A third suspect has been arrested in relation to a credit card fraud case that happened July 21.
The man turned himself into police July 25 after a warrant was issued for his arrest.
The initial incident involved a group of men who were going to stores across Peterborough allegedly using stolen credit cards to make large purchases.
Two men were found and charged at the time but the third man involved wasn't found, city police said.
Sivakumar Subramaniam, 31, of St. Denis Drive of North York, came forward and was charged with possession of a stolen credit cards, possession of property obtained by crime and breach of probation.
He appears in court August 16.
Wednesday, August 01, 2007
Two officers charged in identity theft
Two corrections officers from the Central Booking and Intake Center were arrested yesterday and charged with stealing credit cards of people under arrest.
Lontona Maria Webb, 38, of the 3600 block of Clarinth Road and Latoya Renee James, 24, of the 1300 block of Dalton Road each face multiple counts of credit card fraud, identity theft and misconduct in office, according to charging documents.
In addition, Webb's boyfriend, Michael Moore, 26, also of the 3600 block of Clarinth Road, was charged with multiple offenses in connection with the scheme that police say defrauded eight victims of more than $5,000. Authorities would not specify the victims' alleged losses.
The economic crimes division of the state's attorney's office - which has been investigating the case since February - focused on the three after complaints from numerous detainees about their credit cards being stolen while they were held at Central Booking.
The three were indicted by a grand jury Thursday. The corrections officers worked the same shift at Central Booking.
During a search of Moore's and Webb's homes, police reportedly recovered credit cards of people who had been detained at Central Booking. Margaret T. Burns, a spokeswoman for the Baltimore state's attorney's office, said that more victims are likely "forthcoming" as the investigation continues.
Moore and James are being held on $100,000 bond each, and Webb on $50,000 bond. Arraignment is scheduled for Aug. 21.
Although details of the scheme are scant - Central Booking officials say they are prohibited from providing details while the investigation continues - the credit cards were stolen from detainees between November 2006 and March 2007. Court documents also show that both women worked at Central Booking when the victims claimed that their credit cards were stolen.
Nicholas Panteleakis, 34, a city public defender, said that his credit card was used to make nearly $1,000 in fraudulent purchases at McDonald's, Target and a gas station.
Panteleakis said that his credit card company took care of all of the fraudulent charges. Another alleged victim, a 26-year-old Elkridge man who was arrested for DUI in February, wasn't as lucky recouping his losses.
The man, who declined to be identified, said that his bank refunded $180 spent at a gas station and a Home Depot but that he had to pay $96 in nonsufficient-funds fees that resulted from the card charges.
The Sun detailed Panteleakis' claims of fraud at Central Booking in February. At that time, Panteleakis said he discovered that someone had used his credit card within six hours of his release from Central Booking. He said he believes the card was stolen after his wallet was checked as property at the facility when he was arrested on one count of loitering, a charged later dropped. He immediately canceled his credit card.
"If it wasn't for my access to the media and other avenues, I don't think anything would have become of it," he said. "People would still be having their stuff stolen from them."
Benjamin Brown, assistant commissioner for the Maryland Division of Pretrial Detention and Services, which operates Central Booking, said that his division has acted swiftly to deal with the allegations.
Webb was fired from her position at Central Booking in March, and James has been placed on administrative leave pending completion of an investigation, Brown said.
Security cameras also have been installed at the facility since the allegations, Brown said. The scheme is the first of its kind at Central Booking, he said.
"We get very, very few complaints of lost or stolen property, given the high volume of bookings processed each year," said Brown, referring to the 95,000 people detained annually.
Lontona Maria Webb, 38, of the 3600 block of Clarinth Road and Latoya Renee James, 24, of the 1300 block of Dalton Road each face multiple counts of credit card fraud, identity theft and misconduct in office, according to charging documents.
In addition, Webb's boyfriend, Michael Moore, 26, also of the 3600 block of Clarinth Road, was charged with multiple offenses in connection with the scheme that police say defrauded eight victims of more than $5,000. Authorities would not specify the victims' alleged losses.
The economic crimes division of the state's attorney's office - which has been investigating the case since February - focused on the three after complaints from numerous detainees about their credit cards being stolen while they were held at Central Booking.
The three were indicted by a grand jury Thursday. The corrections officers worked the same shift at Central Booking.
During a search of Moore's and Webb's homes, police reportedly recovered credit cards of people who had been detained at Central Booking. Margaret T. Burns, a spokeswoman for the Baltimore state's attorney's office, said that more victims are likely "forthcoming" as the investigation continues.
Moore and James are being held on $100,000 bond each, and Webb on $50,000 bond. Arraignment is scheduled for Aug. 21.
Although details of the scheme are scant - Central Booking officials say they are prohibited from providing details while the investigation continues - the credit cards were stolen from detainees between November 2006 and March 2007. Court documents also show that both women worked at Central Booking when the victims claimed that their credit cards were stolen.
Nicholas Panteleakis, 34, a city public defender, said that his credit card was used to make nearly $1,000 in fraudulent purchases at McDonald's, Target and a gas station.
Panteleakis said that his credit card company took care of all of the fraudulent charges. Another alleged victim, a 26-year-old Elkridge man who was arrested for DUI in February, wasn't as lucky recouping his losses.
The man, who declined to be identified, said that his bank refunded $180 spent at a gas station and a Home Depot but that he had to pay $96 in nonsufficient-funds fees that resulted from the card charges.
The Sun detailed Panteleakis' claims of fraud at Central Booking in February. At that time, Panteleakis said he discovered that someone had used his credit card within six hours of his release from Central Booking. He said he believes the card was stolen after his wallet was checked as property at the facility when he was arrested on one count of loitering, a charged later dropped. He immediately canceled his credit card.
"If it wasn't for my access to the media and other avenues, I don't think anything would have become of it," he said. "People would still be having their stuff stolen from them."
Benjamin Brown, assistant commissioner for the Maryland Division of Pretrial Detention and Services, which operates Central Booking, said that his division has acted swiftly to deal with the allegations.
Webb was fired from her position at Central Booking in March, and James has been placed on administrative leave pending completion of an investigation, Brown said.
Security cameras also have been installed at the facility since the allegations, Brown said. The scheme is the first of its kind at Central Booking, he said.
"We get very, very few complaints of lost or stolen property, given the high volume of bookings processed each year," said Brown, referring to the 95,000 people detained annually.
Credit card fraud rising
New figures have revealed that credit card fraud is continuing to rise as criminal gangs carry out more of the crimes.
Although chip and pin technology has had a positive impact on tackling card-present fraud, the research from accountants KPMG has shown that many fraudsters have moved to card-not-present scams.
Credit card fraud is now rising to record levels in the UK and the research highlights the importance of ensuring a high standard of identity authentication systems to make fraud as difficult as possible.
Banks can save significant amounts of money by ensuing identity authentication systems are complex, making it harder for fraudsters to obtain the information necessary to carry out fraudulent activity.
Commenting on the figures, Hitesh Patel of KPMG Forensic, told the Guardian: "The good news is that more fraud is being detected and prosecuted in court. The bad news is that this is probably because more fraud is being committed."
