Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Unauthorised donations signal worse to come.

CyberArk Software : 13 July, 2007  (Technical Article)
Card fraudsters make small donations from stolen cards to test validity before carrying out larger fraudulent activity.
Researchers at Symantec have warned debit and credit card account
holders to be on the look-out for small, but unauthorised, charitable
donations on their statements, as they could be a pre-cursor to
serious fraud on the account.

According to Symantec, its researchers have identified a shift in
fraudster `valid stolen card' checking activity, with fraudsters
`testing' stolen card details for ongoing validity by making a small
donation via a charitable Web site.

Calum Macleod, European director for Cyber-Ark, the data vaulting
specialist, said the shift in cybercrime activity is especially
worrying for business debit and credit card account holders, as they
tend to have less control over card usage than their personal

'It's always difficult to vet business card activity, so I would urge
all company card account holders to be on the look-out for all small
transactions, especially innocuous looking charitable donations, and
check with the cardholder as to their validity,' he said.

'The problem with these small, but unauthorised, transactions, is that
they almost always lead to larger unauthorised transactions coming
through and these can be a major headache to resolve,' he added.

Macleod went on to say that companies need to be extra-careful when it
comes to storing and transmitting card details.

'They should use a secure and encrypted system for storing details on
the company IT systems, and always use encryption on the rare
occasions when it becomes necessary to transmit the card details to a
third party. The Payment Card Industry DSS guidelines should be applied diligently by any organisation that accepts payment cards, regardless of whether or not they are obliged to do so' he said.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo