MGDPremium,MVM
join:2002-07-31
kudos:9 | reply to Owlbet
Re: Ebook websites, fraud charges, Devbill/DigitalAge/Pluto said by Owlbet:...... I love Ann Rule crime novels, and this thread piques forensic interest for me. I, too, want to know the common denominator for the card data harvesting and one thing sticks out for me. It seems the card authorization process is the data leak, but not once did I see it mentioned in this topic about the card makers. The data has to be put on the card. The only organization with that information are the credit card companies and the companies they contract to issue or make new cards. ... Thank you,
Good catch, yes card makers have been on my list of potential sources for some time. They meet several criteria, in that the full name and mailing address of the holder would be in their database, in addition to the card data.
Also, information that the criminals clearly do not have with respect to some cards, is that they do not know the frequency of use or when it was last used. That is information that would not be in that kind of data.
Clearly from the syndicate's point of view it makes no sense to hit a 18 month dormant card with a charge. That is almost a 100% guaranteed chargeback, why even do it, unless you don't know. Also, if the card data was intercepted from recent transactions there would be no need to ping them. We know that thousands or cards are pinged via hijacked accounts every month. We also know that some of the card data and holder combo is incorrect based on processing rejections.
Obviously there can be multiple sources and combinations for this data. However, there are distinct patterns that enable some conclusions to be drawn.
MGD |
