Results 1 to 5 of 5

Thread: Preventing Online Credit Card Theft - Revisited

  1. #1

    Preventing Online Credit Card Theft - Revisited

    Online Credit Card Theft is a very old and frequently discussed topic. And yet, a lot of people in the world are still victims to credit card theft. So, in a brief morning post, here are several simple pointers to minimize the risk of online theft.
    1. NEVER respond to e-mails claiming to be from your bank and requesting ANY account or personal information.
    2. NEVER give out information when receiving a telephone calls from someone claiming to be from your bank, and asking account or personal information.
    3. Alert your bank of all attempts described above


    edit by admin: you may not use this forum to promote your site.

  2. #2
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Something I would add is always check your statements promptly, even if you haven't made a purchase in the billing period. You would be surprised at how many people don't do that

    As for debit cards, I don't use one for online or telephone purchases, I use a credit card (dedicated). It is guaranteed against fraudulent use and any items I purchase with it are insured against loss, theft and accidental damage for three months. I guess it depends on where you live and who you bank with?

    Get the credit card for the minimum amount. They should let you have two if you need them, so long as your total credit line doesn't exceed your personal limit. Finance houses are aware of the volume of e-commerce these days and want a share of the action.

  3. #3
    The modern internet landscape has proven that the dimension of personal responsibility is less valuable in defending one's self online.

    For instance, no level of "responsibility" will help you when a vendor is compromised. "Reputable sources" or reputation has become a bullshit topic point in any flavor of security or safety. There is no checkpoint for "have a good reputation" in any security policy, anywhere. Just because some ******* launches a marketing campaign, doesn't mean it's safe to throw your credit cards at them. Read up: TJ Maxx

    In the same territory, the concept of "visiting reputable websites" is now bullshit... the list of highly reputable websites (including security vendors) serving malware has exploded in the past year. No amount of responsibility will help you if you've got a keylogger on your machine anyway.

    Vigilant computing is now bullshit, defensive computing is important. Here's more proactive checklist points for your list:

    1. Use your operating system with a user account for daily stuff
    2. Turn on automatic updates for your browser
    3. Use OpenDNS.com
    4. Look into virtual credit cards or services like shopsafe at bank of america, or paypal's virtual credit card.

  4. #4
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    There are two distinct angles here, as I see it. This is my own terminology so you may like to describe them differently.

    1. Retail Security

    By this I mean the safe purchase of items remotely (i.e. "unseen"). The same principles apply to telephone ordering and mail order, so I choose to distinguish it from a purely IT/Internet scenario.

    Here, it is certainly the buyer's responsibility that they are dealing with a reputable source.

    It is the old scam. Advertise something too good to be true, collect the suckers' money, then vanish.............

    Some hints:

    1. Do they have a privacy policy?
    2. Do they declare proprietorship?
    3. Do they have a "real" address?
    4. Does their telephone get answered?
    5. Do their e-mails get answered?
    6. What is their returns policy?
    7. What does a Google search throw up about them?
    8. Do you know anyone else who has dealt with them?
    9. Do they offer the full range of goods/services that you would expect?
    10. Do they accept all major credit/debit cards and use a secure connection for payment details?

    2. IT Security

    As Soda~ has observed, no site can be considered "safe" these days.

    I would add:

    1. Don't use IE unless you really understand it.
    2. Turn off scripting, or set it to "prompt" at the very least.
    3. Set browser to clear cookies on shutdown.
    4. Don't permanently store your account details and password on your HDD. Use external media and copy & paste instead, or just keep it written down in a safe place.
    5. Turn off and reboot your PC before and after conducting financial transactions.
    6. Never use a public AP or computing facilities for financial transactions.

    Remember that your typical fraudster is a percentage player, and will go for the "low hanging fruit"

    In the case of incidents like TK Max, there is nothing you can do except possibly sue them. Schools, Universities and government have also leaked information.............. that is their security not yours. And a lot of the people compromised had been nowhere near the internet.
    Last edited by nihil; June 17th, 2008 at 10:38 AM.

  5. #5
    Junior Member
    Join Date
    Jan 2013
    Location
    US
    Posts
    20
    Yup good point, i agree completely, but also its our responsbility to be careful while purchasing online too... Its must to see the security of the particular website what we are gonna buy it.

Similar Threads

  1. ID Theft - VERY Good Read
    By 11001001 in forum Miscellaneous Security Discussions
    Replies: 3
    Last Post: June 30th, 2005, 10:10 AM
  2. Credit Card Scam // Social Engineering
    By moxnix in forum AntiOnline's General Chit Chat
    Replies: 6
    Last Post: May 26th, 2004, 09:41 PM
  3. E-transactions
    By w0lverine in forum The Security Tutorials Forum
    Replies: 9
    Last Post: February 23rd, 2004, 01:07 PM
  4. The Worlds Longest Thread!
    By Noble Hamlet in forum AntiOnline's General Chit Chat
    Replies: 1100
    Last Post: March 17th, 2002, 09:38 AM
  5. Hacking DirecTV Lesson 1
    By KapperDog in forum Security Archives
    Replies: 0
    Last Post: September 5th, 2001, 06:34 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •