Slashdot Mirror
Web Fraud 2.0 — Point-and-Click Cracking Tools
An anonymous reader writes "The Washington Post's Security Fix blog is running a fascinating series that peers inside some of the Web-based services cyber crooks are using to ply their trade: from masking their identity, to defeating CAPTCHAs, to creating counterfeit documents and validating stolen credit and debit cards. Everyone familiar with this space hears about these kinds of tools and services all the time in the abstract, but the Post blog includes screen shots and background details on the popularity of the services and how each one is helping to bring cyber crime that much closer to the realm of even the most newbie scam artists." Many of these tools require a working knowledge of Russian. Wouldn't surprise me to learn that Chinese-language tools exist too.
http://www.spamhaus.org/statistics/countries.lasso
1 United States 1571
2 China 428
3 Russian Federation 305
4 South Korea 197
5 Germany 180
6 United Kingdom 180
7 France 177
8 India 153
9 Japan 147
10 Brazil 147
In other words, the US beats the next 7 countries combined, Germany, France and the UK together beat China and every two of them beat Russia.
We'd be a lot better at fighting the bad guys if we wouldn't assume that "we" are the good guys.
http://www.spamhaus.org/statistics/spammers.lasso
1 HerbalKing India
2 Vincent Chan / yoric.net Hong Kong
3 Alex Blood / Alexander Mosh / AlekseyB / Alex Polyakov Ukraine
4 Nikhil Kumar Pragji / Dark-Mailer Australia
Queensland
5 Ruslan Ibragimov / send-safe.com Russian Federation
6 Leo Kuvayev / BadCow Russian Federation
7 Pavka / Artofit Russian Federation
8 Russian Business Network Russian Federation
9 Yambo Financials Ukraine
10 Alexey Panov - ckync.com Russia
To me, this is a problem for the Credit Card companies to fix. I think that some companies offer this already, but there should be a service that is included in the credit card that you can to to your bank's website and request a one-time credit card number. It can only be used once, and only for the amount that you specify.
Copyright 2010. All rights reserved. This comment may not be copied in any way including, but not limited to caching.
Africa is not a nation. Africa is a continent containing many nations.
512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
No matter who you bank with, you can make one-time payments using the PayPal Plugin, even to merchants who only accept traditional bank cards.
512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
I heard one the show "Security Now" that those one-time payments are NOT one-time payments. It only means that a virtual credit card is created that will expire next month which could leave 60 days of abuse. You have to remember to close the virtual credit card manually after every use. I know Citi Bank has a similar service that I use but they also allow to set a limit for the virtual credit card so that not more can be charged.
here.
Best Slashdot Co
Utterly meaningless statistic. Foreign spammers know that their spam must originate from the U.S. or it has an almost 0% chance of reaching American mailboxes. Consequently, they search constantly for server and user machines in the U.S. they can easily compromise.
Are agnostics skeptical of unicorns too?
heheh... I don't recall the backstory behind this, but SATAN actually distributed for a while with a utility called "SANTA" that would change the name of the tool (and all references in the docs and so forth) from "Security Analysis Tool for Analyzing Networks" to something like "Security Analysis Network Tool for Administration" in order to get rid of the potentially disturbing acronym.