Although chip and pin technology has had a positive impact on tackling card-present fraud, the research from accountants KPMG has shown that many fraudsters have moved to card-not-present scams.
Credit card fraud is now rising to record levels in the UK and the research highlights the importance of ensuring a high standard of identity authentication systems to make fraud as difficult as possible.
Banks can save significant amounts of money by ensuing identity authentication systems are complex, making it harder for fraudsters to obtain the information necessary to carry out fraudulent activity.
Commenting on the figures, Hitesh Patel of KPMG Forensic, told the Guardian: "The good news is that more fraud is being detected and prosecuted in court. The bad news is that this is probably because more fraud is being committed."
Credit Card Fraud Still Rampant
The rampant use of credit cards, and especially that use compounded by the secret avenues of the internet, can put the common consumer in a substantially vulnerable position to become a victim of fraud. Much like computer viruses and the necessary adjustments made by internet providers, card companies and merchants are vigilantly combating fraud as it occurs and thinking of new ways to pre-empt it before it can hit. The cost of fraud is high, over 500 million pounds in the UK alone in 2004 so finding ways to anticipate and curtail the damage caused by fraud, is like the credit card industry itself, very big business.
Everyone wants a piece of the fraud protection trade. Credit card companies offer their own incentives and programs and advertise them through clever ads starring Donald Trump, Viking marauders, and unwitting customers channeling the voices of the thieves who made them victims. Internet sites like Scambusters dot com and Merchant911 dot com protect consumers and merchants respectively. Often these services are free, or just provide a forum within which consumers and merchants can share information regarding recent scams. Even email, which can easily be harvested for numbers being sent back and forth in transactions, is a potent medium through which consumers can communicate with each other about impending threats or even scams in progress. Though the elimination of fraud is an impossibility, its reduction is possible due to recent innovations in fraud prevention such as security chips, picture id's and the increasing awareness of online merchants.
Company databases often unwittingly supply massive amounts of credit card information to hackers, having conveniently kept it all in one place. Often, the merchant himself will be responsible for payment of the fraud if it is found that improper steps were taken to ascertain the purchaser's identity and/or adequately protect the identity of their consumer's. The purchases most at risk for fraud are "card not present" purchases. Sites like Merchant911.com list fraud screening sites like: preCharge, MaxMind, Cardinal Commerce, FraudSmack, WhyLabs and Merchant Sense all of them offering fraud-screening services to the merchant community, specifically e-merchants who deal exclusively with "card not present" scenarios. Consumers have other resources, including identity theft protection software, many of these offered by ClearCommerce.
Though the dangers of "card not present" shopping are manifold, the convenience and ease of shopping from home will likely do little do deter even the most nervous consumer. Though fraud may never be eradicated, online services, software and common sense go along way towards total protection.
Everyone wants a piece of the fraud protection trade. Credit card companies offer their own incentives and programs and advertise them through clever ads starring Donald Trump, Viking marauders, and unwitting customers channeling the voices of the thieves who made them victims. Internet sites like Scambusters dot com and Merchant911 dot com protect consumers and merchants respectively. Often these services are free, or just provide a forum within which consumers and merchants can share information regarding recent scams. Even email, which can easily be harvested for numbers being sent back and forth in transactions, is a potent medium through which consumers can communicate with each other about impending threats or even scams in progress. Though the elimination of fraud is an impossibility, its reduction is possible due to recent innovations in fraud prevention such as security chips, picture id's and the increasing awareness of online merchants.
Company databases often unwittingly supply massive amounts of credit card information to hackers, having conveniently kept it all in one place. Often, the merchant himself will be responsible for payment of the fraud if it is found that improper steps were taken to ascertain the purchaser's identity and/or adequately protect the identity of their consumer's. The purchases most at risk for fraud are "card not present" purchases. Sites like Merchant911.com list fraud screening sites like: preCharge, MaxMind, Cardinal Commerce, FraudSmack, WhyLabs and Merchant Sense all of them offering fraud-screening services to the merchant community, specifically e-merchants who deal exclusively with "card not present" scenarios. Consumers have other resources, including identity theft protection software, many of these offered by ClearCommerce.
Though the dangers of "card not present" shopping are manifold, the convenience and ease of shopping from home will likely do little do deter even the most nervous consumer. Though fraud may never be eradicated, online services, software and common sense go along way towards total protection.
Friday, February 23, 2007
City's credit card fraud among worst in country
FRAUDSTERS are plundering more bank accounts in Cambridge than in almost any other part of the country, a survey has revealed.
According to the poll, which questioned 5,000 people across the country, almost one in three city residents have been the victim of credit and debit card fraud.
A total of 28.5 per cent of participants from Cambridge claimed to have had cash stolen from their bank accounts, leaving the city the third-worst spot in the UK.
Only Birmingham, which topped the poll with almost 35 per cent claiming to have been targeted by fraudsters, and Plymouth, with 30 per cent, fared worse.
The survey was carried out by CPP, a life assistance service, and found Cambridge residents were most likely to have bank details stolen in shops or garages, while most incidents in Birmingham were theft from the post or over the internet.
It is one year since chip and pin card security was introduced in Britain, and this week an investigation by Cambridge University researchers broadcast on the BBC Watchdog programme revealed card details could still be stolen while shoppers made purchases.
The team demonstrated how cards could be "hijacked" by doctored payment machines, with details sent wirelessly to accomplices, and purchases then made using a fake card with those account details.
Zoe Manton, head of card protection for CPP, said: "Card fraud is a nasty business and still very common, despite the successful introduction of chip and pin.
"Although chip and pin makes life more difficult for thieves in shops, they can still use stolen cards over the internet, abroad or on the telephone. In the first six months of 2006, card fraud cost the industry £209.3 million.
"And in 2007, we expect this figure to increase slightly, driven by fraudsters using stolen UK cards abroad where chip and pin is not yet up and running, and online banking fraud."
The full extent of the problem of card fraud in Cambridge was revealed last month when residents were hit by a flood of cases, losing thousands of pounds between them.
In one spate of incidents, five villagers in Little Abington had their cards cloned in quick succession, including Karen Douglas, of London Road, her husband, mother and two neighbours, who were all targeted in a single month.
Bottisham resident Chrissy Evans had £1,300 stolen from her account, including her nineyear- old son's disability living allowance.
She said: "It seems to be such a big problem in Cambridge at the moment, and we seem to be stuck between a rock and a hard place."
According to the poll, which questioned 5,000 people across the country, almost one in three city residents have been the victim of credit and debit card fraud.
A total of 28.5 per cent of participants from Cambridge claimed to have had cash stolen from their bank accounts, leaving the city the third-worst spot in the UK.
Only Birmingham, which topped the poll with almost 35 per cent claiming to have been targeted by fraudsters, and Plymouth, with 30 per cent, fared worse.
The survey was carried out by CPP, a life assistance service, and found Cambridge residents were most likely to have bank details stolen in shops or garages, while most incidents in Birmingham were theft from the post or over the internet.
