I convinced her about the online credit card thing long time ago. That one was considerably easier.
On Fri, Sep 3, 2010 at 12:54 PM, Ziots, Edward <[email protected]> wrote: > +1, > > > > But again people are going cash-only these days because of the economy, and > they are thinking that the debit card is tied to the available cash they > have on hand which is tied to their bank account. It takes one nice XSS/CSRF > attack via a malicious webpage while you are viewing your bank-system and > whamo, they just stole your money, hijacked your cookie on your machine to > replay to the server to access your account, and steal your money > accordingly. > > > > Its pretty sick what the web application attacks can do these days, it isnt > just about waiters stealing CC Card numbers with card swiping machines > anymore, its organized crime behind a lot of these attacks, and they want > only one thing, your money… > > > > Z > > > > Edward E. Ziots > > CISSP, Network +, Security + > > Network Engineer > > Lifespan Organization > > Email:[email protected] <email%[email protected]> > > Cell:401-639-3505 > > > > *From:* Jonathan Link [mailto:[email protected]] > *Sent:* Friday, September 03, 2010 12:46 PM > > *To:* NT System Admin Issues > *Subject:* Re: [ISN] Russian Trojan blamed for credit card losses at US > diner > > > > I've been trying to convince my wife we need to go all credit card. One of > my concerns has always been something like this, and it hits our checking > account. Once that happens, you're really in trouble. > > A credit card theft like this is much more manageable. > I know a lot of people who use a debit card at restaurants. That just > freaks me out. Who knows if that waiter isn't also scavenging CC numbers? > It's unlikely, but it's one of those cases that when it happens, you're > going to be in a mess for a while, more so if your checking account is > involved. > > > > > On Fri, Sep 3, 2010 at 12:40 PM, Kurt Buff <[email protected]> wrote: > > Which is why I also forward this to work, and will be showing it to > our Senior Staff. > > They think I'm a paranoid freak, and I think that they need to know > that they are lambs being led to slaughter if they ignore this. > > Kurt > > > On Fri, Sep 3, 2010 at 08:56, Andrew S. Baker <[email protected]> wrote: > > And, that organized crime has moved the malware scene beyond the "look at > > me!!!" stage. They longer they stay undetected, the greater the ROI. > > > > ASB (My XeeSM Profile) > > Exploiting Technology for Business Advantage... > > > > > > On Fri, Sep 3, 2010 at 11:11 AM, Carl Houseman <[email protected]> > wrote: > >> > >> Problem here, everyone seems so surprised that the infection was not > >> detected by antivirus, and presumably, had no noticeable side effects on > >> computer operation. It needs to get into the public discourse and > become > >> common knowledge that AV is not enough. > >> > >> Carl > >> > >> -----Original Message----- > >> From: Kurt Buff [mailto:[email protected]] > >> Sent: Friday, September 03, 2010 10:21 AM > >> To: NT System Admin Issues > >> Subject: Fwd: [ISN] Russian Trojan blamed for credit card losses at US > >> diner > >> > >> The full article indicates that Seattle and San Francisco area > >> businesses also might have been victim of this attack. > >> > >> > >> ---------- Forwarded message ---------- > >> From: InfoSec News <[email protected]> > >> Date: Thu, Sep 2, 2010 at 23:28 > >> Subject: [ISN] Russian Trojan blamed for credit card losses at US diner > >> To: [email protected] > >> > >> > >> > http://news.techworld.com/security/3237726/russian-trojan-blamed-for-credit-card-losses-at-us-diner/ > >> > >> By John E Dunn > >> Techworld > >> 01 September 10 > >> > >> Hundreds of lunchtime customers of a diner in the US city of Memphis are > >> believed to have had funds stolen from their debit and credit cards > >> after PCs at the venue became infected with malware. > >> > >> Large numbers of customers reported having had funds taken after using > >> Jason’s Deli in recent weeks, which prompted an investigation by the US > >> Secret Service, part of the Department of Homeland Security. > >> > >> After establishing that staff were not involved, police discovered that > >> a computer system used by to verify credit cards had been infected with > >> unidentified new-variant malware, which had logged and forwarded the > >> data to criminals believed to be in Russia. > >> > >> “The computers received a virus that was unknown before this event,” > >> said Special Agent Rick Harlow of the US Secret Service in a news > >> conference. “No antivirus program that we ran against it found it,” he > >> said. > >> > >> [...] > >> > >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > --- > > To manage subscriptions click here: > > http://lyris.sunbelt-software.com/read/my_forums/ > > or send an email to [email protected] > > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
