What's Hot

Dark Reading reports a new fraud campaign aims to separate users of Facebook, Google Mail, Hotmail, and Yahoo from their debit card data. A series of attacks is being carried out by a P2P variant of the Zeus platform against some of the Internet’s leading online services and websites according to Amit Klein, CTO of Trusteer. The attacks come disguised as offers for great rebates or hot new security functionality. But in reality, the scams exploit the trust relationship between users and these well-known service providers, as well as the Visa and MasterCard brands, to steal users’ debit card data. Each of the social engineering attacks differs slightly in its execution. In the case of Facebook, for example, the scam offers people a 20% discount if they link their Visa or MasterCard details to their Facebook account. The scam claims that after registering their card information, the victim will earn cash back when they purchase Facebook points. A fake Web form then requests that the user enter their debit card number, its expiration date, as well as their security code and PIN.

CSO Online reports the UK’s adoption of security technologies including Chip & PIN has resulted in marked drops in credit and debit card fraud in the last four years and set an example other European countries should follow, based upon data from analytics firm FICO. Using information from Euromonitor International, the peak year for all types of UK plastic fraud was 2008. Despite the UK’s falling levels it is clear that fraud levels in the country had reached extraordinary levels in the last decade for a country of 62 million people, many times higher than Germany, a country with a population of 81 million. This suggests that banks were slow to get on top of the issue until the credit crunch focused minds on the unacceptable level of UK losses. Despite investment, the UK remains a card fraud hotspot. The effect Chip & PIN has had on overall fraud is also open to some interpretation. First introduced in 2003, fraud levels continued to rise until 2008, which hints that other anti-fraud measures (such as transaction checking and verification) have probably had the biggest effect. More likely, Chip & PIN caused a change in the type of fraud after banks invested in the sort of transaction checking and modeling that was non-existent a decade ago when the problem first emerged.

The Strongsville Patch reports two men from Canada were caught putting data skimming devices on several First Merit ATMs in the area last week, raising concerns about the high-tech method of credit card fraud. Detective Lt. John Janowski said no one in Strongsville has reported being a victim of card skimming. With this type of high-tech skimming, thieves equip ATMs with false card readers that send them your data by text message. Customers swiping their cards at the money machine or a gas pump would be hard-pressed to see the phony reader. Bath police Chief Michael McNeely said an investigation found the men had placed the skimmers on several First Merit machines in the area. He believes the men are tied to an organized effort out of Canada.

SC Magazine reports a lead figure in what’s considered to be the largest cyber crime bust in history was sentenced recently to more than five years in prison. Nichole Michelle Merzi, 26, of Oceanside, Calif., played an integral part in what authorities code-named “Operation Phish Phry,” an international phishing ring that looted more than $1 million. Merzi, who has been in custody since she was convicted last year of bank and wire fraud conspiracy, aggravated identity theft, computer fraud conspiracy and money laundering, was found guilty of all charges by a district judge, according to a statement released by the Federal Bureau of Investigation.

RTE News Ireland reports there has been a 24% increase in the level of credit and debit card fraud in the last year. In 2011 card fraud cost over €25m with most of the card fraud taking place online or over the telephone. Nine out of ten fraudulent credit card transactions happened without the card being present – where the card number was used either online or over the phone. Card skimming only accounted for 8% of credit card fraud. A small number of fraudulent transactions happened with a lost or stolen card, or one that had been intercepted in the postal system. Once the card details had been illegally accessed, almost half of the fraudulent spending took place in the UK (47%), with 18% of fraudulent transactions taking place in the USA and 12% in Ireland.