It is one year since chip and pin card security was introduced in Britain, and this week an investigation by Cambridge University researchers broadcast on the BBC Watchdog programme revealed card details could still be stolen while shoppers made purchases.
The team demonstrated how cards could be "hijacked" by doctored payment machines, with details sent wirelessly to accomplices, and purchases then made using a fake card with those account details.
Zoe Manton, head of card protection for CPP, said: "Card fraud is a nasty business and still very common, despite the successful introduction of chip and pin.
"Although chip and pin makes life more difficult for thieves in shops, they can still use stolen cards over the internet, abroad or on the telephone. In the first six months of 2006, card fraud cost the industry £209.3 million.
"And in 2007, we expect this figure to increase slightly, driven by fraudsters using stolen UK cards abroad where chip and pin is not yet up and running, and online banking fraud."
The full extent of the problem of card fraud in Cambridge was revealed last month when residents were hit by a flood of cases, losing thousands of pounds between them.
In one spate of incidents, five villagers in Little Abington had their cards cloned in quick succession, including Karen Douglas, of London Road, her husband, mother and two neighbours, who were all targeted in a single month.
Bottisham resident Chrissy Evans had £1,300 stolen from her account, including her nineyear- old son's disability living allowance.
She said: "It seems to be such a big problem in Cambridge at the moment, and we seem to be stuck between a rock and a hard place."
Data Fraud Cost Could be Passed onto Retailers
Massachusetts lawmakers are about to consider a bill that would require retailers to pay for losses when hackers and thieves breach their security systems to steal consumers' credit card and other financial information, the Wall Street Journal reported on Thursday.
Now, banks usually get stuck with credit-card fraud losses, which last year totaled more than $2 billion, the paper said.
If passed, the Massachusetts bill, the first of its kind, would make any company - be it a retailer, bank or data processor - financially liable if it's the operator of the system that is hacked, the paper said. The bill does not cover other types of credit card fraud, such as those resulting from a lost or stolen card, it said.
The Massachusetts bill, sponsored by Rep. Michael Costello, would mandate that companies whose security systems are breached assume full responsibility for any fraud-related losses, costs associated with the canceling and reissuing of cards, and in cases of identity theft, the freezing of accounts and credit information, the paper said.
The bill would apply to any company doing business in Massachusetts, regardless of where it is based, the paper said.
Now, banks usually get stuck with credit-card fraud losses, which last year totaled more than $2 billion, the paper said.
If passed, the Massachusetts bill, the first of its kind, would make any company - be it a retailer, bank or data processor - financially liable if it's the operator of the system that is hacked, the paper said. The bill does not cover other types of credit card fraud, such as those resulting from a lost or stolen card, it said.
The Massachusetts bill, sponsored by Rep. Michael Costello, would mandate that companies whose security systems are breached assume full responsibility for any fraud-related losses, costs associated with the canceling and reissuing of cards, and in cases of identity theft, the freezing of accounts and credit information, the paper said.
The bill would apply to any company doing business in Massachusetts, regardless of where it is based, the paper said.
Wednesday, February 14, 2007
The cost of theft: Citizens pay for credit card theft through higher banking, card fees
In these days of quick and easy credit card purchases of everything from gasoline at the pump to movie tickets on “Fandango,” fear of credit card theft is never far away.
“For years I’ve thought this is stupid,” said a recent local victim of credit card theft who asked not to be identified. She believes that businesses invite theft when they do not require signatures for credit card purchases — such as at a gas pump — so that the signature can be verified by a clerk. “It drives me nuts,” she said.
But credit card theft may not be the growing problem we often are told it is.
“Credit card fraud … is on the decline,” writes Indiana University professor Fred H. Cate, director of the IU Center for Applied Cybersecurity Research.
The total cost of credit card fraud fell 10 percent, to $788 million from $882 million, between 2003 and 2004, and fraudulent charges are lower as a percentage of total card use in the United States than anywhere else in the world, Cate writes.
Nevertheless, credit card fraud remains a serious and expensive problem.
“There’s no doubt that financial institutions as a group are losing millions and millions of dollars” to credit card theft, said Pete Piazza, vice president of lending at the Indiana State University Credit Union, which, like many banking institutions, issues its own credit cards. “It’s a huge problem,” he said.
By law, card holders are not liable for more than $50 in losses from credit card fraud and banks seldom, if ever, pursue even that amount, Piazza said. In most cases of credit card fraud, the issuing banks absorb the costs. Additionally, banks have higher operating costs because of credit card fraud. The ISU Federal Credit Union, for example, has a full-time employee devoted primarily to handling credit card fraud problems, Piazza said.
And of course, all these costs ultimately are passed on to the consumer in the form of higher prices, reduced services and lost jobs, Cate writes.
“For years I’ve thought this is stupid,” said a recent local victim of credit card theft who asked not to be identified. She believes that businesses invite theft when they do not require signatures for credit card purchases — such as at a gas pump — so that the signature can be verified by a clerk. “It drives me nuts,” she said.
But credit card theft may not be the growing problem we often are told it is.
“Credit card fraud … is on the decline,” writes Indiana University professor Fred H. Cate, director of the IU Center for Applied Cybersecurity Research.
The total cost of credit card fraud fell 10 percent, to $788 million from $882 million, between 2003 and 2004, and fraudulent charges are lower as a percentage of total card use in the United States than anywhere else in the world, Cate writes.
Nevertheless, credit card fraud remains a serious and expensive problem.
“There’s no doubt that financial institutions as a group are losing millions and millions of dollars” to credit card theft, said Pete Piazza, vice president of lending at the Indiana State University Credit Union, which, like many banking institutions, issues its own credit cards. “It’s a huge problem,” he said.
By law, card holders are not liable for more than $50 in losses from credit card fraud and banks seldom, if ever, pursue even that amount, Piazza said. In most cases of credit card fraud, the issuing banks absorb the costs. Additionally, banks have higher operating costs because of credit card fraud. The ISU Federal Credit Union, for example, has a full-time employee devoted primarily to handling credit card fraud problems, Piazza said.
And of course, all these costs ultimately are passed on to the consumer in the form of higher prices, reduced services and lost jobs, Cate writes.
Man sentenced for credit card fraud
The United States Attorney for the Northern District of New York, announced that Brendan Mooney, 25, of Delmar, New York, was sentenced Friday to three years imprisonment, to be followed by a period of three years supervised release.
The sentence was handed down in United States District Court in Utica based on Mooney's plea in July 2006 to both counts of an indictment charging him with credit card fraud and aggravated identity theft. Mooney also was ordered to make restitution in the total amount of $78,729 to the credit card companies that were the victims of his scheme.
According to the indictment and additional information made public at the court proceedings in the case, Mooney used his father's social security number and other identifying information, without his father's knowledge or permission, to obtain seven credit cards that he used $78,000 worth of goods in Albany County, other areas of New York, as well as in Connecticut, Pennsylvania, West Virginia, Virginia and Tennessee.
Among the items Mooney admitted obtaining was a 2005 Dodge Dakota pick-up truck that he purchased with three of the fraudulently obtained credit cards at an automobile dealership in Colonie, New York.
