----- Original Message -----
From: "Jonathan A. Zdziarski" <jonathannetworkdweebs.com>
To: <incidentssecurityfocus.com>
Sent: Tuesday, July 09, 2002 8:24 PM
Subject: Stolen Card Purchases

> We've seen a significant increase in the number of stolen credit card
> purchase [attempts] made on our website recently, and I'm wondering if
> anyone has had very good experience in convincing any legal arm to take
> action. We have sent three related incidents to the Secret Service, who
> will not touch it unless there's at least $50,000 involved.
> Unfortunately, most local law enforcement agencies are impotent at such
> issues. We traced the first attempt back through an open proxy where
> the administrator even sent us enough information to track him back to a
> residential DSL line, but nobody's willing to put in even a little work
> to go and subpoena the data and make an arrest.
>
> We're getting pretty sick of having to feel "paranoid" when customers
> purchase our products, so I'm hoping some of you may have had more luck
> than I have thus far in dealing with such issues. Any creative comments
> would be appreciated.

I would assume the ones with the most to lose would be the banks which issue
the cards. They can also afford to fund legal means to get their money
back. I would begin by contacting the fraud department for the bank which
had the highest number of attempts. I would hope they already have
procedures in place for prosecuting this sort of thing.

Jonathan

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]