----- Original Message ----- From: "Jonathan A. Zdziarski" <jonathanat_private> To: <incidentsat_private> Sent: Tuesday, July 09, 2002 8:24 PM Subject: Stolen Card Purchases > We've seen a significant increase in the number of stolen credit card > purchase [attempts] made on our website recently, and I'm wondering if > anyone has had very good experience in convincing any legal arm to take > action. We have sent three related incidents to the Secret Service, who > will not touch it unless there's at least $50,000 involved. > Unfortunately, most local law enforcement agencies are impotent at such > issues. We traced the first attempt back through an open proxy where > the administrator even sent us enough information to track him back to a > residential DSL line, but nobody's willing to put in even a little work > to go and subpoena the data and make an arrest. > > We're getting pretty sick of having to feel "paranoid" when customers > purchase our products, so I'm hoping some of you may have had more luck > than I have thus far in dealing with such issues. Any creative comments > would be appreciated. I would assume the ones with the most to lose would be the banks which issue the cards. They can also afford to fund legal means to get their money back. I would begin by contacting the fraud department for the bank which had the highest number of attempts. I would hope they already have procedures in place for prosecuting this sort of thing. Jonathan ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Jul 10 2002 - 08:40:23 PDT