to assign strong passwords. The issue here appears to be the nature of passwords assigned to merchants,” she said.

But Rante said the merchant was to blame for not changing its password often enough.

“All of us need to change our passwords,” Rante said. “We issue a starter password just like most companies do. We strongly urge the merchant to go in and change their password. This merchant failed to change their password and they were hacked.

Hynek told MSNBC.com the merchant password issued to him by Online Data was “OnlneAp16501.” He said he thought the alphabetic part of that password stands for “Online app,” which might be easy for a hacker to guess.

Darrell Bethune was one of many victims who noticed the $5.07 charge Friday while checking his credit card statement online.

“I live in Canada and haven’t been to Los Angeles in years,” he said.

While some $300,000 in charges were approved by Verisign’s systems, the firm actually halted the transactions before they were “settled,” meaning the $316,000 was never actually credited to Spitfire’s merchant account. In fact, the criminals were probably only testing the cards to see if they were valid.

Running cards through the authorization process is worthwhile to criminals, because they now have some 60,000 valid cards to sell on the black market, according to Clements, a credit card fraud expert who operates CardCops.com.

About 80,000 of the cards run throughout Spitfire’s systems were declined, Hynek said, meaning more than half the stolen cards were outdated or had already been canceled.

This is not the first time credit card thieves have used hacked online merchant accounts to test cards. In April, MSNBC.com reported that thieves were using “brute force” methods to test thousands of card numbers through hacked Authorize.net merchant accounts, posting tiny 5 and 10-cent charges. In one such incident, 13,000 pre-authorizations attempts were made in a single weekend.

It’s not clear how many apparently stolen cards were run through the 25 other Online Data merchants that Hynek said were also compromised.

Also unclear is what happens next. Apparently, word of the 62,000 valid stolen cards hadn’t filtered down to credit card issuers yet. When Bethune spotted the false charge, he called his credit card bank, Wells Fargo, and asked to have his card canceled. The bank hadn’t yet heard about the alleged heist.

“It’s not clear what responsibility Verisign has right now,” said Clements. “The credit card companies would sure be interested in that list ... these are cards that are clearly targeted for fraud.”

Dunne said Verisign had alerted credit card companies about the compromised cards, but declined to provide further details.

By Bob Sullivan
Technology correspondent
MSNBC

Credit Card Fraud Down, Visa Reports

2007-06-24T00:59:00.000-07:00

Fraudulent use of its credit cards has declined annually since 1992, according to Visa. Officials at the company credit anti-fraud computer programs and new procedures which have been put in place.

* The nation's largest credit card system reports a fraud rate for 1999 of just 6 cents per $100 worth of transactions -- which compares to 18 cents per $100 in 1992.
* Computer programs have been developed to flag questionable purchases while they are in progress -- which rely on identifying geographical deviations or variances in the amount of type of purchases from customers standard patterns.
* Visa is in the process of incorporating a code on the back of its cards that will verify a customer has physical possession of a card when charging by phone, mail or Internet.
* Card holders are asked to give the card's billing address in many Internet transactions.

While MasterCard has not released its 1999 fraud statistics, it has reported that fraud in 1998 was well below historic highs.

Credits to : Thomas A. Fogarty, "Credit Card Fraud Takes a Fall," USA Today, February 23, 2000.

Lower credit card fraud in M'sia

2007-05-02T01:25:00.000-07:00

Smart cards have helped Malaysia significantly reduce losses due to counterfeit-related fraud, according to Visa.

Speaking at a conference on IT governance in Singapore Tuesday, Ingo Noka, Visa Asia-Pacific's head of payment security services, said there was virtually "no counterfeit fraud in Malaysia" as at September 2005.

In contrast, Visa had lost about US$400,000 through counterfeit-related fraud in November 2004, according to notes in one of Noka's presentation slides.

Noka noted that Malaysia had replaced its magnetic-striped credit cards with chip-based ones early last year, he told ZDNet Asia in an interview.

According to Noka, the reduced counterfeit losses is an indication that smart card technology is more secure than magnetic strip and not economical for crime syndicates to copy.

The bad news, however, is that fraudsters have moved to neighboring countries such as Thailand, said Noka. Statistics from the e-payment provider show a huge spike in counterfeit-related activity in Thailand between March and June last year.

Other forms of fraud, such as those committed using stolen credit cards, are also on the rise, he added.

While Malaysia has succeeded in stemming fraud committed using counterfeit credit cards, other countries may not yet follow suit because of the resources required. Citing Thailand as an example, Noka said: "[Visa] members are very keen to move the chip migration forward a little bit faster than in other countries…[but] it's always a balance of cost and security, because chip migration takes time and will require investment."

According to Noka, Visa is also keen to adopt two-factor authentication for online payments. Banks in Europe and Asia have already implemented or are planning to implement the use of a second factor for Internet banking. Over time, two-factor authentication can be expected to extend to the area of payment, he added.

In the Asia-Pacific region, Visa lost about US$152 million to fraud in 2005, a 5 percent increase over US$146 million in 2004. Globally, fraud-related losses jumped 19 percent, from US$2.1 billion in 2004 to last year's US$2.4 billion.

Last October, Visa announced a US$200 million effort to combat fraud. It also offers credit card merchants and processors in the Asia-Pacific region a quarterly vulnerability scanning and self-assessment services to determine if they comply with the Payment Card Industry Data Security Standards.

By Vivian Yeo, ZDNet Asia

Say No if you don’t need a credit card

2007-02-25T00:24:00.000-08:00

PUTRAJAYA: The Government cannot stop banks from issuing credit cards although the easy access to cards has raised concerns of overspending.

Deputy Finance Minister Datuk Dr Ng Yen Yen stressed that the Government could not restrict banks from issuing the cards as the process was legal.

She said, however, that the ministry would monitor the situation.

“Although the financial institutions are seen as desperate and eager to offer credit cards to the public, it does not mean one must take it,” she said adding that those with many credit cards must be disciplined and not spend more than they could afford.

“The public must be disciplined and reject offers of credit cards if they do not need one.

“It is difficult for the Government to intervene and stop banks from offering credit cards because it is legal and part of a bank's activities.”

Dr Ng, who met Pahang Federation of Chinese Associations members here, advised parents to teach their children about financial planning at an early stage.

Led by their chairman Tan Sri Pheng Yin Huah, the group raised concerns that banks were offering credit cards with very lenient conditions and that many Malaysians were having too many cards.

They hoped the Government would reintroduce micro credit for small businesses and offer tax exemptions for non-governmental organisations to build their premises.

Refer inept users of credit cards to agency, banks urged

2007-02-25T00:16:00.002-08:00

PENANG: Credit card users who show early signs of poor financial management should be referred to the Credit Counselling and Debt Management Agency for help.

Bank Negara deputy governor Datuk Mohd Razif Abdul Kadir, who said this, added that banks should look out for such spending trends to guard against bad debts.

He said non-performing loans now totalled RM18.6bil, with credit card defaulters accounting for RM700mil.

“We advise banks to refer potential defaulters to the agency earlier,” he said after opening the agency office at Bank Negara here yesterday.

Useful service: (From left) Credit Counselling and Debt Management Agency chief executive officer Mohamed Akwal Sultan, Mohd Razif, Consumers Association of Penang president S.M. Mohamed Idris and Malaysia Banks Associations Penang branch chairman Ahmad Daniyal Ahmed Tajul Ariffin placing their hands on a globe to signify the opening of the agency in Penang on Friday.

Bank Negara set up the agency to provide free financial management, credit counselling and debt management services.

So far some 11,000 people, of which more than half are credit card users, have sought the help of the agency's offices in Kuala Lumpur, Johor Baru, Kuala Terengganu, Kuching, Kota Kinabalu and here.

