Goodnews! International Credit Card fraudsters nabbed. Bad news! It won’t curb credit card fraud. That was the news from www.bankinfosecurity.com written by Tracy Kitten on June 29th 2012.
I concur. Credit/Debit card fraud seems to be the easiest bad-guy crime. Those involved with this crime can tell how swift they can get free money but the crime itself is actually at the bottom of the crime-pepetrators chart. Verizon proved this in its data breach report for 2012 which showed malware attack at 95%.
There is what is known as “Lord of crime”, these folks do not concern themselves with “cheap crime” such as credit/debit card fraud. They concern themselves with selling malware (softwares developed for the purpose of compromising information asset) that can send harmful codes to an organization’s vulnerable web applications or network which in turn collects credit card/debit card information and trade secrets which may not be easily traced to them. These are the real criminals.
The modus operandi for credit card fraudsters is so easy: either they hack into an organization’s system (which has been on the increase) through web application vulnerability for the sole purpose of stealing credit/debit card information and then create a cloned copy of those, which they use to get funds from ATM machines or use it for shopping online or they buy credit/debit card information sold to them by cashiers.
Why organizational-level attack is on the rise, is because, employees take their computer home and connect to their home network which might get infected with malware and then they attach same laptop at their work network and get that network hit with malware. Sometimes employees attach their personal devices not recognized by the organization network and these points are open doors for malware attack, especially if they are not at the same level of security as those of the organization.
One open door, one attack and lots of classified and personal information of customers and employees are lost to these fraudsters who in turn smile to the banks via ATMs’ and online shopping.
Be safe from these fraudsters and malware, by registering all computer systems on your company’s network, put restrictions and state penalty for those who attach systems not registered in your organizations network, update your browser, update anti-malware software, be up-to-date with anti-virus software, install intrusion detection/prevention tools to network, attach packet sniffing tools to your network, use encryption tools for classified information, train and monitor employees, create security awareness (using security posters, screen savers) and write policies with people to enforce them. Hopefully you’ll be safe.
Until I see you again next week, remain hydrated and healthy and don’t forget to drop me a line.
No comments:
Post a Comment