Secrets of the Dark Web
Cybercriminals can take an in-depth, six-week course of 20 lectures, in Russian, on Carding…learning how to steal credit card data from insecure databases or buy the data on the dark web. They can also take information on emails and passwords leaked from other data breaches to access banking websites, buy vacation packages, gift cards, all within nine minutes after the information was posted online.
The class, more in-depth than most, was discovered on a deep web forum by Digital Shadows while investigating credit card fraud and criminal activity. On one forum alone, more than 1.2 million card numbers were available for sale, nearly half of the numbers in the U.S. While card hackers and sellers are based in Russia and Eastern Europe, the buyers are often here in the U.S. Digital Shadows estimates $24 billion in credit card fraud next year.
Dark Web, A Simple Explanation
The Dark Web is a collection of thousands of websites that use anonymity tools like Tor and I2P to hide their IP address. While it’s most famously been used for black market drug sales and even child pornography, the Dark Web also enables anonymous whistleblowing and protects users from surveillance and censorship.See This article from Wired for more
How Can a Consumer or Business Reduce the Risk of Credit Card Data Theft?
- Place an alert on your credit card and bank for purchases less than $5 and more than $100…it is common for a thief to test the card by trying to process a small amount…usually less than $5
- Never give your pin number to anyone
- Never use the same password for your bank or credit card that you use for another website
- Confirm all communication is authentic such as phone calls or emails
- Do not click on links in suspicious emails
- When in question always contact the business or individual directly
Today more than ever it’s difficult to turn on your television, tablet, smartphone, or computer without being alerted that another attack on the internet is taking place. At times we hear about hackers taking control of millions of computers with the looming threat of shutting down hundreds of organizations or limiting access to consumer-owned devices. It seems as though it’s a daily routine. Don’t make yourself an easy target for a hacker.
Being hacker aware by making data security a priority to business owners and consumers alike; after all, we’re all someone’s customer.
What are we supposed to do and where do we start?
This is a good beginning to giving you an idea of where some of the faults can be found. Take a look at this interesting Cyber Risk Pressure Test provided by Traveler’s Insurance, to see where you stand. Guidelines like these can help you implement policies in your business, as well as being more conscientious when it comes to protecting the security of your own identity.
Knowledge Is Power Hacker Beware!
Navigating the road to safe payments is the first thing any business owner should be thinking about. Not just to protect your personal business assets but to secure sensitive customer data from being stolen and used fraudulently. The Payment Card Industry (PCI) has established a guideline for business owners to follow in order to protect themselves and customers from wrong doing.
The following is a sample of some shocking statistics compiled relating to businesses being hacked.
$20,752 the average cost to a small business due to hacking
60% of small businesses experienced a cyber breach
71% of hackers attack a business with under 100 employees
60% of small to medium sized businesses involved in a breach close within six months
69% of American consumers worry about the theft of their payment card data
Reference: PCI Security Standards
How To Reduce Your Risk
- Always change default passwords to strong passwords that aren’t easy to guess ex. Fr0gHa!R95
- Keep software up to date
- Install and schedule regular virus scans
- Encrypt data whenever possible
- Protect any network connections, including wi-fi with a strong password
At Card Systems we not only provide our customers with the best and most secure means of payment processing, we also partner with our sister company eGuarded in order to provide the best guidelines outlining the hiring process.
Our customers are our most valuable asset and so is your protection. If we can help please call 866.207.3298 or email your questions
Flokibot – POS Malware
A new point of sale malware spotted in the wild named “Flokibot” is slowly making its way to point of sale systems worldwide. The Flokibot malware was found compromising several point-of-sale systems in South Amerca, explicitly Brazil. A limited number of reports have been received from merchants targeted in other areas of the globe. These stories stretch from Australia all the way to the United States.
Flokibot, first uncovered back in September of 2016 as specifically targeting financial systems like point-of-sale devices. This software uses many variants to bypass security screening and detection within these types of devices.
With the potential to spread much further than it already has Visa has issued best practices guideline for merchants to reduce their risk of exposure to the Flokibot malware. The following are a few bullets that may require an IT professional to help you implement from that release:
- Maintain a patch management program, update all software, hardware, and firmware to most current release. These steps will limit the attack surface for zero-day vulnerabilities.
- Educate employees about avoiding phishing scams and safely opening emails with attachments
- Perform file integrity monitoring and alert on changes to explore.exe and svchost.exe processes on endpoints.
Chip and pin cards are harder to steal data from for potential hackers. Adoption of Chip and Pin technology is strongly recommended for merchants who have not updated their technology. Retailers should work with their IT professional to be aware of and execute the Payment Card Industry Data Security Standard (PCI DSS) to enhance security at each location further.