Mohd Razif said 60% of the 8.8 million credit card users settled their bills on time, while 40% tend to pay only the minimum 5% of their monthly dues.

“The debt management programme has helped ease repayment burdens, as we help formulate affordable repayment plans to help them get back on their feet,” he said.

Mohd Razif said that ideally the Education Ministry should introduce a special syllabus on practical financial management in schools.

On another matter, Mohd Razif advised the public not to deposit their money in foreign financial institutions that are not licensed in Malaysia.

“People should be extra cautious of foreign financial institutions, especially those operating online.

“Obviously, something is not right when deposit schemes offer returns 20% higher than normal.”

By NIK KHUSAIRI IBRAHIM
Thanks to: thestar.com.my/news

Fraudster jailed again after release

2007-02-25T00:16:00.001-08:00

A SRI Lankan hoping to leave Singapore last night after serving 21/2 months in prison for credit card fraud, has been carted back to jail to serve another 31/2 months.

Payagala Kumar Fernando, 21, was released from prison on Monday and held in special detention by the Immigration and Checkpoints Authority, while the prosecution awaited the result of its High Court appeal against what it felt was an inadequate sentence.

Appeals court judge V.K. Rajah agreed, noting that credit card fraud damages Singapore’s standing as a financial and aviation hub and had to be dealt with severely.

In November last year, he had found a credit card below a seat on the flight from Auckland to Singapore. Instead of returning it to the owner – a Dutch woman seated next to him – he kept it.

While in transit to board a connecting flight to Colombo, he used the credit card to buy a laptop , a mobile phone and a watch. An hour later, he tried to buy a bracelet, but by then the card had been blocked.

Fernando was arrested before he could board his flight. – The Straits Times/Asia News Network

Founders of Internet company charged in New York City gambling case

2007-02-25T00:11:00.000-08:00

NEW YORK (AP) - Two founders of a company that processes Internet gambling transactions were arrested and charged with funneling billions of dollars (euros) in gambling proceeds to overseas betting operations, federal prosecutors announced Tuesday.

The charges mark the latest in a series of crackdowns by the U.S. government against the online gambling industry.

The charges against the former Neteller PLC directors, John David Lefebvre, 55, and Stephen Eric Lawrence, 46, both Canadian citizens, were contained in two criminal complaints unsealed in U.S. District Court in Manhattan on Monday, U.S. Attorney Michael Garcia said in a statement.

The prosecutor said the men knew when they took their company public that its activities were illegal.

FBI Assistant Director Mark J. Mershon said the multibillion-dollar online gambling industry is "a colossal criminal enterprise masquerading as legitimate business.''

Neteller is an Internet payment services company that has grown in popularity as an increasing number of credit card companies have begun refusing to accept payments to online gambling sites.

Neteller essentially acts as a middleman between gamblers and offshore betting operations.

For example, a gambler who wants to place bets at offshore sports books can fund an account with Neteller, which in turn will transfer the money to the betting sites.

Prosecutors say Neteller facilitated the transfer of billions of dollars of illegal gambling proceeds.

Lefebvre was arrested Monday in Malibu, California, and was scheduled to appear in U.S. District Court in Los Angeles on Tuesday. Lawrence, who lives in the Bahamas, was arrested Monday in the U.S. Virgin Islands and will appear in federal court on Wednesday.

Peter Neiman, a lawyer for Lawrence, said he had no comment. A lawyer for Lefebvre did not immediately return a telephone message seeking comment.

In 1999, the men founded Neteller, which is based in the Isle of Man and is publicly traded in the United Kingdom.

The company began processing Internet gambling transactions in 2000. Lawrence left the company's board of directors in October, while Lefebvre left in December 2005, prosecutors said.

Together, the men owned as much as 35 percent of the company's outstanding shares.

Prosecutors cited Neteller's 2005 annual report in saying that Lawrence and Lefebvre enabled the company to provide payment services to more than 80 percent of worldwide gaming merchants.

Garcia noted that the company acknowledged when it went public that U.S. law prohibited people from promoting certain forms of gambling, including Internet gambling and transmitting funds that are known to have been derived from criminal activity.

Lefebvre and Lawrence also conceded in the company's offering documents that they were risking prosecution by the U.S. government, he said.

Prosecutors said Neteller in 2005 alone processed more than $7.3 billion (euro5.6 billion) in financial transactions, 95 percent of which was derived from money transfers involving Internet gambling.

Lawrence and Lefebvre were charged with conspiring to transfer funds with the intent to promote illegal gambling, and could face up to 20 years in prison if convicted.

- Latest business news from AP-Wire -

Made to pay more for using credit card

2007-02-25T00:08:00.000-08:00

While the developing world is moving towards a modern cashless society, Malaysia seems to be going in the opposite direction.

Many of us own credit cards. However, try using the credit card and you will be in for a shock.

Supermarkets insist that you must spend a minimum of RM80 before you can pay by card. So, you are forced to buy things that you might not need.

Travel agencies charge an extra 3% if you pay by credit card. Just imagine that if you were to buy two tickets to London: you will risk your life by carrying with you RM10,000 or paying an extra RM300.

The worst of such extortion happened when I went to Hospital Putra in Malacca. My visit to the specialist cost me RM350. I wanted to pay by credit card but I was told that I had to pay an extra 10%. Is this reasonable?

CARD SHOCK
Melaka,Malaysia

Most credit card holders poor at managing expenses

2007-02-24T23:26:00.000-08:00

MALAYSIANS hold about 4.2mil credit cards but most cardholders are poor at managing their expenses.

Both Tamil Nesan and Malaysia Nanban carried articles on the issue, which said that there is an increasing trend to use credit cards because it allows consumers to make purchases without dealing in cash.

However, many cardholders could not control their spending and suffers from stress.

The articles said credit card holders should plan their purchases and spend prudently, so that they are not burdened with outstanding payments later on.

Credit card holders are reminded that they are charged up to 18% interest on the amount they need to settle.

Author: Archive were taken from The-Star, an English-written newspaper from Malaysia. Tamil Nesan and Malaysia Nanban is an Indian-Language written newspaper from Malaysia.

What does a fraudulent transaction look like?

2007-02-24T23:23:00.002-08:00

Nearly every online business will run into a visitor that is trying to make fraudulent purchases on their website at some point. Hopefully the transaction or situation can be identified and corrected before it ever becomes a real problem.

Unfortunately, fraud has become synonymous with online business. There are so many ways that fraud can be committed through a website, with several desired outcomes for fraudsters. Not all fraudulent transactions are made to obtain merchandise. Card testing is another problem that some merchants face, where the transaction is not meant to obtain goods.

It is important for merchants to be able to identify fraudulent situations and purchases before there is ever a shipment of products. Voiding a transaction is far easier to do than obtaining merchandise lost to a fraudulent transaction.

Businesses will always suffer more from fraud than consumers!
Lets face it. Merchants will lose every time fighting a fraudulent order chargeback that was successfully processed through their business. Credit card fraud regulations are designed to protect the consumer and only the consumer. Businesses have very little recourse if they process a fraudulent order and ship the product. The best method to fight fraud is to prevent fraud. To do this, merchants need to take a proactive approach to combating credit card fraud.

The 2 main types of fraud that merchants face while doing business online are card testing and fraudulent orders.

Card Testing:
Card testing is a type of fraud that many merchants are not aware of. It can have devastating effects on a business even though the business may never ship out any merchandise due to a fraudulent transaction. Card testing is the systematic testing of credit card numbers, in pursuit of finding a valid credit card number / expiration date combination. Card testing can be spotted by observing a large number of declined transactions through a payment gateway, usually in a sequential and consistent pattern. Many declined transactions followed by an approved transaction for a single user can also be card testing. Card testing is usually done with small amounts. The tester only wants to find valid numbers, and is not after tangible goods, yet.

