dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
17319

Snowy
Lock him up!!!
Premium Member
join:2003-04-05
Kailua, HI

1 edit

Snowy to Mele20

Premium Member

to Mele20

Re: Credit card data breach at Target

said by Mele20:

It would be prudent of Target to put that money toward hiring more US based IT people and then actually listening to them.

Them damn Canuks!
said by Mele20:

It would be prudent of Target to use the donation money to educate Target victims on how to place a freeze on their credit accounts

That's a great idea.
It's tangible too.
said by Mele20:

and to explain why that is better than letting Experian sleazes take even more advantage of these victims.

When the free year is up the victimization will start all over again.
said by Mele20:

It would be prudent of Target to not try to get itself off the hook by pretending scam awareness is the major thing victims need to worry about and implying that the victims know nothing about phishing.

I've recovered 612 freshly phished Credit/Debit cards w/PIN/CVV in the past 14 hrs.
That's well below my weekend day average so there are a lot of people that could have benefited from such training.
Expand your moderator at work

Blackbird
Built for Speed
Premium Member
join:2005-01-14
Fort Wayne, IN

2 recommendations

Blackbird

Premium Member

Re: Credit card data breach at Target

said by Name Game:

...Phishing is so well defined on what it specifically does it no longer has to rely on the antiquated moniker of a scam. ...

Perhaps in some places. But if I asked a circle of 100 acquaintances what phishing was, perhaps five might answer correctly right off, the rest would respond as if I was referring to the pursuit of walleyes with a rod and lure. After explaining that I was referring to digital-fraud phishing, four more might recognize what I meant, but the other 91 would just sit staring, awaiting a light bulb to come on that never would. In the general population, especially outside the mega-metro areas dominated by the techno-happy "connected" crowd, these things are still not widely grasped. And, if one sampled the average Target buyer population, I doubt strongly whether the results would be significantly different... the ignorance about technical methods of fraud is frankly appalling among digital users worldwide. That's partly why it's so successful.

Whether Target's initiative might accomplish anything meaningful to alter this is, of course, a matter of one's opinion.

garys_2k
Premium Member
join:2004-05-07
Farmington, MI

3 recommendations

garys_2k to Snowy

Premium Member

to Snowy
As a bystander to this exchange, let me add that I also did not perceive Target's help in financing online safety awareness as insulting or as some sort of attempt to redirect blame for their failures last year. The only place I saw that was in the Info... article and I agree, that was a leap I didn't make (nor do I see it as correct).

Cyber-awareness is important and Target wants to work toward that end. Period. No attempt is being made or "implied" that it would have prevented what happened last year. I anxiously await any reference that Target made that implies that.

I suspect that Target had lined up their support for that initiative when they prepared their 2014 budgets, likely put in place before the end of Q3 2013. This was likely in the cards long before their data breach, large corporations tend to work that way.

Phishing is a huge problem for all retailers with online stores. It gives them a perceived black eye when a customer is lured to a site they think is that retailers, get scammed, and then forever associate that retailer (who had NOTHING to do with the phish, other than have their identity co-opted) with the scam itself. There is great incentive for all online retailers to educate customers about online security.

I think Target did wrong last year, but this effort is neither a response to that to "deflect responsibility," nor some sort of sweeping of things under a figurative rug. I think it's just something that they'd planned to do for months and now it only looks, to some people, like they were linked.
Expand your moderator at work
garys_2k

2 recommendations

garys_2k to Anon

Premium Member

to Anon

Re: Credit card data breach at Target

said by Name Game:

Phishing is not scam so what's with this scam awareness education.

Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.

How is "masquerading as a trustworthy entity in an electronic communication" not a scam?

mackey
Premium Member
join:2007-08-20

2 recommendations

mackey to Anon

Premium Member

to Anon
said by Name Game:

Why you posted crap like that is your own problem..since it does not support anything remotely being discussed in this thread.

Says the guy posting youtube clips of sledding crows.
Expand your moderator at work

Name Game
Premium Member
join:2002-07-07
Grand Rapids, MI

Name Game to mackey

Premium Member

to mackey

Re: Credit card data breach at Target

Those were Russian crow ! sneaky devils. Have a nest full of stuff that does not belong to them.
Expand your moderator at work

mackey
Premium Member
join:2007-08-20

1 recommendation

mackey

Premium Member

Re: Credit card data breach at Target

said by Name Game:

Why you posted crap like that is your own problem..since it does not support anything remotely being discussed in this thread.

Says the guy posting links to "edukational" games.

sivran
Vive Vivaldi
Premium Member
join:2003-09-15
Irving, TX

sivran to garys_2k

Premium Member

to garys_2k
I can pretty much see it both ways. On the one hand, it can be interpreted as a shallow PR/legal move. On the other hand, hey, many of these Target victims are pretty much prime fodder for scams right now.