The sentence was handed down in United States District Court in Utica based on Mooney's plea in July 2006 to both counts of an indictment charging him with credit card fraud and aggravated identity theft. Mooney also was ordered to make restitution in the total amount of $78,729 to the credit card companies that were the victims of his scheme.
According to the indictment and additional information made public at the court proceedings in the case, Mooney used his father's social security number and other identifying information, without his father's knowledge or permission, to obtain seven credit cards that he used $78,000 worth of goods in Albany County, other areas of New York, as well as in Connecticut, Pennsylvania, West Virginia, Virginia and Tennessee.
Among the items Mooney admitted obtaining was a 2005 Dodge Dakota pick-up truck that he purchased with three of the fraudulently obtained credit cards at an automobile dealership in Colonie, New York.
100 drivers hit by card fraud
MORE than 100 motorists have fallen victim to a card-cloning gang who targeted an Edinburgh petrol station.
The thieves stole tens of thousands of pounds from the drivers' accounts after copying their credit card details at the BP garage in Barclay Place, Bruntsfield.
Police are hunting a former petrol station attendant who is believed to have been working for an organised criminal gang.
The thieves stole tens of thousands of pounds from the drivers' accounts after copying their credit card details at the BP garage in Barclay Place, Bruntsfield.
Police are hunting a former petrol station attendant who is believed to have been working for an organised criminal gang.
Credit card fraud arrests in Ajax
Toronto - Durham Regional Police have busted up a stolen credit card operation, arresting a man and woman from Ajax.
Police say they found over 100 credit cards numbers from financial institutions in Canada and the United States, in the couple's Hinsley Crescent house.
They also found a fake Canadian citizenship and Social Insurance card which police say were used to make purchases on the Internet.
Over $8,000 worth of furniture purchased with stolen credit card data was also recovered from the house.
Several retailers and financial institutions had reported losses as a result of the credit card purchases made by the couple.
Thirty-six-year-old Wilson Gumbara and 36-year-old Lorraine Hazel of Ajax are facing several fraud related charges.
Police say they found over 100 credit cards numbers from financial institutions in Canada and the United States, in the couple's Hinsley Crescent house.
They also found a fake Canadian citizenship and Social Insurance card which police say were used to make purchases on the Internet.
Over $8,000 worth of furniture purchased with stolen credit card data was also recovered from the house.
Several retailers and financial institutions had reported losses as a result of the credit card purchases made by the couple.
Thirty-six-year-old Wilson Gumbara and 36-year-old Lorraine Hazel of Ajax are facing several fraud related charges.
No easy money to be had in credit-card fraud scheme
A Stone Mountain man asked the teller of a Norcross bank for $4,000 on his Chase Visa card.
The teller, knowing an identify-theft ring had been using Chase Visas, quickly found the card was fraudulent and called police.
A Gwinnett officer found the 34-year-old suspect outside the bank talking on his cellphone. His 1992 Mercury Grand Marquis was backed into a parking space for a quick getaway. The man tried to appease the officer by explaining he had been out of work for 18 months and that a friend had recruited him into the credit-card ring to make some easy money.
The officer asked for the friend's name.
The name was an alias — or somebody else's.
Officers think they got the suspect's correct name by running his tag.
They shouldn't jump to conclusions, however, because the tag office listed his surname as "Hood."
Whoever he is, he was arrested.
The teller, knowing an identify-theft ring had been using Chase Visas, quickly found the card was fraudulent and called police.
A Gwinnett officer found the 34-year-old suspect outside the bank talking on his cellphone. His 1992 Mercury Grand Marquis was backed into a parking space for a quick getaway. The man tried to appease the officer by explaining he had been out of work for 18 months and that a friend had recruited him into the credit-card ring to make some easy money.
The officer asked for the friend's name.
The name was an alias — or somebody else's.
Officers think they got the suspect's correct name by running his tag.
They shouldn't jump to conclusions, however, because the tag office listed his surname as "Hood."
Whoever he is, he was arrested.
Wednesday, February 07, 2007
Solving Identity Theft
Identity theft is the information age’s new crime. A criminal collects enough personal data on the victim to impersonate him to banks, credit card companies and other financial institutions. Then he racks up debt in the victim’s name, collects the cash and disappears. The victim is left holding the bag.
While some of the losses are absorbed by financial institutions--credit card companies in particular--the credit-rating damage is borne by the victim. It can take years for the victim to completely clear his name.
So far, we’ve seen several “solutions” to this problem: forcing companies to disclose when they lose personal information, forcing companies to secure personal information, forcing financial institutions to enhance their authentication procedures. Unfortunately, these won’t help.
To see why, we need to start with the basics. The very term “identity theft” is an oxymoron. Identity is not a possession that can be acquired or lost; it’s not a thing at all. Someone’s identity is the one thing about a person that cannot be stolen.
The real crime here is fraud--more specifically, impersonation leading to fraud. Impersonation is an ancient crime, but the rise of information-based credentials gives it a modern spin.
A criminal impersonates a victim online and steals money from his account. He impersonates a victim in order to deceive financial institutions into granting credit to the criminal in the victim’s name. He impersonates a victim to the post office and gets the victim's address changed. He impersonates a victim in order to fool the police into arresting the wrong man. No one’s identity is stolen; instead, identity information is being misused to commit fraud.
Such crime involves two very separate issues. The first is the privacy of personal data. Personal privacy is important for many reasons, one of which is impersonation and fraud. As more information about us is collected, correlated and sold, it becomes easier for criminals to get their hands on the data they need to commit fraud.
This is what you read about in the news: personal information stolen from companies, banks, universities, government databases.
But data privacy is about more than just fraud. Whether it is the books we take out of the library, the Web sites we visit or the contents of our text messages, most of us have personal data on third-party computers that we don't want made public. The posting of Paris Hilton's phone book on the Internet is a celebrity example of this.
The second issue is the ease with which a criminal can use personal data to commit fraud. It doesn’t take much personal information to apply for a credit card in someone else's name. It’s not that hard to conduct fraudulent bank transactions in someone else’s name.
And it’s surprisingly easy to get an identification card in someone else’s name. Our current culture, where identity is verified simply and sloppily, makes it easier for a criminal to impersonate his victim.
Proposed fixes tend to concentrate on the first issue--making personal data harder to steal--whereas the real problem is the second. If we’re ever going to manage the risks and effects of electronic impersonation, we must concentrate on preventing and detecting fraudulent transactions.
Fraudulent transactions have nothing to do with the legitimate account holders. Criminals impersonate legitimate users to financial institutions. That means that any solution can't involve the account holders.
That leaves only one reasonable answer: financial institutions need to be liable for the cost of fraudulent transactions. They need to be liable for sending erroneous information to credit bureaus based on fraudulent transactions.
They should not be able to demand that the user must keep his password secure or his machine virus-free. They should not be able to require the user to monitor his accounts for fraudulent activity, or his credit reports for fraudulently obtained credit cards. Those aren’t reasonable requirements for most users. The bank must be responsible, regardless of what the user does.
