Sunday, June 20, 2010
Do you know about "Fraudlabs Fraud detection Web Service"?
The FraudLabs Credit Card Fraud Detection Web Service is a hosted, programmable XML Web Service that allows instant detection of fraudulent online credit card order transactions. The FraudLabs Credit Card Fraud Detection Web Service helps the Internet merchant to avoid loss of revenue, waste of productivity, and increase of operation costs in chargebacks and higher reserved funds as a result of online frauds.
Simply provide FraudLabs several non-intrusive online transaction data such as IP address, email address domain name, delivery address, credit card bank identification number (BIN), area code and ZIP code. FraudLabs Web Service analyzes and scores the transaction information using proprietary FraudLabs algorithm based on known risk factors derived from online fraud patterns. Merchants can automate business decision instantly based on the FraudLabs XML results that are cross-referenced against multiple proprietary databases in real-time.
A fraud validation score is directly proportional to the risk of the input values. The higher the scores, the higher the risk of a transaction.
Benefits
Prevents loss of revenue due to delivery of goods to fraudsters.
Prevents waste of productivity to review all online orders manually.
Prevents increase of operation costs as a result of online frauds chargeback and higher reserved funds.
Integrates via an XML-based Web services interface to any product or platform.
Contains sample code examples for ease of integration.
Provides multiple subscription levels at different prices based on your business needs.
Red Flags Compliant
If you are a business or company that pulls a credit report and/or offers credit or payment plans to consumers you need to become aware of your Red Flags Compliant responsibilities.
What are some of the types of companies that must be Red Flags Compliant?
Retail Stores Carrying Credit
Banks & Credit Unions
Auto Dealers
Equities Brokerage
Telecommunications
Debt Collectors
Credit/Debit Card Issuers
Mortgage Lenders
Check Cashers
Utility Companies
Hospitals
Health Care Companies
Insurance
Foreign Bank Branches
Businesses that do not comply with 2008 FACT Act "Red Flag Regulations" may be subject to fines and civil law suits for breaches of confidential information.
Saturday, June 5, 2010
What's The Department Of Justice Doing About Identity Theft And Fraud?
The Department of Justice prosecutes cases of identity theft and fraud under a variety of federal statutes.In the fall of 1998, for example, Congress passed the Identity Theft and Assumption Deterrence Act . This legislation created a new offense of identity theft, which prohibits knowingly transfer[ring] or us[ing], without lawful authority, a means of identification of another person with the intent to commit, or to aid or abet, any unlawful activity that constitutes a violation of Federal law, or that constitutes a felony under any applicable State or local law.
This offense, in most circumstances, carries a maximum term of 15 years' imprisonment, a fine, and criminal forfeiture of any personal property used or intended to be used to commit the offense.
Schemes to commit identity theft or fraud may also involve violations of other statutes such as identification fraud ,credit card fraud , computer fraud, mail fraud ,wire fraud ,or financial institution fraud.
Each of these federal offenses are felonies that carry substantial penalties in some cases, as high as 30 years' imprisonment, fines, and criminal forfeiture.
Tuesday, June 1, 2010
The Most Common Ways To Commit Identity Theft
As I mentioned in my previous posts ,many people do not realize how easily criminals can obtain our personal data without having to break into our homes. As my lecturer ,Dr. Bahama once told in class ,In public places, for example, criminals may engage in "shoulder surfing" watching you from a nearby location as you punch in your telephone calling card number or credit card number.
Even the area near your home or office may not be secure. Some criminals engage in "dumpster diving" going through your garbage cans to obtain copies of your checks, credit card or bank statements.These types of records make it easier for criminals to get control over accounts in your name and assume your identity.
Also, if your mail is delivered to a place where others have ready access to it, criminals may simply intercept and redirect your mail to another location.
With enough identifying information about an individual, a criminal can take over that individual's identity to conduct a wide range of crimes: for example, false applications for loans and credit cards, fraudulent withdrawals from bank accounts, fraudulent use of telephone calling cards, or obtaining other goods or privileges which the criminal might be denied if he were to use his real name. If the criminal takes steps to ensure that bills for the falsely obtained credit cards, or bank statements showing the unauthorized withdrawals, are sent to an address other than the victim's, the victim may not become aware of what is happing until the criminal has already inflicted substantial damage on the victim's assets, credit, and reputation.
so once again I aware you to be much more careful about your personal information.
Wednesday, May 26, 2010
How does cybercrime affect people?