Snowy
Lock him up!!!
Premium Member
join:2003-04-05
Kailua, HI

Snowy to Zoder

Premium Member

to Zoder
Click for full size
National Cyber Security Alliance
re this outrageous statement being embraced as fact by some.
"Instead, Target mocks and marginalizes its victims by sending a message that everyone -- consumers and retailers -- has equal responsibility when it comes to data breaches."

The closest reference to anything even remotely similar to that is this statement.
"We believe that cybersecurity and online safety can only be achieved through sharing the responsibility and working together."

For sure it does say 'sharing the responsibility' but morphing that into sharing the responsibility with Target for their breach is more than just a huge leap, it's just flat out wrong.

The truth to the matter is Target never said that.
It was the National Cyber Security Alliance that said that.
»www.staysafeonline.org/a ··· verview/

"The National Cyber Security Alliance applauds Target's substantial commitment to support education and awareness to make the Internet safer, more secure and trusted,” says Michael Kaiser, executive director of the National Cyber Security Alliance. “We are excited to work in collaboration with Target and our nonprofit colleagues to create and implement a far reaching campaign to get quality cybersecurity information to internet users. We believe that cybersecurity and online safety can only be achieved through sharing the responsibility and working together."
»corporate.target.com/dis ··· y-coalit

Target has enough real issues to complain about without having to resort to pure BS.
Of the many unanswered questions surrounding the Target breach the most perplexing to me is why do people confuse the issue even more by tossing anything they can find into the mix regardless of truth?
It doesn't help anything -
I'm concluding it must be a matter of entertainment -

So when does the NCSA bashing begin?
If it were true for Target it must be true the NCSA is mocking and marginalizing the Target victims.

Name Game
Premium Member
join:2002-07-07
Grand Rapids, MI

Name Game

Premium Member

The issue is Target is spending 5 mil just to get their name in lights..throwing money at it "to educate consumers".. might be good PR for the high mucky-mucks..but it does not ring true for their "guests" ,as they call them, unless it is associated with their Epsilon @target.bfi0.com email blitz most thought was just phishing in anycase..like the one that ended up in your spam folder.
Expand your moderator at work

Snowy
Lock him up!!!
Premium Member
join:2003-04-05
Kailua, HI

2 recommendations

Snowy to Name Game

Premium Member

to Name Game

Re: Credit card data breach at Target

So your gripe is with Target donating $5M as a ploy to "just to get their name in lights.."?

What happened to the Target mocking & marginalizing the breach victims & the what is the definition of 'phish' issues?

All of that tangent only now to find out that your gripe is just about Target donating money to get their name shone in a favorable light?

I don't blame you, hitting a moving target will offer your tangents a degree of protection.

GuruGuy
Premium Member
join:2002-12-16
Atlanta, GA

GuruGuy to Name Game

Premium Member

to Name Game
Re: Credit card data breach at Target

Boise victim of Target credit card breach hit with double whammy

Read more here: »www.idahostatesman.com/2014/01/2···link=cpy

That story sounds a little far fetched. The new Chase card was activated only with her new card number and zip code. I don't think Chase operates that way?

Quote from the link: Instead, someone else activated the card Thursday by phone using only the card number and Mai’s ZIP code, she said.
GuruGuy

GuruGuy

Premium Member

said by GuruGuy:

Re: Credit card data breach at Target

Boise victim of Target credit card breach hit with double whammy

Read more here: »www.idahostatesman.com/2014/01/2···link=cpy

That story sounds a little far fetched. The new Chase card was activated only with her new card number and zip code. I don't think Chase operates that way?

Quote from the link: Instead, someone else activated the card Thursday by phone using only the card number and Mai’s ZIP code, she said.

And usually if you don't call from a phone number associated with the account, you get transferred to a live person.

Name Game
Premium Member
join:2002-07-07
Grand Rapids, MI

Name Game

Premium Member

Article did not really say which bank she uses..but this is how you can do it at bank of america

How do I activate my debit card?
There are three ways to activate a debit card:
Call 1.888.624.2323
Use the debit card with your current PIN at any Bank of America ATM or to make a purchase
Sign in to Online Banking

GuruGuy
Premium Member
join:2002-12-16
Atlanta, GA

GuruGuy

Premium Member

said by Name Game:

Article did not really say which bank she uses..but this is how you can do it at bank of america

How do I activate my debit card?
There are three ways to activate a debit card:
Call 1.888.624.2323
Use the debit card with your current PIN at any Bank of America ATM or to make a purchase
Sign in to Online Banking

Article says Chase.

