MobileMe Scam
in [Mac Systems]
|
Prev: Top 10 iPhone apps
Next: 10.6.4 install FAIL RESOLVED
From: Johan W. Elzenga on 16 Jun 2010 18:17 Richard Maine <nospam(a)see.signature> wrote: > John McWilliams <jpmcw(a)comcast.net> wrote: > >> For amusement, I sometimes click through and enter information. > > Bogus, >> of course, the idea being to make them waste time thinking they've > > got a >> 'hot one'..... >> >> Anyone else do this, and is there a real downside? > > I used to do things like that til I got bored with it. I think the > main > downside is that it most probably wastes more of your time than it > does > of theirs. If you don't at least go to the trouble of making your > credit > card number "checksum" right (there's an algorithm for that, which > isn't > hard to find, but I didn't bother to do so for this posting), I'd > guess > that it never even bothers a human on their end at all. > > Oh, and if it does checksum right, I suppose there is the chance of > hitting someone else's valid credit card number, which could be a PITA > for the unfortunate accidental victim. If it was that easy, the scammers themselves would simply generate credit card numbers rather than trying to steal them using a scam like this. -- Johan W. Elzenga, Editor/Photographer, www.johanfoto.com
From: Wes Groleau on 16 Jun 2010 19:18 On 06-16-2010 17:43, John McWilliams wrote: > TaliesinSoft wrote: >> I just now received an email, supposedly from Apple, that asserts that >> my MobileMe account will be suspended for 48 hours unless I respond to >> the mail by clicking on a URL and then updating my account >> information, er uh credit card and such. I would suggest that anyone >> else receiving the message also ignore it. > > For amusement, I sometimes click through and enter information. Bogus, > of course, the idea being to make them waste time thinking they've got a > 'hot one'..... > > Anyone else do this, and is there a real downside? Call your card provider and ask for one of the fake numbers they use to catch crooks, then put that in with its associated billing address and all. -- Wes Groleau Kids say … http://Ideas.Lang-Learn.us/barrett?itemid=1361
From: Wes Groleau on 16 Jun 2010 19:23 On 06-16-2010 17:56, Richard Maine wrote: > of theirs. If you don't at least go to the trouble of making your credit > card number "checksum" right (there's an algorithm for that, which isn't > hard to find, but I didn't bother to do so for this posting), I'd guess I find that hard to believe. The sensible thing for a card provider to do would be to associate each account with a _random_ check number. If the number can be obtained by an easy-to-find algorithm, then any crook that sees the account number could use it on-line. Snap a pic of the card when the person gets it out at a store. Go to a grocery checkout lane that's closed and stick a mini video cam on the pole. -- Wes Groleau Transfer Students Can Stay at Beverly Hills High http://Ideas.Lang-Learn.us/russell?itemid=1439
From: Richard Maine on 16 Jun 2010 19:29 Johan W. Elzenga <nomail(a)please.invalid> wrote: > Richard Maine <nospam(a)see.signature> wrote: > > Oh, and if it does checksum right, I suppose there is the chance of > > hitting someone else's valid credit card number, which could be a PITA > > for the unfortunate accidental victim. > > If it was that easy, the scammers themselves would simply generate > credit card numbers rather than trying to steal them using a scam like > this. True. But I have owned a (legitimate) small business that accepted credit cards and it somewhat shocked me just how easy it is to charge to a card (or pull money directly from a bank account). That is handy when you are legit, but it is probably also handy when you aren't. Probably the biggest fraud deterrent that was obvious to me was that the credit card processor demanded lots of information about me when first setting up my account; so they could obviously have come after me if lots of complaints started surfacing (I never had a single complaint get to that level). -- Richard Maine | Good judgment comes from experience; email: last name at domain . net | experience comes from bad judgment. domain: summertriangle | -- Mark Twain
From: David Empson on 16 Jun 2010 20:03
Wes Groleau <Groleau+news(a)FreeShell.org> wrote: > On 06-16-2010 17:56, Richard Maine wrote: > > of theirs. If you don't at least go to the trouble of making your credit > > card number "checksum" right (there's an algorithm for that, which isn't > > hard to find, but I didn't bother to do so for this posting), I'd guess > > I find that hard to believe. The sensible thing for a card provider to > do would be to associate each account with a _random_ check number. I have a FileMaker Pro database which includes the formula for verifying that a credit card number is valid. It isn't particularly long but it is complex enough that I haven't tried to analyse it. It wouldn't be hard for a crook to generate a random credit card number with a valid checksum, and the first four digits known to be valid (they identify the card issuer and the credit card type). The card number is no use by itself: at a minimum they would also need the name on the card and the expiry date. For most online purchase situations they also need the three digit validation code printed on the back of card (not embossed, and it is randomly generated each time you are issued a new card). > If the number can be obtained by an easy-to-find algorithm, then > any crook that sees the account number could use it on-line. > > Snap a pic of the card when the person gets it out at a store. If the crook can buy something online without the validation code, then a picture of the front of the card is sufficient. They probably need the validation code, so they'd have to take a picture of the back of the card. Some online merchants also ask for the billing address, which isn't on the card. They'd have to get into a greater degree of ID theft for that. > Go to a grocery checkout lane that's closed and stick a mini video > cam on the pole. For the most part, yes, as long as the camera is aimed at the underside of the card as it is swiped through the machine or inserted into the card reader. -- David Empson dempson(a)actrix.gen.nz |