Card testing can be very costly to a business. Most businesses are charged for every transaction, declined or approved, that they attempt. Card testers can attempt thousands or even tens of thousands of tests in a day. At about $.25 / transaction, it can get extremely expensive. Visa and MasterCard also monitor gateway addresses that have huge numbers of declines on them for the same reason. Allowing the continuance of a card tester can ultimately lead to a merchant being shut down, even if the merchant had no idea it was happening.

Card testing has 2 different phases. Phase 1 is trying to find a real card number. Phase 2 is finding an expiration date to match the card number previously found.

By using the Luhn algorithm, a tester can produce a list of valid credit card numbers. The next step is to test these numbers to see if the card is real. Once the tester finds a real card, they submit expiration dates until the card is approved. The tester builds a computer script to place automated queries into a merchant’s payment gateway. These scripts can be very complex and some can foil fraud detection software.

Card testing is reliant on 2 factors of an online payment gateway. Removal of either of the 2 factors will completely prevent the effectiveness of card testing. First, the merchant’s website must give different responses for a declined cards based on the decline reason. This is key, as a tester needs to know why the card was declined, was it a bad number or bad expiration date. Secondly the tester needs to be able to get an approval without a valid address.

Once the script finds a valid card number, but getting a wrong expiration date response, the card tester then tests expiration dates until he gets one that matches. Now he has a valid credit card number and expiration date.

Preventing Card Testing:
Preventing card testing is fairly simple. Monitor the declined and approved transactions processed through your gateway daily. Make sure that the payment gateway’s decline response is the same no matter what the reason for a decline is. Finally, make sure that a valid verified address is required before approving a transaction. These three steps will prevent card testing almost entirely.

Fraudulent Orders:
A fraudulent order is when a person illegally orders something on a stolen card in order to actually receive a product. The thief may have drop off addresses where they can pick up a delivery anonymously.

Fraudulent orders can be very costly because a merchant is setup to loose their shipped goods and later loose when the real card owner charges back the fraudulent purchase. Most fraudulent orders are never recovered after they are shipped.

Preventing Fraudulent Orders:
Fraudulent orders are more difficult to stop than card testing, but through analyzing orders that are processed through a website most can be eliminated. Fraudulent orders have the tendency to look abnormal compared to a normal order. Whether a large amount, requesting expedited shipping, strange shipping addresses, or other factors, most fraudulent orders are different than normal, and thus stand out when compared to regular orders.

Common Fraudulent Order Flags:

Abnormally High Ticket Price.
Different Shipping and Billing Addresses.
Orders from Nigeria, Anywhere in Africa, Indonesia, the Philippines, or foreign orders in general.
Requesting Expedited Shipping.
Offering More Than the Listed Price for the Product.
Unusual Quantity or Type of Product Ordered.
Free Email Address (hotmail, gmail, yahoo, etc.)
Fake Sounding Name (Ex: Rickey Rickerson).
Persons Requesting a List of Products From You First.
Incorrect or Fake Phone Number

Always use AVS and CVV/CV2/CVC (Card Verification) on every transaction you process. This will at the very least guarantee that the card holder has the card, and it is being billed to an address registered to the card.

If possible, check each order that is processed through your website. If you come across a suspicious order, call the customer to verify who they are. If the order is extremely large or talking to them is unconvincing, request them to fax a copy of their drivers license to you, and a signed invoice. These may be a small inconvenience to some of your customers, but the cost of fraud to your business is far greater than not taking the extra steps. Most customers are happy to verify information with you, as preventing fraud is a concern of theirs as well.

Also if you can, require a signature with every package that you ship. A signature is the only way to prove proof of delivery.

If a fraudulent order is successfully placed through your website, ‘YOU’ are the last defense. Remember that the perfect customer also fits the profile of someone ordering fraudulently.

Very Thanks to:www.merchantaccountblog.com

Tips to help you avoid credit card fraud

2007-02-24T23:23:00.001-08:00

Don't carry credit cards you don't use and never leave them unattended in a purse, briefcase or wallet.
Always make sure you get your credit card receipt because it just may include your credit card number. Never toss it in a public trash bin. You'll need that receipt later anyway to tally things up when your statement arrives.
Shred all documents that might include your credit card number before disposing of them - old slips, credit card statements, bills, anything.
Never give your number over the phone to someone that you do not know. It's OK if you initiate the call but if you get a call at home from anyone that you do not know by name do not give them your credit card number.
Never respond to an e-mail asking for your number, no matter how official or legitimate it looks. These bogus e-mails are the #1 fraud right now on the Internet.
Review your monthly statement as soon as it comes and report any problems right away. To insure your rights, follow-up by filing a written complaint form.
If using a bank card where you have the option to use credit or debit, ALWAYS USE THE CREDIT OPTION as this may prevent the skimmer device from accessing your four digit pin number.

Types of Fraud

2007-02-24T23:06:00.000-08:00

Stolen Card Fraud

When a card holder loses or has their credit card stolen, it is possible for the thief to make unauthorized purchases on that card up until the card is cancelled. Businesses that accept credit cards are not permitted to request supplemental ID from the cardholder, unless the credit card is not signed. A thief can potentially purchase thousands of dollars in merchandise or services before the card holder or the bank realize that the card is in the wrong hands. Self-serve payment systems such as gas stations are also highly prone to accepting a stolen credit card, as there is no verification of the card holder's identity, however many stations are trying to prevent this by adding a check requiring the user to key in a zip code. The zip code must match the code registered to the credit card or the transfer will fail.

Account Takeover Fraud

Fraud perpetrators call in and impersonate actual cardholders using stolen personal information. They have the address and other information of the cardholder changed to an address they control. Additional cards and possibly PIN mailers are requested and issued to the new address and used by the fraudsters to make purchases and/or obtain cash advances.

Sometimes the fraudster will attempt to add themselves or an alias that they control as an authorized user to the account in order to make it easier to commit the fraud.

Credit Card Mail Order Fraud

Using a stolen credit card number, or computer generated card number, a thief will order stolen goods.

Skimming

Skimming is the theft of credit card information by a dishonest employee of a legitimate merchant, manually copying down numbers, or using a magnetic stripe reader on a pocket-sized electronic device. Common scenarios for skimming are restaurants or bars where the skimmer has possession of the victim's credit card out of their immediate view. The skimmer will typically use a small keypad to unobtrusively transcribe the 3 or 4 digit Card Security Code which is not present on the magnetic strip.

Many instances of skimming have been reported where the perpetrator has put a device over the card slot of a public cash machine ( Automatic Teller Machine ), which reads the magnetic strip as the user unknowingly passes their card through it. These devices are often used in conjunction with a pin-hole camera to read the user's pin number at the same time.

To prevent Cards in countries such as the UK are issued featuring a smart chip with public key encryption. The chip cannot be copied, but the card number, expiry date and security code can be, and this set of data is often sufficient to use the victim's credit card account for fraudulent purposes with so-called "card not present" transactions, e.g., manual input, over the telephone or internet.

Carding

Carding is a term used by fraudsters for a process they use to verify that sets of stolen credit card data are still valid. The fraudsters will present each set of credit card details in turn on a website that has real-time transaction processing, making a purchase for a very small monetary amount so as not to use up the card's credit limit, and so as not to attract the attention of a human reviewer to the transaction.

Often, an online donation site for a charity is used instead of an eCommerce merchant, since there is no need to find an item of a suitable price to put in the virtual shopping cart, nor to supply shipping details. The carder may do this manually with a web browser, or may write automated software to interface to the website's checkout or billing forms.