"It wasn't any gigantic amount but it was mine," said Mai, whose bank, Chase, covered the loss.

Read more here: »www.idahostatesman.com/2 ··· link=cpy

Snowy
Lock him up!!!
Premium Member
join:2003-04-05
Kailua, HI

Snowy to GuruGuy

Premium Member

to GuruGuy
said by GuruGuy:

That story sounds a little far fetched. The new Chase card was activated only with her new card number and zip code. I don't think Chase operates that way?

Of all the questionable links posted I can actually say I see that one as accurate/truthful.

The most important issue would be that the Boise victim of mail theft not suffer a loss.
Chase covered it so maybe the link must be warning about the dangers that mail theft brings to the table when having a new card issued.
Snowy

2 recommendations

Snowy to Name Game

Premium Member

to Name Game
said by Name Game:

Article did not really say which bank she uses..

It was your link!
As politely as I can say it, do the forum a favor & start reading the stuff you link to prior to linking or minimally prior to commenting on it.

GuruGuy
Premium Member
join:2002-12-16
Atlanta, GA

GuruGuy to Snowy

Premium Member

to Snowy
said by Snowy:

said by GuruGuy:

That story sounds a little far fetched. The new Chase card was activated only with her new card number and zip code. I don't think Chase operates that way?

Of all the questionable links posted I can actually say I see that one as accurate/truthful.

The most important issue would be that the Boise victim of mail theft not suffer a loss.
Chase covered it so maybe the link must be warning about the dangers that mail theft brings to the table when having a new card issued.

I could see that working if you called from a phone number listed on the account. If you called from a number not on the account, typically you get transferred to a live person.

mackey
Premium Member
join:2007-08-20

mackey

Premium Member

said by GuruGuy:

I could see that working if you called from a phone number listed on the account.

The thief had a name and an address from the mailing label alone and a quick google search turns up her phone number. Plug that into any VoIP phone and you are now calling from her number.

/M

Snowy
Lock him up!!!
Premium Member
join:2003-04-05
Kailua, HI

Snowy to GuruGuy

Premium Member

to GuruGuy
said by GuruGuy:

I could see that working if you called from a phone number listed on the account. If you called from a number not on the account, typically you get transferred to a live person.

Yes, that's my understanding too.
I didn't comprehend your comment about the validity of the facts stated in the linked article until just now.

If you were referring to the victim being able to state as fact that:
"someone else activated the card Thursday by phone using only the card number and Mai’s ZIP code, she said."
Yeah, it's extremely unlikely she got that info from Chase - so unlikely that I'll say Chase never told her that.

She got that belief from somewhere - shows why sticking to factual content matters.
Shit just snowballs then runs anything in it's way over.

GuruGuy
Premium Member
join:2002-12-16
Atlanta, GA

GuruGuy to mackey

Premium Member

to mackey
said by mackey:

said by GuruGuy:

I could see that working if you called from a phone number listed on the account.

The thief had a name and an address from the mailing label alone and a quick google search turns up her phone number. Plug that into any VoIP phone and you are now calling from her number.

/M

I wasn't aware you could manually change a VOIP phone number. Once it registers with the VOIP service, how do you force it to change to a number not associated with that registration.

Answered my own question. Interesting...
»www.netlingo.com/faq/vishing.pdf

Name Game
Premium Member
join:2002-07-07
Grand Rapids, MI

Name Game

Premium Member

you are right ..missed the chase...thanks...clever thieves
»www.creditcards.com/cred ··· 1282.php
clever chase...
»consumerist.com/2009/07/ ··· vate-it/

Wonder if her card was a UCard ?
Expand your moderator at work

Snowy
Lock him up!!!
Premium Member
join:2003-04-05
Kailua, HI

Snowy to Name Game

Premium Member

to Name Game

Re: Credit card data breach at Target

Interesting article.
Yes, that would be deceptive if it played out that way & I have no reason to doubt it happened that way.

What got my attention was this sage advice near the articles end.
" Learn from this story, and read the fine print and/or question every new thing that your bank sends to you. Just because they send you a new debit card, that doesn’t mean you’re required to use it."

That's very true & it applies well beyond Chase & Credit/Debit cards too.

Blackbird
Built for Speed
Premium Member
join:2005-01-14
Fort Wayne, IN

1 recommendation

Blackbird to Anon

Premium Member

to Anon
said by Name Game:

Boise victim of Target credit card breach hit with double whammy

Read more here: »www.idahostatesman.com/2 ··· link=cpy

Which mail theft/tampering just elevated that particular thief to the level of Federal felon. For whatever that may or may not matter...