Wednesday, May 03, 2006
Stolen Credit Cards Online
If you've ever thought about using peer-to-peer file-sharing systems to search for more than music, here's a simple test: enter "Visa" in the search box.
Chances are you'll come up with at least one hit. I did. I turned up dozens of credit-card numbers, although only one came complete with name, card number, and expiration date.
Luckily, when I called to report the (apparently) stolen card, the operator told me that the owner had already reported the card missing and the number had been invalidated. Still, a friend who tipped me off to this was amazed that such information could be so easily found on the Internet. While the days of typing in "credit card" in a search engine and finding a dot-com's database are long gone, a wealth of data is still out there for the taking.
Worried? I was, a little.
The problem's even complicated by the way the system works. Frankly, the easiest way to check whether the card was legitimate is to…use it. I didn't, of course—I doubt the local jail is wired for Ethernet. Unfortunately, when I called Visa's press information line, no one there was able to confirm whether the card was valid and referred me to the member bank. Of course, I didn't know or care which bank issued the card—and neither does eBay.com, Amazon.com, or some random porn site, for that matter.
Finally, I found that Visa's "911 number" (1-800-VISA-911) referred me to the member bank, where I finally explained the problem. Still, I had to explain to the otherwise knowledgeable staffer that I didn't find the card on the ground; I found it on the Internet, where the information was just as dangerous.
Okay, I thought, is there enough here for a story? Should people be worried that their credit information is being traded more easily than baseball cards? I don't think so, no. But the whole verification process is still interesting enough to be spelled out.
As it turns out, bureaucracy is possibly the greatest protection you have online today. After being somewhat frustrated by my inability to be a good Samaritan, I spoke with Jim McCarthy, Visa's senior vice-president of new market development and deployment. In doing so, I found that the information I typically only rarely divulge online (name, address, phone number) is becoming a weapon in the fight against online fraud.
Subscribe to Posts [Atom]
