MobileMe Scam
in [Mac Systems]
|
Prev: Top 10 iPhone apps
Next: 10.6.4 install FAIL RESOLVED
From: Jolly Roger on 16 Jun 2010 20:15 In article <hvbm50$mjc$2(a)news.eternal-september.org>, Wes Groleau <Groleau+news(a)FreeShell.org> wrote: > On 06-16-2010 17:43, John McWilliams wrote: > > TaliesinSoft wrote: > >> I just now received an email, supposedly from Apple, that asserts that > >> my MobileMe account will be suspended for 48 hours unless I respond to > >> the mail by clicking on a URL and then updating my account > >> information, er uh credit card and such. I would suggest that anyone > >> else receiving the message also ignore it. > > > > For amusement, I sometimes click through and enter information. Bogus, > > of course, the idea being to make them waste time thinking they've got a > > 'hot one'..... > > > > Anyone else do this, and is there a real downside? > > Call your card provider and ask for one of the fake numbers they use > to catch crooks, then put that in with its associated billing address > and all. Good idea. : ) -- Send responses to the relevant news group rather than email to me. E-mail sent to this address may be devoured by my very hungry SPAM filter. Due to Google's refusal to prevent spammers from posting messages through their servers, I often ignore posts from Google Groups. Use a real news client if you want me to see your posts. JR
From: Richard Maine on 16 Jun 2010 20:25 David Empson <dempson(a)actrix.gen.nz> wrote: > If the crook can buy something online without the validation code, then > a picture of the front of the card is sufficient. > > They probably need the validation code, so they'd have to take a picture > of the back of the card. > > Some online merchants also ask for the billing address, which isn't on > the card. They'd have to get into a greater degree of ID theft for that. That's all for if you are trying to buy something with it as a consumer. If you manage to get a merchant account yourself, you don't need any of that stuff. I've had a merchant account, so I know. The bank won't reject a charge because the validation code or address is wrong. At most, it just warns the merchant about the mismatch and then leaves it up to the merchant whether to go ahead with the charge or not. Anyway, that's the my merchant accounts (both of the 2 I had at different times) were. Most of that is required by the particular merchant rather than by the underlying credit card system, and it is to help protect the legit merchants from chargebacks. Legit merchants *REALLY* don't want chargebacks; they hurt a lot. Not only does a chargeback return the money for the individual transaction, but there are extra fees and if you get enough of them, your account is likely to get terminated. If you are a scammer who has gotten a merchant account, you don't care about all that. You'll take your money and run before things fall down. Of course, there are safeguards in the process of getting a merchant account, but it isn't as if it is inherently difficult. All you need is the one suitably done fake identity as a merchant; you don't need an ID for each credit card number you try to drain. -- Richard Maine | Good judgment comes from experience; email: last name at domain . net | experience comes from bad judgment. domain: summertriangle | -- Mark Twain
From: d4g4h4 on 16 Jun 2010 20:52 TaliesinSoft <taliesinsoft(a)me.com> wrote: > I just now received an email, supposedly from Apple, that asserts that > my MobileMe account will be suspended for 48 hours unless I respond to > the mail by clicking on a URL and then updating my account information, > er uh credit card and such. I would suggest that anyone else receiving > the message also ignore it. Was it sent to your mobileme email address? -- (*) of the royal duchy of city south and deansgate www.davidhorne.net (email address on website) "[Do you think the world learned anything from the first world war?] No. They never learn." -Harry Patch (1898-2009)
From: Wes Groleau on 16 Jun 2010 21:44 On 06-16-2010 20:03, David Empson wrote: > The card number is no use by itself: at a minimum they would also need > the name on the card and the expiry date. For most online purchase > situations they also need the three digit validation code printed on the > back of card (not embossed, and it is randomly generated each time you > are issued a new card). Oh, I thought he was talking about the validation code. -- Wes Groleau He that is good for making excuses, is seldom good for anything else. -- Benjamin Franklin
From: nospam on 16 Jun 2010 23:05
In article <hvbmdb$nve$1(a)news.eternal-september.org>, Wes Groleau <Groleau+news(a)FreeShell.org> wrote: > > of theirs. If you don't at least go to the trouble of making your credit > > card number "checksum" right (there's an algorithm for that, which isn't > > hard to find, but I didn't bother to do so for this posting), I'd guess > > I find that hard to believe. The sensible thing for a card provider to > do would be to associate each account with a _random_ check number. it's true, but there is an additional 3 digit cvv code on the back of the card so even if you can hack the number on the front, you still have some additional work to do. > If the number can be obtained by an easy-to-find algorithm, then > any crook that sees the account number could use it on-line. in addition to the number, you need the cvv code, the owner's name and usually his/her address. |