In the past, carders used to use computer programs called "generators" to produce a sequence of credit card numbers, and then test them to see which were valid accounts. However, this process is no longer viable due to widespread requirement by internet credit card processing systems for additional data such as the billing address, the 3 to 4 digit Card Security Code, and/or the card's expiry date. Nowadays, carding is more typically used to verify credit card data obtained directly from the victims by Skimming and Phishing.

A set of credit card details that has been verified in this way is known in fraud circles as a phish. A carder will typically sell data files of phish to other individuals who will carry out the actual fraud. Market price for a phish ranges from US$1.00 to US$50.00 depending on the type of card, freshness of the data and credit status of the victim.

The Secret Diary Of Former Credit Card Customer Services Representitive.

2007-02-20T05:56:00.000-08:00

WHEN YOU CALL A CREDIT CARD COMPANY, I ANSWER THE PHONE... or at least, I used to. After being a customer service rep with a leading national credit card company for approx. 3 months, I couldn't live with their "loan-sharking" practices they DEMANDED of their customers. This company is not hawking secured cards and spends lots of money in direct mail and internet advertising. On average, I answered 200 calls a day and 80% of my calls were enraged customers being "screwed" by the credit card company. One day, I just up and left with a letter of resignation. The point of my message is to offer some information about this company's money-making games and maybe a few tips (I hope I don't state the obvious to you).

Figure 1.

Figure 1. Illustration of how card processing works.

HERE GOES: (I wish I still had my training manuals because I would just download some of this company's regulations onto this site.)

I. LATE FEES

A) MAILING YOUR REMITTANCE: The Company processes millions of payments each month through huge sorting machines (in training we saw a short video of this process). From the time we ACTUALLY receive your payment in our warehouse to the time the payment posts to your account takes 5-7 days. If you decide to send your payment via certified or air-mail, checks stapled/paperclipped to remittence stub, or enclose a letter with your payment, then you just added a few more days to your payment being posted to your account. WHY? because the sorting machine's conveyer belt is only wide enough for an envelope, an enclosed check/money order and a remittence stub; so, anything else must be sorted manually (shipping carton of air-mail payment, a staple, a paper clip, etc.). HERE'S THE CATCH...knowing that it will take 7-10 days for your mailed payment to post (2-3 days postal & 5-6 days to process), the credit card company will wait and mail your bill 10 days before it's due, knowing that the odds of you mailing in your payment immediately the day you receive it is slim to none. That way, they get their late fee (MONEY! MONEY! MONEY!). I was told on break-time one day by a senior co-worker that legally a credit card company (I believe for those card companies based in Delaware) can hold sending your bill up until the 5th DAY before your payment is due--and don't think that they don't do that!!!!! Now you've got a late fee and finance charges being assessed on that daily!!!! When customers complain of this causal type of late fee, we couldn't justify with our withholding of sending your bill at the last minute or our lengthy sorting process, so we would just say it was a post-office issue and not our fault because "we don't have control over the postal system".

SOLUTION: MAIL YOUR PAYMENT IN IMMEDIATELY (OR PAY VIA ON-LINE/OVER THE PHONE) and DO NOT ENCLOSE ANY ADDITIONAL ITEMS EXCEPT FOR YOUR CHECK/MONEY ORDER AND REMITTENCE STUB IN A REGULAR ENVELOPE!!!

B) PAYING-OFF YOUR ACCOUNT: call and ask for your pay-off balance because you must account for the 7-10 days of daily finance charges compounding on your acct while its in the mail and being processed--OR ELSE, you'll still have a balance on your account and have to deal with late fees on a following bill.

TO CALCULATE FINANCE CHARGES:

1) DAILY FINANCE CHARGES (FC):

FC=APR/365 * ADB/100 * # DAYS IN BILLING CYCLE (OR # DAYS WORKING WITH)

EX. AVG.. DAILY BALANCE OF $2000; APR 14.99% AND WANT TO ACCOUNT FOR THE MAX. 10 DAYS TAKES FOR THE CREDIT CARD COMPANY TO POST YOUR PAYMENT:

FC=14.99/365days * $2000/100 * 10 days FC= $8.22

so, pay-off balance (on day you call) would be $2008.22

2) CALCULATE MONTHLY FINANCE CHARGES:

FC= APR/12 * ADB/100

***NOTE: IF YOU WANT YOUR BALANCE TO DECREASE BY, SAY, $100 EACH MONTH, AND YOU WANT TO BEAT THE DAILY COMPOUNDING FINANCE CHARGES, then take your most recent bill's balance and calculate the finance charges using the above formula "calculating monthly finance charges" and add that finance charge to your $100 payment.

Ex. on a $2000 balance @ 14.99%

FC= 14.99/12 * $2000/100

FC= $24.99

SO, make a payment of $124.99. and repeat this calculation on your next bill's balance because, in essence, your paying next months finance charges this month!! And your principle amt. is decreasing at a fixed amount ($100) !!!

I HOPE this tip wasn't stating the obvious or too confusing :)!!

II. OVERLIMIT FEES

A) My former company allows some cardholders to go over their credit limit without pre-authorization (none of the customer service reps knew what cardholders could go over or by what %). Cardholders would call with the assumption that the card would decline when it reached the credit limit, but we "explained" that you could go over and your card wouldn't be declined as a courtesy to avoid cardholder's embarrassment at the cashier counter. But, actually it was just a way for my former company to get more money because, I believe, my former company thinks that most people don't keep track of their balance on a daily basis and just leave it up to their "friendly" card company to do their cardholder's accounting.

B) Also, if at any point in the monthly cycle you are ONE DAY LATE--even if it's one day right in the middle of the cycle--you are assessed the overlimit fee.

c) Watch out for the double-whammy: late fee creating an over-limit fee. When I worked there, this combination totaled $58!! Plus, finance charges on top of that!!!

SOLUTION: BE AWARE OF YOUR DAILY BALANCE AND DON'T GET TOO CLOSE TO YOUR CREDIT LIMIT!!!!

III. RAISING YOUR APR

A) If at any point your account was late twice within a 6 mo. or 12 mo. (I can't remember which), then your APR goes up. Even if your late fees were waived because of our error. I especially "loved" when our loyal customers got this slap in the face and because we couldn't lower their APR, they chose to close their account. I would transfer them to our account-closing dept., knowing that the customer would be bribed by that dept. with a lower rate, but by that point the customer is so upset that they don't want our card anymore.

B) Also, watch those introductory rates because in just a few months a 3.99% could "shoot-up" to 19.99%!!!!!!

C) Also, ONE late payment during your introductory rate equals removal of that intro rate.

IV. UNAUTHORIZED CHARGES

A) True, legally a card company must give the cardholder the ability to dispute an unauthorized charge, but usually the unauthorized charge is from one of our in-house telemarketers/companies. Here's how the unauthorized charge transpires: as you may know, card companies rent, trade, and sell your name, number, and address to companies "affiliated" with them. These companies call you and if they are an in-house they have the ability to charge to your acct. Now these are telemarketers, so usually they make commission and have been known to "slam" you by charging their product/service to your acct. so they can make their commission and meet their quotas. Luckily, we could remove that charge and forego the dispute process, but how deceptive and ILLEGAL!!! and good-luck getting the finance charges removed on that "slam".

