Feeds

E-fraud costs retailers millions

At Xmas of all times too

  • alert
  • submit to reddit

Choosing a cloud hosting partner with confidence

Internet fraud will cost US on-line retailers $500 million this Christmas, as fraudsters devise more sophisticated scams to obtain credit card information.

Research firm Gartner said on Wednesday that an estimated $160 million will be lost this holiday season to fraud and approximately $315 million will be lost in sales due to suspect transactions.

Gartner said its survey found that on-line merchants did not think they were getting the help they needed from credit-card issuers to prevent fraud. The company advised on-line merchants to use real-time checks to look for fraudulent activity based on patterns of fraud abuses. The research firm said that suspect transactions should be weeded out for manual review and money for chargebacks should be collected from card issuers.

The warning follows a steady stream of reports over the last few months of US-based fraudsters targeting eBay and Amazon users with increasingly sophisticated credit card scams. This week, Ebay customers were targeted by fraudsters who sent e-mails to asking them to log on to a fake Web site - ebayupdates.com - that appeared to be related to eBay's official site. They were then asked to resubmit their financial details.

These scam e-mails often tell recipients that someone has tampered with their account or that some unspecified fraud is suspected. The e-mail then tells the recipient to click on a link leading to a site where visitors can enter or change their username and password.

The issue is further complicated by the fact that eBay is sending out its own share of legitimate appeals, urging some users whose accounts have been tampered with to change their passwords, thus leading to confusion.

However, fraud activity in Europe and Ireland is still largely off-line and any on-line credit card fraud does not approach anywhere near the levels of elaboration and sophistication of that in the US, said Denis Cody, vice president at Irish payment security firm Orbiscom.

Credit card transaction software supplied by Orbiscom has a facility that generates a substitute credit card number exclusively for payment on individual Web sites that the customer visits, which includes a set credit limit. In other words, if the substitute number falls into the hands of a fraudster who hacks a Web site used by the customer, the amount of potential damage is limited.

"I would certainly agree that credit card companies need to do more to prevent fraud," added Robert Burke, an engineer with on-line security firm Zerflow. "Its important for people to feel secure about buying products when they go on-line."

While Internet users in Europe were considerably more reticent at the beginning when it came to making purchases on-line, there has been a considerable increase in such purchases, said Burke. "Before people were buying inexpensive, conservative things like books, DVDs, and CDs, but now they're pushing the boat out more towards expensive purchases."

Burke said that his company has conducted audits on Web sites that were so insecure and penetrable that malicious hackers could easily find algorithms that would allow them to generate credit card numbers. Another example of lack of basic security found by Zerflow was users going onto a secure site to enter their credit card number only to find that the hosts have forgotten to turn off the auto complete function, thus exposing their numbers. © ENN

Choosing a cloud hosting partner with confidence

More from The Register

next story
Musicians sue UK.gov over 'zero pay' copyright fix
Everyone else in Europe compensates us - why can't you?
Bladerunner sequel might actually be good. Harrison Ford is in it
Go ahead, you're all clear, kid... Sorry, wrong film
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
Forget Hillary, HP's ex CARLY FIORINA 'wants to be next US Prez'
Former CEO has political ambitions again, according to Washington DC sources
Euro Parliament VOTES to BREAK UP GOOGLE. Er, OK then
It CANNA do it, captain.They DON'T have the POWER!
prev story

Whitepapers

10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Website security in corporate America
Find out how you rank among other IT managers testing your website's vulnerabilities.