Crooks try to besmirch CastleCops with fraudulent donations
Take that
Regcast training : Hyper-V 3.0, VM high availability and disaster recovery
Miscreants are making fraudulent donations to CastleCops in a bid to discredit the volunteer security community.
Stolen credit card details are being used to fund PayPal accounts from which the fraudulent donations are made. CastleCops' work has made it a bête noire for black hats. As a result, its site is regularly subjected to denial of service attacks.
CastleCops has posted a note explaining that it has nothing to do with the fraudulent transactions.
Security observers reckon the switch of tactics - from flooding CastleCops' website to making fraudulent donations - could misfire against its perpetrators.
"If their purpose was to discredit the organisation in this way, then they appear to have been rather naïve. Perhaps, more importantly, they have unintentionally indicated their level of maturity and understanding of how people really perceive this threat," writes Gunter Ollmann, of IBM's ISS security division.
"I believe that the net result of their actions has been to strengthen outsiders' perception of CastleCops, and to publicly validate that more work needs to be done to make the internet a safer place."
The victims of credit card fraud stemming from the attack are more likely to blame fraudsters than CastleCops, he adds.
The use of fraudulent donations to charity sites is becoming more commonplace as a way for fraudsters to discover which card details are valid. A list of credit card details purchased on the black market is likely to include out of date records.
Online donation sites make the process of sorting the wheat from the chaff far more straightforward. Fraudsters avoid the need to bother dealing with shopping carts and inventory lookups when conducting transactions with such sites, which are built to deal with hundreds of card transactions per second. ®
COMMENTS
A user of the Castlecops site
I use the Castlecops site to help against the ****s that send me over 300 junk emails a day.
I agree with the last poster though.Punctuation is so passe.
Reminds me to dig out that old jamesjoycebookorwasitkerouak
Sounds
Like it's just more fun to use castlecops for something they need to do anyway to check their hoard of cc data irony everybody needs a little irony I doubt they care much about castlecops in general as they really aren't doing that much to stop the problem nothing really against them no one is most of these companies that make most of the money from the internet do practically nothing to stop internet crime Google I am looking at you.
Double fake?
"I believe that the net result of their actions has been to strengthen outsiders' perception of CastleCops"
Maybe they're doing it themselves to make it look like they aren't to gain this improvement in reputation - plus a little free advertising in international news syndication sites won't hurt either!
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