B) As for JUNKMAIL offers enclosed with your bill, Don't throw them away without first reading them!!! Some offers have been legally known to state (this isn't an exact quote) "if you don't check the refusal box and return it, then we assume you want the product/service and we'll charge it to your acct., immediately" Also, don't cash-in those junkmail checks giving you a dollar-amount credit to your account because by cashing those checks, you've just signed up for some useless service. And an added note, the customer service reps make a commission on any in-house products that we can sell or retain. SOLUTION TO ALL THIS MESS: DEMAND your card company to have your name removed from our list and state, "I do not want my name/address/phone rented, traded, or sold to any in-house or out-of-house companies" and request a confirmation letter to be sent to you so you have it on file.

V. CREDIT CARD COMPANY CLOSES YOUR ACCOUNT

A) the obvious reason would be if you were delinquent in your payments or didn't pay all together, but the following reason just sickens me: I have seen customers who have used their card consistently each month, but they pay their balance off and on-time each month to avoid finance charges. My fomer company decides to close their account--unknowingly to the customer--because they is not making any money off this account!!!! So, it's a catch-22--you need good credit to get their card, but they dismiss those that are good-paying cardholders.

VI. WHEN YOU HAVE A DISPUTE

A) When you have a disputed charge or any problems with your account, LOOK OUT!!!! The only number you get is customer service. You want to speak to a supervisor, we'll take your name and number (our supervisors WOULD NOT intercept the call, nor did they have the knowledge or company training to actually get on the phones to help customers!!!!!!!) and, if the supervisor feels like it, he/she will call you back within 48 hours. I've seen supervisors look at customer complaint forms and then just throw them away!!!! If you want to speak to the main departments that could directly resolve your problem, there is NO NUMBER that you can call; the customer service reps aren't even given any phone numbers, just an endless list of addresses!

B) Another option this company's reps could use was to e-mail the complaint to the relevant department (faster than the customer mailing complaints to some vague address), but time and time again I had customers saying they exhausted both of these routes--e-mail & mail--with no luck and their was no way that I could override the problem because I had neither the authorization nor knowledge of how to remedy the problem. Sometimes I just wanted to kick the "tar" (keeping it clean) out of these departments because the resolution was so simple, but, yet, nothing was done!!

SOLUTION:

BE DILIGENT ON THE STATUS OF YOUR DISPUTE, KEEP DOCUMENTATION OF ALL PARTIES (DATES/FULL NAMES/TIME CALLED/STATUS/ETC.). HAVE THE EXPECTATION THAT WHEN THERE IS A PROBLEM WITH MY FIRSUSA ACCOUNT, IT WILL NOT BE RESOLVED BY THE NEXT BILL (Just for your own personal serenity). However, diligence will allow for customer service reps to ensure your not getting late fees, over limit fees, and additional finance charges while any investigating is taking place.

VII. SECRET TO GETTING FEES WAIVEDA) Late fees/Overlimit fees1) Play dumb (especially if you have only had one or two fees waived over an extened period of time 6-9 mo): "I never received my bill. Do you have my current/new/correct address?"

2) Remember the last-minute mailing of your bill ploy: "I sent my payment in on (use a date 7-10 days before your due date), so why haven't you received it!!!" or play dumb: "I sent my payment in on (use a date 2-5 days before your due date, I know the mail doesn't take that long to get there!!" or "I sent my payment via air-mail/certified mail so I know it got there on time!" Using these ignorance ploys (though, now you are fully knowledgeable) will be followed with the reps blah-blah-blah that "we don't have control over the postal system and you should mail your payment in 7-10 days before the due date, but just this once I'll waive the fee & any overlimit fee this may have caused you."

*******NOTE: Customer service reps keeps concise net-worked documentation of when you call, what you and the rep talked about, and what action/resolutions were done. So, don't use the same tactic too soon after this waiver (wait 5-6 mo between the exact same ploy).

2) My former employer keeps a running total for the last 24 months of how many fees & finance charges they made off your account. If they've made money (my supervisor had told me it costs the company something like $120 to maintain your account) off of you for at least the amount it costs them to "maintain" -- then state, "If you look at my account history &/or my revolving credit with a high APR, you'll see you've made a lot of money off of me, would you be willing to waive this late/overlimit fee for me?"

3) If all else fails, RAISE HELL!!, customer service reps are NOT ALLOWED to disconnect (we were diligently & secretly monitored and scored on our performance) a call unless the customer is being verbally abusive and using lots of profanity. So get mad and go on-and-on, the rep will just get sick of hearing you that they'll waive the fee just to shut you up!! Keep in mind that I got 200 calls a day with approx. 80% of them being IRRATE customers, I was starved for satisfied customers that didn't yell or get aggressive.

4) Finally, though the company keeps documentation of all your calls, if refused by the first rep, then HANG-UP and call-back odds are 99.9% certain that you'll get a different rep and maybe you can sweet talk/give a sob story and get the rep to waive the fee.

B) RE-AGING Your account

1) as you may know, re-aging is when they remove a late month(s) status on your credit history, as if turning back the hands of time. If you're able to succeed at getting the fee waived--esp. using the ignorance ploys of when you mailed in your payment--then ensure that your account gets re-aged. WHY? to ensure that your credit history shows that your account was not late (atleast for the relevent month on-hand) and to avoid the credit card company's stupid policy that "late twice within the last 6 months equals a huge jump in your APR (19.99% to 22%(?) to 26.99%)" Also to avoid the removal of any low introductory rates.

VIII. MOST IMPORTANTLY

A) READ YOUR DISCLOSURE STATEMENT AND ANY NOTIFICATION OF CHANGES TO THAT DISCLOSURE STATEMENT!!!!!!!!! this lists all of your credit card company's charges, fees, and everything they will try to do to profit off of you! Reps particularly liked to use this as a cop-out to avoid having to remedy your situation, "blah-blah-blah is stated very clearly in your disclosure statement (in the fine, fine, fine, little print), we advise all customers to read this very carefully."

****NOTE: We had to keep our "call-time" down to an average of I believe it was 2.5 minutes with each customer (or we were fired), so get to point when you call and the rep will have a more efficient ablility to get all the mess that company created for you resolved (or at least make you think it was resolved.)

Thanks to http://www.creditinfocenter.com/cards/customerservicerepdiary.shtml :)

Credit Cards & Identity Theft - Online Fraud

2007-02-19T09:59:00.000-08:00

The picture above is an example of a physical magnetic stripe reader and the size of it.

A couple of years ago, my personal credit card account number was compromised. Did this stop me from continuing online transactions? No way.

In my case, while an unauthorized party gained my account details, no transactions were made. The bank's fraud department were understandably hesitant in releasing details of the compromise, but they were very quick in taking action. I'm not even sure that the offending party was an online merchant, hacker or traditional retailer.

The media in general have fed the paranoia levels of the online consumer community regarding online transactions. Yes, credit card numbers are stolen and yes, there are victims who suffer financial loss. But submitting your credit card details online is no different to handing your card to a shop assistant that you don't know or a waiter you have never met before. There is very little stopping merchants we carry out transactions with on a face to face basis from gathering detailed lists of account numbers to be sold off on the black market. In fact, according to the 2005 Identity Fraud Survey Report, under 12 percent of ID fraud incidents originate online.

The media have also fed the xenophobic cold war attitudes of years gone by by focusing on certain countries. Credit card number hackers are "Russian", true. They are also American, Australian and English. Every country in the world has a community of identity thieves, scammers and spammers.

If you own a credit card and don't carry out online transactions, it doesn't mean you are safe. We need to remember that most of the world's information systems are now connected somehow to the Internet. All your vital details are now available online; regardless of whether or not you are a Internet user.

If you have ever collected a welfare payment, taken out an insurance policy or registered a vehicle - congratulations! You are now part of the World Wide Web, like it or not. You can now emerge from your privacy fortress as resistance is futile. That's the reality of our modern lives.

So, now after having blown away your misconceptions of your privacy, and your false security of being safe from identity theft, let's deal with reality!

