Tuesday, August 10, 2010

Have you experienced "carding" fraud?

OK, This was a touchy question. Touchy because:

a) No one wants to admit they're a victim of fraud.

b) No one wants to attract more fraud by talking about it.

Carding is a term used for a process to verify the validity of stolen card data. The thief presents the card information on a website that has real-time transaction processing. If the card is processed successfully, the thief knows that the card is still good. The specific item purchased is immaterial, and the thief does not need to purchase an actual product; a Web site subscription or charitable donation would be sufficient. The purchase is usually for a mall monetary amount, both to avoid using the card's credit limit, and also to avoid attracting the card issuer's attention. A website known to be susceptible to carding is known as a cardable website.

According Anti Hacking Anticipation Society ® (HANS) In the past, carders used computer programs called "generators" to produce a sequence of credit card numbers, and then test them to see which were valid accounts. Another variation would be to take false card numbers to a location that does not immediately process card numbers, such as a trade show or special event. However, this process is no longer viable due to widespread requirement by Internet credit card processing systems for additional data such as the billing address, the 3 to 4 digit Card Security Code and/or the card's expiration date, as well as the more prevalent use of wireless card scanners that can process transactions right away. Nowadays, carding is more typically used to verify credit card data obtained directly from the victims by skimming or phishing.

Here's how it seems to work:

* Underground internet credit card thief gets a bunch of card numbers/addresses

* Underground internet credit card thief wants to re-sell this information

* In order to sell this info, thief must prove that it's valuable (that the card limits are desirable)

* For this, he/she turns to the internet, and websites that sell an "intangible good" that doesn't actually ship. All he/she needs is an email confirmation of their purchase, noting the amount charged, to verify that the card will go through for a large purchase.

* Card thief then sells the stolen card info, along with proof that it works for X amount.

As credit card fraud are too common so there are some Tips By Anti Hacking Anticipation Society That must be taken care of:

• When you get a new card, sign the back of it right away.

• Save all receipts and supporting documents for payments and cash withdrawals on the card in an envelope. Check with your monthly statement to compare it with these receipts but don't throw the statement (or the receipts) in the trash without shedding.

• If you change your address, immediately notify your new address and make sure the letters are still in your old address is collected by someone you trust.

• Never write your card number or PIN number on a piece of paper that you keep in your wallet with the cards. Even worse, don't pencil in your PIN number on your card.

• When paying in public with a credit card, cross out all the spaces above the signature to which you can include other items and new totals.

• When shopping online, make sure the website where you buy is secured. The website should have a SLL certificate and display it on the web, or at least have and address that begins with "https." The "s" stands for secure. You should also see a little closed lock symbol or similar symbol in your browser when you are on an https site.

• If you have to give your card number over the phone, make sure you can verify the authenticity of the company you are dealing with.

• Check your statement regularly. If you see a purchase that you do not recognize, call your card's fraud protection hotline. Or research the supposed name of the retailer from which you made the purchase. The longer you wait to look at your statement the harder it will be to recall and verify purchase amounts. Nowadays you can go online and check your statement as often as you look. It's a good habit to get into.

No comments:

Post a Comment