If you think this won’t work, look at credit cards. Credit card companies like American Express (nyse: AXP - news - people ) are generally liable for all but the first $50 of fraudulent transactions. They’re not hurting for business; and they’re not drowning in fraud either.
They’ve developed and fielded an array of security technologies designed to detect and prevent fraudulent transactions. They’ve pushed most of the actual costs onto the merchants. And almost no security centers around are trying to authenticate the cardholder.
That’s an important lesson. Identity theft solutions focus much too much on authenticating the person. Whether it's two-factor authentication--ID cards, biometrics, or whatever--there’s a widespread myth that authenticating the person is the way to prevent these crimes.
But once you understand that the problem is fraudulent transactions, you quickly realize that authenticating the transaction, not the person, is the way to proceed.
Again, think about credit cards. Store clerks barely verify signatures when people use cards. People can use credit cards to buy things by mail, phone or Internet, where no one verifies the signature or even that you have possession of the card.
Even worse, no credit card company mandates secure storage requirements for credit cards. They don't demand that cardholders secure their wallets in any particular way. Credit card companies simply don't worry about verifying the cardholder or putting requirements on what he does. They concentrate on verifying the transaction.
This same sort of thinking needs to be applied to other areas where criminals use impersonation to commit fraud. I don’t know what the final solutions will look like, but I do know that once financial institutions are liable for losses due to these types of fraud, they will find solutions.
Maybe there will be a daily withdrawal limit, like there is on ATMs. Maybe large transactions will be delayed for a period of time, or will require a call-back from the bank or brokerage company. Maybe people will no longer be able to open a credit card account by simply filling in a bunch of information on a form.
Likely the solution will be a combination of solutions that reduces fraudulent transactions to a manageable level, but we'll never know until the financial institutions have the financial incentive to put them in place.
Right now, the economic incentives result in financial institutions that are so eager to allow transactions--new credit cards, cash transfers, whatever--that they're not paying enough attention to fraudulent transactions. They've pushed the costs for fraud onto the merchants.
But if they're liable for losses and damages to legitimate users, they'll pay more attention. And they'll mitigate the risks. Security technologies can work wonders in preventing identity theft, once the economic incentives to apply them are there.
By focusing on the fraudulent use of personal data, I do not mean to minimize the harm caused by other misuse of third-party data and violations of privacy. I believe that the U.S. would be well-served by a comprehensive Data Protection Act such as exists in the European Union. However, I do not believe that a law of this type would significantly reduce the risk of fraudulent impersonation.
To mitigate that risk, we need to concentrate on detecting and preventing fraudulent transactions. We need to make the entity, which is in the best position to mitigate the risk, responsible for that risk. And that means making the financial institutions liable for fraudulent transactions.
Doing anything less simply won't work.
While some of the losses are absorbed by financial institutions--credit card companies in particular--the credit-rating damage is borne by the victim. It can take years for the victim to completely clear his name.
So far, we’ve seen several “solutions” to this problem: forcing companies to disclose when they lose personal information, forcing companies to secure personal information, forcing financial institutions to enhance their authentication procedures. Unfortunately, these won’t help.
To see why, we need to start with the basics. The very term “identity theft” is an oxymoron. Identity is not a possession that can be acquired or lost; it’s not a thing at all. Someone’s identity is the one thing about a person that cannot be stolen.
The real crime here is fraud--more specifically, impersonation leading to fraud. Impersonation is an ancient crime, but the rise of information-based credentials gives it a modern spin.
A criminal impersonates a victim online and steals money from his account. He impersonates a victim in order to deceive financial institutions into granting credit to the criminal in the victim’s name. He impersonates a victim to the post office and gets the victim's address changed. He impersonates a victim in order to fool the police into arresting the wrong man. No one’s identity is stolen; instead, identity information is being misused to commit fraud.
Such crime involves two very separate issues. The first is the privacy of personal data. Personal privacy is important for many reasons, one of which is impersonation and fraud. As more information about us is collected, correlated and sold, it becomes easier for criminals to get their hands on the data they need to commit fraud.
This is what you read about in the news: personal information stolen from companies, banks, universities, government databases.
But data privacy is about more than just fraud. Whether it is the books we take out of the library, the Web sites we visit or the contents of our text messages, most of us have personal data on third-party computers that we don't want made public. The posting of Paris Hilton's phone book on the Internet is a celebrity example of this.
The second issue is the ease with which a criminal can use personal data to commit fraud. It doesn’t take much personal information to apply for a credit card in someone else's name. It’s not that hard to conduct fraudulent bank transactions in someone else’s name.
And it’s surprisingly easy to get an identification card in someone else’s name. Our current culture, where identity is verified simply and sloppily, makes it easier for a criminal to impersonate his victim.
Proposed fixes tend to concentrate on the first issue--making personal data harder to steal--whereas the real problem is the second. If we’re ever going to manage the risks and effects of electronic impersonation, we must concentrate on preventing and detecting fraudulent transactions.
Fraudulent transactions have nothing to do with the legitimate account holders. Criminals impersonate legitimate users to financial institutions. That means that any solution can't involve the account holders.
That leaves only one reasonable answer: financial institutions need to be liable for the cost of fraudulent transactions. They need to be liable for sending erroneous information to credit bureaus based on fraudulent transactions.
They should not be able to demand that the user must keep his password secure or his machine virus-free. They should not be able to require the user to monitor his accounts for fraudulent activity, or his credit reports for fraudulently obtained credit cards. Those aren’t reasonable requirements for most users. The bank must be responsible, regardless of what the user does.
If you think this won’t work, look at credit cards. Credit card companies like American Express (nyse: AXP - news - people ) are generally liable for all but the first $50 of fraudulent transactions. They’re not hurting for business; and they’re not drowning in fraud either.
They’ve developed and fielded an array of security technologies designed to detect and prevent fraudulent transactions. They’ve pushed most of the actual costs onto the merchants. And almost no security centers around are trying to authenticate the cardholder.
That’s an important lesson. Identity theft solutions focus much too much on authenticating the person. Whether it's two-factor authentication--ID cards, biometrics, or whatever--there’s a widespread myth that authenticating the person is the way to prevent these crimes.
But once you understand that the problem is fraudulent transactions, you quickly realize that authenticating the transaction, not the person, is the way to proceed.
Again, think about credit cards. Store clerks barely verify signatures when people use cards. People can use credit cards to buy things by mail, phone or Internet, where no one verifies the signature or even that you have possession of the card.
Even worse, no credit card company mandates secure storage requirements for credit cards. They don't demand that cardholders secure their wallets in any particular way. Credit card companies simply don't worry about verifying the cardholder or putting requirements on what he does. They concentrate on verifying the transaction.
This same sort of thinking needs to be applied to other areas where criminals use impersonation to commit fraud. I don’t know what the final solutions will look like, but I do know that once financial institutions are liable for losses due to these types of fraud, they will find solutions.