Identity theft and credit card fraud is not uncommon, such is the nature of an online world.

How do we as netizens and webmasters protect ourselves and our clients as best as possible? It boils down to a number of simple guidelines.

Password issues

Passwords - Know that little window that pops up and politely asks you if you want your computer to remember certain user names and passwords? Don't tick it! Most passwords are stored in a special file on a Windows 95/98/ME system and every half-baked pimply would-be hacker knows what it is. If you are not using a firewall, it is pretty easy for these people to snatch your password file and then crack it at their leisure using freely available programs.

Password length can also add as extra protection. Those extra few numbers and letters make all the difference. Read the article:

Safety in numbers and letters

Web masters, if you are keeping user information on your web server, ensure it is stored in the proper directory with the proper permissions. Better still, wherever possible, store minimum client information on your server.

Even better, ensure that all sensitive details that your visitors may submit occur over an SSL connection. A web server is the equivalent of a 7/11 store - open all hours for valid and non-valid customers. There is NO 100% guaranteed safe system.

Firewalls

A personal firewall is now a necessity, not a luxury. The script kiddie problem is increasing. A script kiddie is someone who fancies themselves as a hacker and utilizes freely available programs to compromise your system via the Internet. Script Kiddies have caused major problems over recent years and have been known to post up credit card numbers for all to see. Why? Bragging rights, a great deal of the time. There are over 60 000 points of entry on your PC.

Beware of phishing scams

Phishing is a strategy used to fool people into revealing passwords and other sensitive information by posing as a legitimate source. A common example is email sent by a party claiming to be a bank stating that the addressee must take action immediately to prevent problems with their account. The email usually has a link an online form that is branded to like the organization web site. The form will usually ask for sensitive details such as passwords, tax numbers etc.

Phishing scammers are becoming increasingly skilled in mimicking style and language of communications. They use lists of millions of email addresses to send their notes out to, in the hope of snagging even a very small percentage of addressees.

As these scams can be hard to discern from legitimate communications, the rule of thumb is that if the email has a link that leads to an account login page; don't use that link. Go to the site via another means and login, or call the company to verify the authenticity of the email.

Verify

Who are you? - Before you click the submit button for that ezine that you really gotta have; how much information are you having to give away? A name and email address should be all that's needed in most cases. Even if you aren't having to submit credit card numbers, you are still giving away information that enables people to build profiles on you which then make it easier for identity theft to occur.

It's amazing how much information you can access just knowing somebody's date of birth. If a service provider is asking you for more than your name and email address; I strongly advise checking them out before submitting.

Web masters; you need to be able to supply freely available details about your organization if you want visitors to sign up for your services. An applied and publicized privacy policy along with an "about us" page will serve to put your visitors minds at rest.

Secure connection

In the clear = danger - When you are asked to submit sensitive details such as credit card numbers, check your browser address bar. Does the address begin with https:? If it doesn't, you will be submitting details "in the clear" - unprotected. The https signifies a secure line of communications using inbuilt browser encryption, these days it is about as secure as you can hope for.

Check your accounts regularly

If you have the ability to bank online; it's probably wise to log in every couple of days to review transactions. The major banks, while quick to sniff out fraudulent activities these days, don't always pick up on fraudulent transactions.

If you do see something that looks suspicious in your transaction history, don't panic, but immediately contact your bank who may freeze your account while they investigate. In the majority of cases, you won't be liable for the invalid transactions. But I will say that having your account compromised is very frustrating as it can take a week or two to reissue cards. And if, like me, you utilize online services frequently you'll find it a time consuming ordeal while contacting your suppliers to tell them of the changes.

More on identity theft

Why steal another persons credit card numbers when you can get your own under an assumed identity? I watched a disturbing report a couple of years ago concerning the head of a security firm; who incidentally refused to have an Internet connection at home, or carry out any personal transactions online. He challenged workers within the organization to see how much information they could collate regarding him; using only the Internet as a tool.

The pile of documentation that was gathered within a couple of weeks was frightening. The file he was presented with was over two inches thick and contained amongst other things a certified copy of his birth certificate. With that type of information, a person could obtain a credit card, a drivers license, etc. etc. and happily build up huge bills under his name. There are many documented cases of identity theft and it has ruined innocent people's lives.

There are many "spy" services out there, that for only a few bucks are quite willing to provide anyone with enough information to begin building a usable personal profile. It's legal to provide this sort of information which includes court records, bankruptcy details, marriage and birth certificates. Even more disturbing is that a number of these services are provided by our Governments.

If you should start receiving strange bills for items you didn't order from companies you have never heard of, don't disregard them as billing mistakes. You may be the victim of identity theft. Contact your bank manager and law enforcement authorities immediately; it's better to be safe than sorry.

Whether netizen or web master, we can't stop credit card fraud or identity theft, but we can minimize it by being aware and taking responsibility for the amount of information we give away or store.

Thanks to original author

Michael Bloch
Taming the Beast
http://www.tamingthebeast.net
Tutorials, web content, tools and software.
Web Marketing, Internet Development & Ecommerce Resources

2007-02-18T16:44:00.000-08:00

In this article we're going to cover check fraud. Check fraud is the copying and/or duplicating of checks, usually using desktop publishing programs, for the purpose of purchasing goods or services using someone else's account. The victims of this fraud include financial institutions, businesses who still accept checks and the consumer himself who has had his checking account compromised. In most cases the crimes begin with the theft of the document. This is as easy to do as somebody breaking into your home and stealing a blank check or even going through your garbage to steal an old canceled check. After that, it is a simple matter to forge your bank account number to go with a new ID. While it doesn't make up the majority of financial fraud, now that we have credit cards and online shopping, it is still a problem that accounts for a great amount of money each year. How much? Let's take a look at some statistics.

In one year merchants take in over $13 billion dollars in bad checks. Each year shows an increase of relatively about 18 percent. This number is still expected to grow in spite of the fact that more and more purchases are made online or with credit cards.

It is estimated that 75% of the vendors use third party verification services. This makes it more likely that bad checks are going to get through as opposed to vendors who use manual approval methods or some in house system. Unfortunately, it is cheaper to go with a third party service and that is why most vendors do so.

It is estimated that more than 2.2 million bad checks enter the system each day and they expect this number to increase anywhere from 2 to 4 percent over the coming years. This is a staggering figure when you project this out over the course of a year.

On the average, banks charge about $20 per each bad check to the person who issued the check and $5 per check to the person who deposited the check. Of course in many cases of stolen checks, the person being charged back doesn't even realize a purchase had been made.

According to the American Collectors Association, Americans write about 1.7 million bad checks each day totaling more than $50 million in bad check losses. This is the largest figure world wide and is growing daily.

As to the checks that are stolen or forged, the number of these checks that are written each year comes out to about 500 million checks and over $10 billion in lost revenue. Check fraud in itself is expected to grow at a rate of about 2.5% each year according to the current trend.

The average number of fraudulent checks written daily is about 1.4 million which comes out to about $27.3 million worth of fraudulent checks written everyday.

According to the National Check Fraud Center, check fraud and counterfeiting are the largest and fasting growing problem that the United States financial system now faces. The estimated losses produced annually are over $10 billion and is expected to rise substantially over the coming years.

2007-02-17T09:05:00.000-08:00

Enter your credit card balance and interest rate. Then enter the monthly payment you can afford, OR your deadline to be debt-free. Leave the other window blank. Click calculate to get the results.

How do I get more personalized results?
Looking for more personalized rates?

Try this link http://www.bankrate.com/brm/calc/creditcardpay.asp
to calculate your credit card debt. Here is the screenshot of the
calculator.