I brought you here a short story to understand the situation better.
sara' story
Sara is a human resources professional who lives in a small town in malaysia. She has used a computer in her job for more than ten years. At work, her computer is maintained by her organization’s IT department, and she has never experienced any security problems with the computer in her workplace.
sara believes that she is at low risk of online fraud for the following reasons:
1-She never shops online because she doesn't want to risk exposing her credit card information
2-She uses her home computer only for personal email with friends and family
3-Occasionally she looks other things up on the Web, but not often.
sara's situation seems totally safe but Unfortunately it is not.
At work one day last summer, she heard about a new Internet Explorer browser vulnerability;She wanted to be sure her home computer was protected too, so when she got home she went online to get more information about the vulnerability, and determine if she was protected. Using a popular search engine, she found a Web site that offered not only information about the vulnerability, but the option to have a patch for the vulnerability downloaded automatically to her computer. Sandra read the information, but opted not to accept the download since she was taught to download information only from authorized sources. Then she went to the official Microsoft site to obtain the patch.
what went wrong?
Unfortunately, as sara was reading information about the vulnerability on the first site, the criminal who had created the Web site was taking advantage of the fact her computer actually had the vulnerability. In fact, as she was clicking "No" (to refuse the download that was being offered), unbeknownst to her the automatic installation of a small, but powerful, crimeware program was already taking place on her computer.
Simultaneously, the Web site’s owner was already receiving a notification that the keystroke logger had been secretly and successfully installed on Sara’s computer. The program was designed to covertly log everything she typed in from that moment on, and to send all of the information to the Web site owner as well. It functioned flawlessly, too - recording everything Sara typed- every Web site she visited, and every email she sent, passing the stolen text on to the cybercriminal.
Later that evening, Sandra finished up her monthly online banking. As she logged into her personal bank account, the keystroke logger recorded those keystrokes too, including confidential information: the name of her bank, her user ID, her password.
When Sara went to make a deposit the several weeks later and asked for her balance statement, she was shocked to find that her bank account was almost empty. Sara had been the victim of a cybercrime.
Tuesday, May 4, 2010
How Anonymous Are You?
You may think that you are anonymous as you browse web sites, but pieces of information about you are always left behind. You can reduce the amount of information revealed about you by visiting legitimate sites, checking privacy policies, and minimizing the amount of personal information you provide.
When you visit a web site, a certain amount of information is automatically sent to the site. This information may include the following:
1-IP address - Each computer on the internet is assigned a specific, unique IP (internet protocol) address. Your computer may have a static IP address or a dynamic IP address. If you have a static IP address, it never changes. However, some ISPs own a block of addresses and assign an open one each time you connect to the internet—this is a dynamic IP address. You can determine your computer's IP address at any given time by visiting www.showmyip.com
2-domain name - The internet is divided into domains, and every user's account is associated with one of those domains. You can identify the domain by looking at the end of URL; for example, .edu indicates an educational institution, .gov indicates a US government agency, .org refers to organization, and .com is for commercial use. Many countries also have specific domain names. The list of active domain names is available from the Internet Assigned Numbers Authority (IANA).
3-software details - It may be possible for an organization to determine which browser, including the version, that you used to access its site. The organization may also be able to determine what operating system your computer is running.
page visits - Information about which pages you visited, how long you stayed on a
4-given page, and whether you came to the site from a search engine is often available to the organization operating the web site.
If a web site uses cookies, the organization may be able to collect even more information, such as your browsing patterns, which include other sites you've visited. If the site you're vising is malicious, files on your computer, as well as passwords stored in the temporary memory, may be at risk.
now the important question is this " How can you limit the amount of information collected about you?"
there are some way to limit the amount of information that you share. can you help me with that?
thank you
sanaz
Sunday, April 25, 2010
How do you know if your identity has been stolen?
Companies have different policies for notifying customers when they discover that someone has accessed a customer database. However, you should be aware of changes in your normal account activity. The following are examples of changes that could indicate that someone has accessed your information:
unusual or unexplainable charges on your bills
phone calls or bills for accounts, products, or services that you do not have
failure to receive regular bills or mail
new, strange accounts appearing on your credit report
unexpected denial of your credit card
now after knowing your identity has been stolen ,comes another important question
"What can you do if you think, or know, that your identity has been stolen? .
Recovering from identity theft can be a long, stressful, and potentially costly process. Many credit card companies have adopted policies that try to minimize the amount of money you are liable for, but the implications can extend beyond your existing accounts.
dear my friend do you what should you do now? what actions you must have? please give me your ideas .
thank you
sanaz
Subscribe to:
Posts (Atom)