Maybe there will be a daily withdrawal limit, like there is on ATMs. Maybe large transactions will be delayed for a period of time, or will require a call-back from the bank or brokerage company. Maybe people will no longer be able to open a credit card account by simply filling in a bunch of information on a form.
Likely the solution will be a combination of solutions that reduces fraudulent transactions to a manageable level, but we'll never know until the financial institutions have the financial incentive to put them in place.
Right now, the economic incentives result in financial institutions that are so eager to allow transactions--new credit cards, cash transfers, whatever--that they're not paying enough attention to fraudulent transactions. They've pushed the costs for fraud onto the merchants.
But if they're liable for losses and damages to legitimate users, they'll pay more attention. And they'll mitigate the risks. Security technologies can work wonders in preventing identity theft, once the economic incentives to apply them are there.
By focusing on the fraudulent use of personal data, I do not mean to minimize the harm caused by other misuse of third-party data and violations of privacy. I believe that the U.S. would be well-served by a comprehensive Data Protection Act such as exists in the European Union. However, I do not believe that a law of this type would significantly reduce the risk of fraudulent impersonation.
To mitigate that risk, we need to concentrate on detecting and preventing fraudulent transactions. We need to make the entity, which is in the best position to mitigate the risk, responsible for that risk. And that means making the financial institutions liable for fraudulent transactions.
Doing anything less simply won't work.
Credit Card Companies Watchful after Retailer's Customer Data Breach
anks and credit card companies scrambled to tell their customers in the United States and overseas to watch for fraudulent activity after TJX Cos., parent of retailers Marshalls and T.J. Maxx, disclosed thefts of customer data from its computer system.
TJX said hackers had broken into a system that handles credit and debit card transactions, as well as checks and merchandise returns for customers in the U.S. and Puerto Rico. Customer accounts from the U.K. and Ireland may be affected, it said.
TJX officials refused to say how many customers were affected, but The Wall Street Journal reported Thursday that more than 40 million cards may be affected.
-- advertisement --
St. Bernard - Click Here.
Spokeswoman Sherry Lang said TJX has identified a "limited number" of credit and debit card holders whose information was stolen from its computer system, adding that the number was "substantially less than millions."
A smaller number of customer names with driver's license information was stolen from the system, she said.
Visa USA said in a statement it has provided the affected accounts to banks that issue its cards so they can take steps to protect consumers. The company said it is assessing all credit card transactions in real time to help banks distinguish fraudulent transactions from legitimate ones.
Bank of America and American Express also said they are monitoring their credit cards for unusual activity. Christine Elliott, a spokeswoman for American Express, said the company has not seen any fraudulent purchases.
Visa and other credit card companies pointed out that consumers are not responsible for fraudulent purchases.
Lang said the company believes the breach happened in May but involves credit card information dating back to 2003. The break-in was discovered in mid-December but was kept confidential until Wednesday at the request of law enforcement officials.
TJX has not been informed of any fraudulent purchases at this point, Lang said. The company posted advice on checking credit records on its Web site. The company said it has hired General Dynamics Corp. and IBM Corp. to upgrade its security system.
Mike Cook, a co-founder of ID Analytics, a San Diego-based company that detects and prevents identity fraud, said only a small percentage of accounts involved in a data breach end up misused.
"If you are a consumer and you're part of the TJX breach, you are hoping it's 10 million people because the chance of your name being misused goes down considerably depending on the size of the data breach," Cook said.
TJX said hackers had broken into a system that handles credit and debit card transactions, as well as checks and merchandise returns for customers in the U.S. and Puerto Rico. Customer accounts from the U.K. and Ireland may be affected, it said.
TJX officials refused to say how many customers were affected, but The Wall Street Journal reported Thursday that more than 40 million cards may be affected.
-- advertisement --
St. Bernard - Click Here.
Spokeswoman Sherry Lang said TJX has identified a "limited number" of credit and debit card holders whose information was stolen from its computer system, adding that the number was "substantially less than millions."
A smaller number of customer names with driver's license information was stolen from the system, she said.
Visa USA said in a statement it has provided the affected accounts to banks that issue its cards so they can take steps to protect consumers. The company said it is assessing all credit card transactions in real time to help banks distinguish fraudulent transactions from legitimate ones.
Bank of America and American Express also said they are monitoring their credit cards for unusual activity. Christine Elliott, a spokeswoman for American Express, said the company has not seen any fraudulent purchases.
Visa and other credit card companies pointed out that consumers are not responsible for fraudulent purchases.
Lang said the company believes the breach happened in May but involves credit card information dating back to 2003. The break-in was discovered in mid-December but was kept confidential until Wednesday at the request of law enforcement officials.
TJX has not been informed of any fraudulent purchases at this point, Lang said. The company posted advice on checking credit records on its Web site. The company said it has hired General Dynamics Corp. and IBM Corp. to upgrade its security system.
Mike Cook, a co-founder of ID Analytics, a San Diego-based company that detects and prevents identity fraud, said only a small percentage of accounts involved in a data breach end up misused.
"If you are a consumer and you're part of the TJX breach, you are hoping it's 10 million people because the chance of your name being misused goes down considerably depending on the size of the data breach," Cook said.
Protect yourself from ID theft
There's a way for you to protect yourself from fraud and identity theft while improving your credit card score at the same time.
The Better Business Bureau says it's much easier than you might think.
From email and spam to phone calls from telemarketers and junk mail, they can all be summed up with one word - annoying.
"Spam is a bother, a phone call is a bother,” said Tom Bartholomy, President of the Better Business Bureau in Charlotte.
A website from the Consumer Credit Reporting Industry allows people to keep unwanted credit cards out of their mailbox.
He says an increasing number of consumers are turning to things like the Do-Not-Call Registry and spam blockers. When it comes to junk mail, there's one particular piece of mail you need to watch out for, and that’s credit card offers.
“That's what they're looking for,” he continued. “Those types of opportunities to say ‘Oh look, Jane Smith got this credit card offer, I can just fill it out, change the address, have the card sent to the scammer.’ Boom, you're a victim of credit card fraud."
Even if the cards haven't been activated, they can still lead to fraud or identity theft. There's an easy way to protect yourself. OptOutPrescreen.com allows people to keep unwanted credit cards out of their mailbox.
“This is one of the biggest consumer secrets that's out there right now,” Batholomy added.
"OptOutPrescreen.com has been a great tool that we've used to increase their credit score by as much as 50 points within five days,” said Heather Goodall, an account executive at the First National Bank of Arizona. She says she tells all her customers to opt out of getting credit card offers.
"I don't know of any other tool that you can use and potentially increase your credit score potentially that much in such a short period of time,” she continued.
Bartholomy said, "That's a win, win, win all the way around."
The Better Business Bureau says, unfortunately, there's little people can do to cut down on junk mail. If you'd like to stop getting credit card solicitations, visit OptOutPrescreen.com.
The Better Business Bureau says it's much easier than you might think.
From email and spam to phone calls from telemarketers and junk mail, they can all be summed up with one word - annoying.
"Spam is a bother, a phone call is a bother,” said Tom Bartholomy, President of the Better Business Bureau in Charlotte.