2007-02-17T08:31:00.000-08:00

Three Types Of Fraud: Most Common, Most Dangerous

By: Michael Russell

Fraud. The intentional use of deceit, a trick or some dishonest means to deprive another of their money, property, or a legal right. Fraudster. A person who intentionally
deceives a consumer or business to deprive them or their money,property, or a legal right. Fraud is a crime in the United States, but unfortunately, those who commit fraud largely go
unpunished and continue to victimize consumers and businesses. In 2005 in telemarketing and internet frauds, an average of $19 million dollars was the total loss to fraud. In 2004, it was $9
million dollars. That is a $10 million dollar increase in one year. More and more fraudsters are finding new methods to deceive consumers, but the most used schemes are Phishing, Pharming
and Work-At-Home Scams. These schemes are achieved either through the Internet, Telemarketing, or both.

Phishing is defined as a fraudster calling or e-mailing the consumer pretending to be a
legitimate business, bank, organization, or government agency wanting the consumer to confirm their personal information. Personal information is addresses, names, dates of birth, account numbers, pin numbers, access codes, etc. Anything for the fraudster to access the consumer's account. Reasons or excuses the fraudster will use to gain this access are, "Your account is about to close unless...Our computers lost your information so if you would...An order was placed in your name if you would give us.". Now, once the information is given, the fraudster has
access to their account. Once the consumer has been hooked by a phisher it is their responsibility to act immediately. They must contact the companies with which they have accounts and notify them of the phishing. But what are the ways to avoid being
'Phished'? Verify. Verify the company being represented. Verify the caller. Check with state and/or local consumer protection agencies and the Better Business Bureau about the
company. If the consumer protection agencies or the Better Business Bureau cannot confirm the company then the company or caller is fraudulent and the call or e-mail was phishing. It is asked if you encounter phishing that you notify the company that the fraudster was representing. Now, pharming is when a virus or malicious program is planted into the computer and hijacks the consumer's web browser. Then when the consumer types a web
address they are taken to a phony site and when they enter in their personal information, more specifically their account number and password, the fraudster can then steal that information and use it fraudulently. Of course, this is all done without the
consumer's knowledge. That is the whole idea behind pharming. Pharming is more sophisticated than phishing and much more dangerous. But if that is true, how do you avoid being a victim to pharming? Certification. The servers or websites would have to add another layer of authentication that is certification. They would have to prove to you that they are who they say they are and establish a trusted link with you. Of course, that would require obtaining a certificate from a certificate authority such as VeriSign. Now, when you visit a site that uses certification a dialog box will appear asking you if you want to trust the site or
certificate. If the name on the certificate does not match the name on the site then something is wrong. The only way you can protect yourself from pharming is to use sites that use certification as described above. If you believes that your web browser has
been hijacked then you will have to contact your Internet Security Provider to resolve the problem. Work-at-Home scams are jobs that people or consumers do in the comfort of their own home. These are paid jobs. But unfortunately, most Work-at-Home jobs
are scams. They promise huge amounts of profit, little work time and other unrealistic promises. But how to point them out? First, Work-at-Home jobs never promise big profits in
little time. Second, you should ask for more information on what you will be doing and for whom. Third, you must know whom you are dealing with. You should find out if the company is
legitimate by contacting your state or local consumer protection agencies and the Better Business Bureau. Fourth, you should get references. You should ask the employees of the company if the company itself keeps its promises. Lastly, you should be aware of the refund policy. You should inquire with the company under what circumstances you would be allowed a refund against your purchase.

Now, three of the most common or most dangerous types of frauds were named. Each type of fraud was explained and what you could do to avoid or protect yourself from

these types of fraud. But what if you are a victim of one of these? What should you do? There are four steps that you, a consumer should follow if you are a victim of fraud. First, you must contact the fraud department in one of three credit bureaus (TransUnion, Equifax, Experian) to have a fraud alert placed on your credit report. The alert tells the creditors to follow certain procedures before opening a new account with you, the consumer. Second, you should close any accounts that have the fraudulent activity or have been opened fraudulently. Third, you should file a complaint with the Federal Trade Commission (FTC) about the fraudulent activity. Lastly, you need to file a report with the local police authorities. Once filed you need to give a copy to your Federal Trade Commission ID Theft complaint form. This action helps you with creditors who need proof of the crime in order to remove it from your credit report.

Phishing,

Pharming and Work-at-Home scams are the most common types of fraud today. One can request verification of personal information, another can take it without the consumer’s knowledge and another can make false promises. More and more consumers are becoming victims of fraud because the scams are becoming more sophisticated. But you, the consumer, have the best weapon and protection against fraud. Education. If you were able to educate yourself on fraud you would be less likely to become a victim of it. So, educate yourself. Learn everything you can about fraud. Research it, ask about it and know your enemy. Phishing, Pharming and Work-at-Home scams are only three of many types of fraud. Learn about them all and find out how to protect yourself them. Don’t be a victim of fraud.

2007-02-17T07:10:00.000-08:00

In the first part of this article, I outlined some frightening statistics regarding credit card fraud and chargeback fees to merchants. It's worthwhile reviewing if you haven't read it as yet.

Protecting your online business from fraud.

One of the great things about the Internet is anonymity. One of the worst things about the Internet is anonymity - especially if you're an ecommerce merchant. If you utilize payment gateways for credit card transactions or are considering doing so, it is important
to ask the gateway provider about their screening features (this precedes actual credit card payment processing). Some offer none at all! Many payment gateway providers use the Address Verification System (AVS). AVS provides a degree of protection by comparing some
of the billing details on the order to those held by the cardholders bank.

– But :

The transaction may be approved even if the address verificationinformation does not match! The merchant faces the possibility ofchargebacks if the payment gateway decides to continue with thetransaction on a questionable match. If you have AVS features inplace, check the settings in your interface. AVS should just be usedas an indicator of a possible attempt at fraud; a flag to help determine if an order should be more thoroughly investigated.CVV2 takes things a step further. A CVV2 number is the three lastdigits located on the back of a credit card, or the four stand-alonedigits on the front of an Amex card. It's certainly very useful forfurther minimizing fraud, but fraudsters can get hold of this information, so again, don't rely on this alone. Fraud screening really needs to be approached holistically. The following anti-fraud strategies are worthwhile considering whether you're using offline facilities for payment processing or third party credit card processing systems

Request information.

While consumers value their privacy and require quick checkoutprocesses, it is of the utmost importance that you gather sufficient customer identity details during the ordering process. The customers name, credit card number and expiry date is not enough. Tell your customers why you need the information and what you will do with it - after all, it's in their best interests too.
The fewer chargeback fees you have to pay, the cheaper you can offer goods and services.

Check the IP address

It's important that each order processed from your site alsocontains information regarding the IP address of the person placing the order. An IP address is a unique network identifier issued by an Internet Service Provider to a user every time they are logged on to the Internet. The IP address can be easily traced using free tools such as DNS Stuff. If the order has a billing address of the USA, and the IP originates in Africa, you can be fairly certain it's fraud. While this is a very good anti-fraud mechanism and useful for tracking fraudsters, be aware that IP addresses can also be forged.

Email address awareness.

Fraudsters rarely use their own email address and with theproliferation of free email services, it is quite easy to establish a fake email account - it can be done in under 2 minutes Some online businesses now refuse to process web site orders that llist free email address services as the primary point of contact, opting to request from customers their ISP or business emailaddresses. You can check an email address quickly by going to the originating domain and seeing if it provides a free email service.

Shipping addresses.
If the shipping address is different to the billing address, be wary; although it is not uncommon for people sending gifts to others to request a different shipping address, or if the billing address is a post office box. You'll rarely find a fraudster sending goods to the legitimate cardholders address; although this has been known to occur on occasion.

