[ISN] Know Your Enemy - Automated Credit Card Fraud

From: InfoSec News (isnat_private)
Date: Thu Jul 10 2003 - 00:22:48 PDT

  • Next message: InfoSec News: "[ISN] DoS Holes Plugged in Apache HTTP Server"

    Forwarded from: Lance Spitzner <lanceat_private>
    
    Thought the folks on the list would be interested in 
    this paper.  CC fraud and identity theft has become far 
    easier, automated, and wide spread then we originally thought.
    
    -- 
    Lance Spitzner
    http://www.tracking-hackers.com
    
    ---------- Forwarded message ----------
    From: Patrick McCarty <mccartypat_private>
    Subject: Know Your Enemy - Automated Credit Card Fraud
    
    
    The Honeynet Project is excited to announce the release of a new paper
    in the Know Your Enemy series, "Automated Credit Card Fraud."  The
    paper describes how a certain criminal community, who call themselves
    carders, have established sophisticated tools and methods that perform
    such functions as:
    
    * Providing a stolen credit card and personal information upon request
    * Verifying that a credit card is currently valid
    * Determining the security code (CVV2) associated with a credit card
    * Determining the available credit remaining on a credit card
    
    These tools also identify retailers vulnerable to credit card fraud,
    exploits that can compromise inadequately defended e-commerce sites,
    and means of concealing on-line identity during criminal activity.
    
    The related criminal activity is global in scope, significant in
    volume, and conducted largely in open IRC channels. Despite policing
    by operators of some IRC networks, and shutdown of some high-activity
    channels, several IRC networks and many IRC channels continue to
    provide automated support of credit card fraud. One of the most
    disturbing aspects of this activity is just how simple and pervasive
    this has become.
    
         Know Your Enemy: Automated Credit Card Fraud
         http://www.honeynet.org/papers/profiles/cc-fraud.pdf
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Thu Jul 10 2003 - 03:03:46 PDT