A website from the Consumer Credit Reporting Industry allows people to keep unwanted credit cards out of their mailbox.
He says an increasing number of consumers are turning to things like the Do-Not-Call Registry and spam blockers. When it comes to junk mail, there's one particular piece of mail you need to watch out for, and that’s credit card offers.
“That's what they're looking for,” he continued. “Those types of opportunities to say ‘Oh look, Jane Smith got this credit card offer, I can just fill it out, change the address, have the card sent to the scammer.’ Boom, you're a victim of credit card fraud."
Even if the cards haven't been activated, they can still lead to fraud or identity theft. There's an easy way to protect yourself. OptOutPrescreen.com allows people to keep unwanted credit cards out of their mailbox.
“This is one of the biggest consumer secrets that's out there right now,” Batholomy added.
"OptOutPrescreen.com has been a great tool that we've used to increase their credit score by as much as 50 points within five days,” said Heather Goodall, an account executive at the First National Bank of Arizona. She says she tells all her customers to opt out of getting credit card offers.
"I don't know of any other tool that you can use and potentially increase your credit score potentially that much in such a short period of time,” she continued.
Bartholomy said, "That's a win, win, win all the way around."
The Better Business Bureau says, unfortunately, there's little people can do to cut down on junk mail. If you'd like to stop getting credit card solicitations, visit OptOutPrescreen.com.
South Africa: Card Fraud Suspect Wins Bail
A Bulgarian woman has been released on bail while her Cape Town fiancé awaits formal charges of fraud involving close on R1 million.
Antoinette Pitkova, 25, and Mario de Oliveria were arrested at their Table View home late last year. They appeared before Magistrate Mogamad Esau in the Cape Town Magistrate's Court yesterday.
Pitkova had been denied bail in her last court appearance, despite her attorney's appeal for medical treatment.
He said she displayed suicidal tendencies and had chest pains.
The State alleges that the couple manufactured illegal credit cards at their home.
State advocate Zama Matayi said the State no longer opposed bail. He proposed a bail amount of R10 000 and suggested strict bail conditions.
Defence attorney George Catsicadellis, the third attorney to go on record for both accused since their arrest on December 28, read out Pitkova's affidavit and confirmed the recommended bail and conditions.
The accused were arrested during a raid in which police seized about R200 000 of electronic equipment used in the manufacture of credit cards.
The equipment included a skimming device used to read, write and encode credit cards and an embossing machine to imprint the details of the alleged cardholder.
Police also seized 100 blank plastic cards ready for production, five computers and two unlicensed firearms.
Esau set bail at R10 000 on condition that Pitkova handed over her two passports and any other travel documents to the investigating officer, that she reported to the Table View police station every second day, and that she stayed away from the country's border posts.
A smiling Pitkova seemed in good spirits, unlike her crying and disorientation in her previous court appearances.
Matayi requested a postponement. Catsicadellis confirmed the request for the charge sheet and asked that the postponement be marked for a bail application.
Matayi said the case was still being investigated and that alleged offences so far involved more than R500 000.
Esau remanded De Oliveria and postponed the case to next Tuesday for a provisional charge sheet and a bail application hearing.
Antoinette Pitkova, 25, and Mario de Oliveria were arrested at their Table View home late last year. They appeared before Magistrate Mogamad Esau in the Cape Town Magistrate's Court yesterday.
Pitkova had been denied bail in her last court appearance, despite her attorney's appeal for medical treatment.
He said she displayed suicidal tendencies and had chest pains.
The State alleges that the couple manufactured illegal credit cards at their home.
State advocate Zama Matayi said the State no longer opposed bail. He proposed a bail amount of R10 000 and suggested strict bail conditions.
Defence attorney George Catsicadellis, the third attorney to go on record for both accused since their arrest on December 28, read out Pitkova's affidavit and confirmed the recommended bail and conditions.
The accused were arrested during a raid in which police seized about R200 000 of electronic equipment used in the manufacture of credit cards.
The equipment included a skimming device used to read, write and encode credit cards and an embossing machine to imprint the details of the alleged cardholder.
Police also seized 100 blank plastic cards ready for production, five computers and two unlicensed firearms.
Esau set bail at R10 000 on condition that Pitkova handed over her two passports and any other travel documents to the investigating officer, that she reported to the Table View police station every second day, and that she stayed away from the country's border posts.
A smiling Pitkova seemed in good spirits, unlike her crying and disorientation in her previous court appearances.
Matayi requested a postponement. Catsicadellis confirmed the request for the charge sheet and asked that the postponement be marked for a bail application.
Matayi said the case was still being investigated and that alleged offences so far involved more than R500 000.
Esau remanded De Oliveria and postponed the case to next Tuesday for a provisional charge sheet and a bail application hearing.
Rs 13.5-cr credit card scam busted
Amid concerns over rising credit card fraud cases across the country, the Mumbai police has unearthed a massive Rs 13.5 crore online air ticket scam, sending shockwaves among credit card users across the country.
According to Mumbai police sources, the Economic Offences Wing of its crime branch on Wednesday busted the Rs 13.5-crore credit card racket that cheated Kingfisher Airlines by fraudulently booking more than 15,000 tickets on the Internet using credit card numbers. The police have arrested one person, Ahmed Sheikh, in this connection.
The police claim the gang had floated a travel agency, called KGN Aviation, and used to book airline tickets online using credit card numbers obtained from hotels, shopping malls, restaurants and other retail outlets.
The scam came to light after the airlines lodged a complaint with the EOW December 21 last year, regarding the massive scale on which online tickets were being booked fraudulently. Most of the credit cards used for the transactions were from the ICICI Bank.
"Consumers, whose credit card numbers the gang had got hold of, were stunned after receiving bills of transactions which they never made. As a result, they began complaining to the bank. The complaints swelled between July and November last year," news agency IANS quoted a senior EOW official as saying.
"Suspecting fraud, the bank asked the customers not to pay the money they had not actually spent on the tickets and instead charged the amount of Rs 135 million back to Kingfisher Airlines."
"It was then that the airlines lodged a complaint with us, saying 15,255 tickets were fraudulently booked through the net and in each case the gang had used a different credit card number," the EOW official told IANS.
"After receiving complaints from Kingfisher Airlines, we began our investigations and stumbled upon KGN Aviation. The gang had intercepted details of all the 15,225 credit cards from accomplices in various hotels, restaurants, malls and retails outlets," he said.
"They knew the credit card numbers, expiry dates and customer verification value (CVV) numbers — the additional three digits printed on the signature strip on the back of the card," the official said.
"The modus operandi of the gang was to log on to the websites of leading private airlines that issued email confirmations of bookings. The gang used the details to book tickets online and take printouts of the email confirmations which could be exchanged with boarding passes or tickets," he added.
The members of the gang would then hang around at international air transport association (IATA) offices, restaurants and bars and befriend frequent as well as first time flyers, by offering them tickets at a much cheaper rate than offered by travel agents, the official said.