This malware is further reason why merchants should be diligent in adopting chip and pin technology. This technology makes it harder for fraudsters to steal consumer information. Card users should also be aware of the protections that technology provides them.
Consumers should also be wary of email requests for credit card information, using credit cards in lesser known non-reputable stores, and subscribe to bank transaction updates to further increase their personal payment security.
The Recent Chipotle Breach
Did Malware Compromise the Point Of Sale System?
Chipotle Mexican Grill is just one more large scale merchant to report a possible data breach in its point of sale system. According to a Chipotle representative, the company recently discovered unauthorized activity on the network that supports payments in its over 2,000 restaurants. The investigation focuses on transactions processed between March 24th and April 18th of this year. The organization believes it has stopped the suspicious network activity. Furthermore, it has notified card networks, in turn, they will notify issuing banks who will notify any affected customers.
Could this have been due to a malware variant of Flokibot?
Remove your sensitive data from the world and save an enormous amount of time and money using our ACH and Paycard Solutions.
Check washing and identity theft are skyrocketing for both customers and business owners. Isn’t it time you safeguarded your accounts and removed the data? We can help!
Use our ACH Program to Remove the Data
It’s simple. Your customers no longer have to write and mail checks every month to pay their bills or buy your product or service. Instead, they pre-arrange to make payments automatically, electronically, and on-time via the safety and security of the Federal Reserve’s Automated Clearing House (ACH).
This safe and secure software is designed to create, manage and process those electronic transactions from your computer, website or even mobile device. As an added bonus, you can use the same software to fund employees, independent contractors or even to fund a general spend card.
Issue a pre-paid card, free of charge, in lieu of payroll checks or cash and remove your sensitive data.
Advantages to Employers
- Eliminating paper checks reduces costs for printing, distribution, overhead and administrative responsibilities associated with payroll
- Offer direct deposit benefits to your “un-banked” employees, saving them time and money
- No costs to the employer
- Comprehensive reporting reduces accounting workload
Our system is web based. There are no programming requirements or changes to your current accounting or payroll systems.
Benefits for Staff and Independent Contractors
Payroll Card transactions are safer, faster, and easier than cash transactions.
- No Overdraft fees
- No Hidden fees
- Fees fixed
- No qualifying
- Private labeling is available
Our reporting allows your staff to simply and accurately answer any questions that arise at any station where the card is accepted.
Multiple card types for Independent Contractors, employees, and their families.
Reloadable Expense Cards
Card Systems provides secure, remote expense card loading. Just the right amount at just the right time. No need to tie up funds unnecessarily, or to expose your accounts to questionable charges. Provide employees with cards and load the funds only when needed. Cards are re-loadable.
Great for employees on the road – meeting with clients – on special assignment – or even to just pick up supplies.
There’s no need to tie up capital in prepaid cards. Load the amount of funds needed and they will be instantly available to employees, even if they are thousands of miles away. Don’t tempt employees with unnecessary cash. Provide just what’s needed, when it’s needed, and monitor all expenses from your desk.
I recently got my hands on a Soundings Trade Only Aug. 19th newsletter for Boat Dealers. It stated that Florida ranks highest among all 5O states in the number of boat thefts. Tampa only second to Miami. I guess I wasn’t surprised since Florida has the best weather to provide boaters with the luxury of boating year round. A woman in Tampa had her boat stolen right out of her drive way one night and her bedroom window was right next to it. She never heard a thing. She had a tire boot she normally protected her boat with but that evening didn’t apply it. I guess the security system you’re using is only as good if you use it. For all these boats I see parked in driveways up and down the streets it would be so easy to just drive up, hook that trailer to a vehicle and take off. These thieves are professionals. Don’t think for one minute they aren’t waiting for Human error to get their hands on your valuables.
Individual boat owners are not the only targets. Boat Dealers are as well. These dealers think that security camera is going to protect them, well not if someone paintballs it out. Even then, have you seen the grainy visuals in the footage of those things? What if they are wearing masks? Where does that get you? A Dealer experienced just that, however now that Tattletale has come to the rescue he can rest assure his assets will be protected.
We are so excited to be doing our first Trade Show at the Tampa Convention Center Oct. 2-4, 2015. This will enable us to enlighten all the Dealers and Attendees of a more secure means of protecting their boats. See you there!
According to Forrester’s 2015 Planning for Failure report, at least 60% of enterprises will discover a breach of sensitive data during 2015. Follow these 5 quick tips to protecting your business.
1. Change passwords frequently.
2. Tokenize transactions when possible.
3. Never store complete cardholder data.
4. Background every employee who handles cash and credit cards.
5. Never disclose confidential information over the phone (ie cardholder information, batch information).