MobileMe Scam
in [Mac Systems]
|
Prev: Top 10 iPhone apps
Next: 10.6.4 install FAIL RESOLVED
From: nospam on 16 Jun 2010 23:11 In article <1jk8aq9.nyxhig1rnt12tN%dempson(a)actrix.gen.nz>, David Empson <dempson(a)actrix.gen.nz> wrote: > I have a FileMaker Pro database which includes the formula for verifying > that a credit card number is valid. It isn't particularly long but it is > complex enough that I haven't tried to analyse it. it's actually very simple. > It wouldn't be hard for a crook to generate a random credit card number > with a valid checksum, and the first four digits known to be valid (they > identify the card issuer and the credit card type). the first digit is the credit card type (5=mastercard, 4=visa) and the first six digits identify the bank.
From: krishnananda on 16 Jun 2010 23:23 In article <160620102305596975%nospam(a)nospam.invalid>, nospam <nospam(a)nospam.invalid> wrote: > it's true, but there is an additional 3 digit cvv code on the back of > the card so even if you can hack the number on the front, you still > have some additional work to do. Except for American Express, which uses a 4-digit code printed on the _front_ of the card.
From: TaliesinSoft on 17 Jun 2010 00:30 On 2010-06-16 19:52:53 -0500, David Horne, _the_ chancellor (* said: > TaliesinSoft <taliesinsoft(a)me.com> wrote: > >> I just now received an email, supposedly from Apple, that asserts that >> my MobileMe account will be suspended for 48 hours unless I respond to >> the mail by clicking on a URL and then updating my account information, >> er uh credit card and such. I would suggest that anyone else receiving >> the message also ignore it. > > Was it sent to your mobileme email address? The email was indeed sent to my MobileMe address. After having made the opening posting in this thread I received two more instances of the email in question. -- James Leo Ryan -- Austin, Texas -- <taliesinsoft(a)me.com>
From: David Empson on 17 Jun 2010 03:00 nospam <nospam(a)nospam.invalid> wrote: > In article <1jk8aq9.nyxhig1rnt12tN%dempson(a)actrix.gen.nz>, David Empson > <dempson(a)actrix.gen.nz> wrote: > > > I have a FileMaker Pro database which includes the formula for verifying > > that a credit card number is valid. It isn't particularly long but it is > > complex enough that I haven't tried to analyse it. > > it's actually very simple. I expect so. I meant that it is complex due to being a FileMaker forumula which is doing a lot of text processing, conversion to numbers, calculations, nested IF statements, etc., which makes it hard to read. > > It wouldn't be hard for a crook to generate a random credit card number > > with a valid checksum, and the first four digits known to be valid (they > > identify the card issuer and the credit card type). > > the first digit is the credit card type (5=mastercard, 4=visa) and the > first six digits identify the bank. This database is checking for many different combinations of the first four digits. It identifies anything starting with 4 as Visa, 5 with certain values of the second digit as Mastercard, and a whole bunch of other card types which I haven't looked into in detail. It doesn't go as far as identifying the bank. -- David Empson dempson(a)actrix.gen.nz
From: nospam on 17 Jun 2010 07:08
In article <1jk8mgp.52bbmo1d2hhuzN%dempson(a)actrix.gen.nz>, David Empson <dempson(a)actrix.gen.nz> wrote: > > > I have a FileMaker Pro database which includes the formula for verifying > > > that a credit card number is valid. It isn't particularly long but it is > > > complex enough that I haven't tried to analyse it. > > > > it's actually very simple. > > I expect so. I meant that it is complex due to being a FileMaker > forumula which is doing a lot of text processing, conversion to numbers, > calculations, nested IF statements, etc., which makes it hard to read. it needs to access each digit, and converting from text in filemaker would probably be a pain. once it's done with that, the rest is trivial. > > the first digit is the credit card type (5=mastercard, 4=visa) and the > > first six digits identify the bank. > > This database is checking for many different combinations of the first > four digits. It identifies anything starting with 4 as Visa, 5 with > certain values of the second digit as Mastercard, and a whole bunch of > other card types which I haven't looked into in detail. > > It doesn't go as far as identifying the bank. yes it does. <http://en.wikipedia.org/wiki/Bank_card_number> The first 6 digits of the credit card number are known as the Issuer Identification Number (IIN). These identify the institution that issued the card to the card holder. The rest of the number is allocated by the issuer. |