Feeds

E-fraud costs retailers millions

At Xmas of all times too

  • alert
  • submit to reddit

Build a business case: developing custom apps

Internet fraud will cost US on-line retailers $500 million this Christmas, as fraudsters devise more sophisticated scams to obtain credit card information.

Research firm Gartner said on Wednesday that an estimated $160 million will be lost this holiday season to fraud and approximately $315 million will be lost in sales due to suspect transactions.

Gartner said its survey found that on-line merchants did not think they were getting the help they needed from credit-card issuers to prevent fraud. The company advised on-line merchants to use real-time checks to look for fraudulent activity based on patterns of fraud abuses. The research firm said that suspect transactions should be weeded out for manual review and money for chargebacks should be collected from card issuers.

The warning follows a steady stream of reports over the last few months of US-based fraudsters targeting eBay and Amazon users with increasingly sophisticated credit card scams. This week, Ebay customers were targeted by fraudsters who sent e-mails to asking them to log on to a fake Web site - ebayupdates.com - that appeared to be related to eBay's official site. They were then asked to resubmit their financial details.

These scam e-mails often tell recipients that someone has tampered with their account or that some unspecified fraud is suspected. The e-mail then tells the recipient to click on a link leading to a site where visitors can enter or change their username and password.

The issue is further complicated by the fact that eBay is sending out its own share of legitimate appeals, urging some users whose accounts have been tampered with to change their passwords, thus leading to confusion.

However, fraud activity in Europe and Ireland is still largely off-line and any on-line credit card fraud does not approach anywhere near the levels of elaboration and sophistication of that in the US, said Denis Cody, vice president at Irish payment security firm Orbiscom.

Credit card transaction software supplied by Orbiscom has a facility that generates a substitute credit card number exclusively for payment on individual Web sites that the customer visits, which includes a set credit limit. In other words, if the substitute number falls into the hands of a fraudster who hacks a Web site used by the customer, the amount of potential damage is limited.

"I would certainly agree that credit card companies need to do more to prevent fraud," added Robert Burke, an engineer with on-line security firm Zerflow. "Its important for people to feel secure about buying products when they go on-line."

While Internet users in Europe were considerably more reticent at the beginning when it came to making purchases on-line, there has been a considerable increase in such purchases, said Burke. "Before people were buying inexpensive, conservative things like books, DVDs, and CDs, but now they're pushing the boat out more towards expensive purchases."

Burke said that his company has conducted audits on Web sites that were so insecure and penetrable that malicious hackers could easily find algorithms that would allow them to generate credit card numbers. Another example of lack of basic security found by Zerflow was users going onto a secure site to enter their credit card number only to find that the hosts have forgotten to turn off the auto complete function, thus exposing their numbers. © ENN

Build a business case: developing custom apps

More from The Register

next story
Assange™: Hey world, I'M STILL HERE, ignore that Snowden guy
Press conference: ME ME ME ME ME ME ME (cont'd pg 94)
Premier League wants to PURGE ALL FOOTIE GIFs from social media
Not paying Murdoch? You're gonna get a right LEGALLING - thanks to automated software
Online tat bazaar eBay coughs to YET ANOTHER outage
Web-based flea market struck dumb by size and scale of fail
Amazon takes swipe at PayPal, Square with card reader for mobes
Etailer plans to undercut rivals with low transaction fee offer
US regulators OK sale of IBM's x86 server biz to Lenovo
Now all that remains is for gov't offices to ban the boxes
XBOX One will learn to play media from USB and DLNA sources
Hang on? Aren't those file formats you hardly ever see outside torrents?
Class war! Wikipedia's workers revolt again
Bourgeois paper-shufflers have 'suspended democracy', sniff unpaid proles
'Aaaah FFS, 'amazeballs' has made it into the OXFORD DICTIONARY'
Plus: 'EE, how shocking, ANOTHER problem I face with your service'
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.