Robert Siciliano is a NextAdvisor.com Expert Guest Blogger
Albert Gonzalez and his hackers criminal gang were responsible for data breaches in retailers and payment processors, some estimates say they violated more than 230 million handsets discs. Gonzalez, considered a criminal competent hacker, provided "dumps," a term that refers to the stolen credit card data, "carders". "Carders" are the people who buy, sell, and trade credit card data stolen online. This video gives an example of an online forum where the stolen data is bought and sold. Gonzalez pleaded guilty to his crimes and will serve the next fifteen years in prison. He and his gang used a combination of schemes that have caused a significant increase in counterfeit fraud.
Hackers rely on a variety of techniques to obtain credit card data. One such technique is wardriving, in which criminals hack into wireless networks and install spyware. Another is phishing, where spoofed emails invite the victim to enter account information. Phexting or smishing are similar to phishing, but with text messages instead of emails. Some hackers use a keylogging software to spy on victims' computers. Other devices affix to the faces of ATMs and gas pumps to browse through the credit card data and flow.
Gonzalez and his gang used another technique, more advanced called "SQL injection." SQL stands for "Structured Query Language." The term refers to a virus that infects an application by exploiting a security vulnerability. WordPress , a blogging platform, is an example of a popular application that has been found vulnerable to these types of attacks. There are hundreds of other applications that can fall victim to a SQL injection.
IBM Internet Security Systems 50% more web pages infected in the last quarter of 2008 compared to the full year 2007. in 2005 discovered a deceased third party payment processor called CardSystems suffered a SQL injection, compromising a reported 40 million credit cards.
While Gonzalez declined carders are still very active. a group of white hat hackers whose name war against cybercrime has recently managed to break Pakbugs.com a carding forum based in Pakistan, and has published a list of credentials of members and e-mail. Pakbugs.com has since dropped offline.
With 213 million holders and 1.2 billion credit cards in the US, there is no shortage of opportunity for carders maintain their current pace. When a carder uses your existing credit cards, it is called "account recovery." When they use your personal information to open new credit accounts in your name, it is called "fraud account" or "fraud of application." Protect against account recovery is relatively easy. Just pay attention to your statements every month and refute unauthorized charges immediately. I check my expenses online once every two weeks. If I travel a lot, especially outside the country, I let the credit card company know in advance, so they shut my card while I'm on the road. Protect yourself from the new account fraud requires more effort.
You can try to protect your identity by getting you a credit freeze, or setting up your own fraud alerts. There are advantages and disadvantages to each. You should also consider a protection service against identity theft, which employ several techniques to prevent and detect identity theft.
Robert Siciliano, identity theft speaker, discusses credit and fraud by debit card on CNBC.
Robert Siciliano is CEO of IDTheftSecurity.com, an expert on identity theft, professional speaker, security analyst, published author and television news correspondent. Siciliano works with Fortune 1000 and start-up companies as a consultant on product launches, branding, messaging, representation, SEO and media. the thoughts and advice of Siciliano on all these issues often appear in both television and print media news, including CNN, MSNBC, CNBC, FOX, Forbes and USA Today. He has 25 years of safety training as a member of the American Society for Industrial Security. He is the author of two books, including The Safety Minute: Living on high alert; How to take control of your personal safety and to prevent fraud . He also established a partnership with Uni-Ball to help raise awareness of the growing threat of identity theft and provide tips on how you can protect yourself.