At the point of ordering, request a telephone contact number from the purchaser. State that you need this number in order to contact them if there are any problems. Many cardholders of compromised accounts have been alerted in this way. The fraudster more than likely won't give you his own phone number as he/she can then be traced. If an order is suspect, email the customer or call them to confirm the authenticity of the transaction. Fraudsters hate merchant
contact of any kind.

Log analysis.
There's plethora of site traffic tracking services and softwareavailable now that will not only return very valuable demographic data, but can also assist you in pinpointing the origins of frau d. Still one of the best ways to analyze your log files is manually. By examining your logs carefully, you will be able to find out a suspect order's originating Internet address if it's not included on your order receipts. This tracking is made easier if you include a Time Stamp on each submitted order. If you find that an order originating from Russia states a billing address of Sydney on the order form, make further enquiries. Most web hosts will have a server log available for your account. It's basically a text file that records every single request to the site, including images. Contained in every request is an originating IP i.e. the ISP issued address of the computer that "asked" for the file. If you aren't sure about how to access your raw server logs, enquire with your hosting service. Learn more about interpreting server logs.

Overseas orders.
Can be risky, but an important part of your online business - by refusing to ship outside your country, you may be leaving a lot of money on the table. It is very difficult to retrieve goods or apprehend fraudsters once the goods have left the country, so don't hesitate in making further enquiries with the customer or credit card company if an order seems suspect. Unfortunately, Eastern Europe is still a very high risk region for the origin of credit card fraud, with some online business owners refusing to process orders from that region. Other high risk regions are Indonesia, Egypt, Turkey, Pakistan, Malaysia, Vietnam, Africa and Israel.

Unusual orders.
Unusually large orders requesting express delivery definitelywarrant further investigation, especially if the customer has notpurchased from you before. Customers are pretty cautious, and will tend to place small orders in the first instance to test the efficiency and integrity of your online business, or they'll make some sort of contact with you prior to ordering.

When in doubt, call the cardholder or bank.
I can't stress this enough - call the relevant credit card company BEFORE attempting to process the order if in doubt... that extra 5 minutes may save you big dollars! Even if the order has been
processed through automated systems, it's not too late to follow up before shipping the goods or providing the services. The idea is to deal with the situation before the cardholder is issued a statement, notices something on it that they didn't purchase and then contacts
their bank.

Ask for photo identification
If you're dealing with high value items, I don't think it's overkill to ask for photo identification to be emailed to you if an order seems suspicious. You just need to weigh up the risks -
possibly lose a couple of hundred dollars profit from a disgruntled client not willing to provide photo ID, or lose the couple of hundred dollars, plus the product, plus the chargeback fee if you decide to go ahead with the transaction.

Make your anti-fraud policy visible.
Visual deterrents are still one of the most effective ways of minimizing crime. In a bricks and mortar store, signs and cameras do prevent shoplifting to some degree, especially amongst amateur criminals. Why not use the strategy on your site?

Add bold notices to the checkout pages stating your stance on fraud and that systems are in place to monitor all transactions. Not only will this decrease attempts at fraud, but will also demonstrate to your clients that you take transaction security very seriously.

Utilize specialist anti-fraud services.
Like so many online business owners, perhaps you don't have time to carry out rigorous screening. With the increase in fraudulent transactions, many companies have sprung up to act as screening services to help minimize credit card fraud risks to merchants. As with anything else related to online business security, nothing is guaranteed 100% effective, but the above strategies will definitely assist in decreasing the amount of credit card fraud you experience, or help you track down credit card fraudsters.

Further learning resources

Payment Gateways and Merchant accounts - a beginners guide

Michael Bloch

Taming the Beast

http://www.tamingthebeast.net

Tutorials, web content, tools and software.

Web Marketing, Internet Development & Ecommerce Resources

2007-02-16T10:53:00.000-08:00

Credit Card Fraud: 21 Tips to Protect Yourself

Although credit card fraud is certainly on the rise -- and credit card fraud on the Internet is rising even more dramatically -- many savvy Internet shoppers know that the reality is that it's actually much safer to enter your credit card number on a secure online order form than it is to give your credit card to a waiter at a restaurant.

After all, what's to stop the waiter from writing down your credit card number and placing orders on the phone with it later?

And research shows that the rate of fraudulent purchases made by cell phones is much higher than credit card fraud on the Net.

Nevertheless, we encourage you to take precautions when giving out any confidential information (including your credit card number) over the Internet, over the phone... or anywhere else for that matter!

Always use common sense -- it is the best rule of thumb.

Nonetheless, we've created 21 tips to protect yourself from credit card fraud -- which you'll find below.

First though, we wanted to mention a much more prevalent -- and much less publicized -- aspect of credit card fraud: the dangers of credit card fraud for businesses who accept credit cards over the Net.

Internet ScamBusters' 21 Credit Card Fraud Prevention Tips:

1. Keep an eye on your credit card every time you use it, and make sure you get it back as quickly as possible. Try not to let your credit card out of your sight whenever possible.
2. Be very careful to whom you give your credit card. Don't give out your account number over the phone unless you initiate the call and you know the company is reputable. Never give your credit card info out when you receive a phone call. (For example, if you're told there has been a 'computer problem' and the caller needs you to verify information.) Legitimate companies don't call you to ask for a credit card number over the phone.
3. Never respond to emails that request you provide your credit card info via email -- and don't ever respond to emails that ask you to go to a website to verify personal (and credit card) information. These are called 'phishing' scams.
4. Never provide your credit card information on a website that is not a secure site.
5. Sign your credit cards as soon as you receive them.
6. Shred all credit card applications you receive.
7. Don't write your PIN number on your credit card -- or have it anywhere near your credit card (in the event that your wallet gets stolen).
8. Never leave your credit cards or receipts lying around.
9. Shield your credit card number so that others around you can't copy it or capture it on a cell phone or other camera.
10. Keep a list in a secure place with all of your account numbers and expiration dates, as well as the phone number and address of each bank that has issued you a credit card. Keep this list updated each time you get a new credit card.
11. Only carry around credit cards that you absolutely need. Don't carry around extra credit cards that you rarely use.
12. Open credit card bills promptly and make sure there are no bogus charges. Treat your credit card bill like your checking account -- reconcile it monthly. Save your receipts so you can compare them with your monthly bills.
13. If you find any charges that you don't have a receipt for -- or that you don't recognize -- report these charges promptly (and in writing) to the credit card issuer.
14. Always void and destroy incorrect receipts.
15. Shred anything with your credit card number written on it.
16. Never sign a blank credit card receipt. Carefully draw a line through blank portions of the receipt where additional charges could be fraudulently added.
17. Carbon paper is rarely used these days, but if there is a carbon that is used in a credit card transaction, destroy it immediately.
18. Never write your credit card account number in a public place (such as on a postcard or so that it shows through the envelope payment window).
19. Ideally, it's a good idea to carry your credit cards separately from your wallet -- perhaps in a zippered compartment or a small pouch.
20. Never lend a credit card to anyone else.
21. If you move, notify your credit card issuers in advance of your change of address.

If you suspect credit card fraud:

If your credit cards are lost or stolen, contact the issuer(s) immediately.

Most credit card companies have toll-free numbers and 24-hour service to deal with these emergencies -- they are eager to avoid credit card fraud.

According to US law, once you have reported the loss or theft of your credit card, you have no more responsibility for unauthorized charges. Further, your maximum liability under federal US law is $50 per credit card -- and many credit card issuers will even waive that fee for good customers.

If you follow all these tips, it will go a long way in protecting you from credit card fraud.

Credit to original author: