[funsec] Customers 'blamed for card fraud'

Robert Slade rmslade at shaw.ca
Wed Oct 7 06:39:13 CDT 2009


From: chris at blask.org
Date: Sunday, October 4, 2009 8:46 am

> This is a hard one to argue against, it leaves the question of 
> "how did they get your PIN?" to be answered.  The only 
> answers possible are:
> 
> o  Someone saw/stole it
> o  the bank has bad tech
> o  the customer wrote it down


As I understand it, the bank involved was in the UK.  For some time, card numbers harvested in Europe have been exported and put on swipe cards in the US.  Because most North American banks and retailers don't (yet) have pin/chip terminals, the card gets used and the user gets defrauded.

It would be interesting to know if transactions carried details of where used and what type of terminal ...

====================== 
rslade at computercrime.org  slade at victoria.tc.ca  rslade at vcn.bc.ca
"If you do buy a computer, don't turn it on."     - Richards' 2nd Law
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs:     [Base URL]mnbksccd.htm
Security Dict.: [Base URL]secgloss.htm
Book reviews:   [Base URL]mnbk.htm
                [Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
Review mailing list: send mail to techbooks-subscribe at egroups.com
http://blogs.securiteam.com/index.php/archives/author/p1/
http://blog.isc2.org/isc2_blog/slade/index.html http://twitter.com/rslade





More information about the funsec mailing list