With last month’s exposing of the most incredible case of Internet-based identity theft in the history of the Internet, privacy and security experts are saying that banks and credit unions must be held accountable for not having adequate security measures in place.
Federal prosecutors allege that Abraham Abdallah, 32, tried to steal about $22 million from individuals, corporations and financial institutions between September 2000 and March 2001. Abdallah, an ambitious high school dropout, used the Internet in a cyber-scamming scheme to steal from hundreds on the Forbes 400 list.
The elaborate scam had gone undetected for almost 6 months, as he fooled credit rating companies, like Equifax, into providing detailed credit reports on his rich victims. Abdallah then used the private information to access their credit cards and accounts at brokerage houses and investment banks. By the time he was caught, Abdallah had obtained via the Internet, the Social Security numbers, home addresses and birth dates of 217 CEOs, celebrities, tycoons and more than 500 other people across the country.
Computer users live in a world today where Internet companies like eBay and Napster have become household names. Shopping on the Internet has become immensely popular thanks to its convenience. But as e-commerce continues to soar to new levels, consumers are left with their personal security threatened by the shadow of fraud and identity theft.
The questions and concerns of consumers about credit card security, the legitimacy and security of Internet companies have prompted credit card and Internet based companies to provide tighter security for online shopping.
After finding over 1 million credit cards to have been stolen from hundreds of e-commerce firms, the FBI recently deviated from its normal policy of not discussing its work, to inform the public of the issue. e-commerce firms have been encouraged to be vigilant in securing their customer’s credit card numbers in light of organized hacker groups in Russia and the Ukraine having penetrated U.S. e-commerce systems. According to an FBI spokesperson, the hackers exploit security holes in targeted Web sites and transaction software to seize card numbers.
The San Jose, Ca. based Internet company eBay, Inc. uses industry standard practices to safeguard the confidentiality of personal information. In a statement on their Web site, eBay said they use firewalls and Secure Socket Layers to protect against data loss and unauthorized access. But the company stresses that despite these security techniques that “perfect security” does not exist on the Internet.
Computer hacking has always been a legitimate concern of companies, computer expert and columnist for SecurityPortal.com, M.E. Kabay, said.
Kabay works to educate companies about the importance of security in e-commerce. In a recent column Kabay said, “Corporate security policies need to consist more than the statement, “We [the company] recognize the importance of security in its operations.”
According to Kabay, any hacker who finds their way into a Web site’s database can easily obtain the confidential credit card number and other personal information belonging to customers. Obtaining the expiration dates, cardholder names and home addresses can allow them to rack up large charges on a card and possibly steal a person’s identity.
In a recent report from the Federal Trade Commission it was identified that the main motive [53% of the time] for identity theft is to obtain or take over a credit card account. The FTC said acquiring telecommunications services, getting loans and obtaining or taking over a checking account are other motives for identity theft.
Temple student, Chris McAtee was victimized last December by a Russian hacker who had illegally obtained his Visa number. McAtee said that the hacker obtained his information and that of some other 50,000 people from a major online retail database like Amazon.com or DrugStore.com
“The hacker, an anonymous and malicious computer user somewhere in Russia came to be known as the Global Telecom hacker,” McAtee said. “After obtaining the information the hacker then applied charges of $10-25 to the cards for only a single billing period, figuring correctly that most people would ignore a small mysterious charge.”
Luckily for McAtee, the hacker only charged $10 to his Visa, but he refused to pay the mysterious charge and contacted his credit union. After talking with a representative McAtee was told how to formally dispute the fraudulent charge.
According to the Internet Fraud Watch, when consumers use their credit card for a purchase and there is a problem, cardholders have the right to notify the card issuer that they are disputing the charge. The charge is then removed from the card for the billing period.
This story concludes next issue.