"Though, we have arrested Sheikh, we are on the lookout for Sameer Kasam Sheikh, the mastermind of the scam, and also trying to locate the computers from which the gang operated. Several cyber cafes are also under the scanner, from where the gang is believed to have operated. More arrests are likely to be made soon," he said.
According to Mumbai police sources, the Economic Offences Wing of its crime branch on Wednesday busted the Rs 13.5-crore credit card racket that cheated Kingfisher Airlines by fraudulently booking more than 15,000 tickets on the Internet using credit card numbers. The police have arrested one person, Ahmed Sheikh, in this connection.
The police claim the gang had floated a travel agency, called KGN Aviation, and used to book airline tickets online using credit card numbers obtained from hotels, shopping malls, restaurants and other retail outlets.
The scam came to light after the airlines lodged a complaint with the EOW December 21 last year, regarding the massive scale on which online tickets were being booked fraudulently. Most of the credit cards used for the transactions were from the ICICI Bank.
"Consumers, whose credit card numbers the gang had got hold of, were stunned after receiving bills of transactions which they never made. As a result, they began complaining to the bank. The complaints swelled between July and November last year," news agency IANS quoted a senior EOW official as saying.
"Suspecting fraud, the bank asked the customers not to pay the money they had not actually spent on the tickets and instead charged the amount of Rs 135 million back to Kingfisher Airlines."
"It was then that the airlines lodged a complaint with us, saying 15,255 tickets were fraudulently booked through the net and in each case the gang had used a different credit card number," the EOW official told IANS.
"After receiving complaints from Kingfisher Airlines, we began our investigations and stumbled upon KGN Aviation. The gang had intercepted details of all the 15,225 credit cards from accomplices in various hotels, restaurants, malls and retails outlets," he said.
"They knew the credit card numbers, expiry dates and customer verification value (CVV) numbers — the additional three digits printed on the signature strip on the back of the card," the official said.
"The modus operandi of the gang was to log on to the websites of leading private airlines that issued email confirmations of bookings. The gang used the details to book tickets online and take printouts of the email confirmations which could be exchanged with boarding passes or tickets," he added.
The members of the gang would then hang around at international air transport association (IATA) offices, restaurants and bars and befriend frequent as well as first time flyers, by offering them tickets at a much cheaper rate than offered by travel agents, the official said.
"Though, we have arrested Sheikh, we are on the lookout for Sameer Kasam Sheikh, the mastermind of the scam, and also trying to locate the computers from which the gang operated. Several cyber cafes are also under the scanner, from where the gang is believed to have operated. More arrests are likely to be made soon," he said.
Bank card users get fraud warning
Central Kentucky consumers who have used a credit card or debit card when shopping at T.J. Maxx, Marshall's or HomeGoods will want to watch their bank or credit card statements carefully.
And some of them may want to watch the mail for a new debit card.
TJX, a Massachusetts-based company that operates T.J. Maxx, Marshall's, HomeGoods and several other retail chains in the United States and abroad, announced last week that an "unauthorized intruder" had hacked into the system that the company uses for credit and debit card transactions, checks and merchandise returns.
Because of the possibility of fraud, TJX notified the credit card companies of individuals whose credit and debit card information might have been compromised, and the credit firms have since been notifying financial institutions of their customers' situations.
Banks and credit unions decide whether to issue new cards to those customers or to keep an eye on their accounts for fraudulent transactions.
At JP Morgan Chase, "we constantly are monitoring and are involved in the fraud prevention," said spokeswoman Nancy Norris.
The company is not automatically issuing new cards to individuals whose account numbers might have been stolen, she said.
"We continuously monitor accounts for any suspicious behavior and notify cardmembers immediately if something unusual is detected," Chase said in a statement.
About 200 debit cards issued by the Lexington Postal Credit Union have been compromised and are being replaced, said Sharon Moore, president of the organization.
The likelihood that those debit cards would be used to make fraudulent purchases is slim, she said. But to be safe, the credit union is immediately blocking affected cards and ordering new ones for those customers.
"The risk is probably really low, but we don't want to play with that risk," Moore said.
After blocking the cards, Moore said, the credit union has been notifying the customers of the situation.
However, some customers who use their cards frequently have been learning of the issue the hard way Ð as they try to use their card and it is declined.
When the University of Kentucky Federal Credit Union was notified of compromised accounts, it flagged the accounts and ordered new debit cards for the customers, said interim CEO Greg Baker.
In the meantime, rather than blocking all transactions to those cards, Baker said the UK credit union has been lowering the limits on the charges that can be applied while still allowing the customer to use the card.
Baker declined to say how many credit union members have been affected, but he said none have been the victims of fraudulent purchases.
TJX has not said how many people's information might have been stolen nationwide.
The company said the stolen customer data included information from 2003 transactions, as well as information from mid-May 2006 through December, when the breach was discovered.
Avivah Litan, a data security analyst for Garter Inc., said it could be difficult for the company to determine the scope of the breach because the thieves had a lot of time to sell and circulate the information before the hacking was discovered.
Some of the customer data has been used to make fraudulent debit card and credit card purchases in Florida, Georgia, and Louisiana, and in Hong Kong and Sweden, according to the Massachusetts Bankers Association.
"We expect that this is going to continue and the fraud may widen," said Bruce Spitzer, spokesman for the Massachusetts group.
He said the cost to banks of reissuing hundreds of thousands of cards alone will be "enormous."
This kind of information breach is not uncommon in today's technology-driven economy.
But Heather Clary, spokeswoman for the Better Business Bureau of Central and Eastern Kentucky, said consumers can use technology to their advantage.
Rather than having to wait for a monthly statement, consumers now have the ability to catch fraud more quickly by checking their bank and credit card accounts online frequently.
"Diligence is the key," she said.
Clary also said consumers who notice something suspicious on their statements should notify their financial institutions immediately.
"Don't delay if you see something that's unauthorized," she said.
Credit card companies have noted that consumers are not responsible for fraudulent purchases, but it's easier to correct such situations when they're caught quickly.
Consumers should also protect against fraud by taking advantage of free annual credit reports, which are available at 1-877-322-8228 or at www. annualcreditreport.com.
Although major thefts of information like this one get lots of attention, Norris, of JP Morgan Chase, said most fraud "is still done the old fashioned way" Ð by thieves who steal cards, sift through the trash for account numbers or peek over consumers' shoulders to see their card numbers.
"You're more at risk if you aren't personally protecting your number," she said.
And some of them may want to watch the mail for a new debit card.
TJX, a Massachusetts-based company that operates T.J. Maxx, Marshall's, HomeGoods and several other retail chains in the United States and abroad, announced last week that an "unauthorized intruder" had hacked into the system that the company uses for credit and debit card transactions, checks and merchandise returns.
Because of the possibility of fraud, TJX notified the credit card companies of individuals whose credit and debit card information might have been compromised, and the credit firms have since been notifying financial institutions of their customers' situations.
Banks and credit unions decide whether to issue new cards to those customers or to keep an eye on their accounts for fraudulent transactions.
At JP Morgan Chase, "we constantly are monitoring and are involved in the fraud prevention," said spokeswoman Nancy Norris.
The company is not automatically issuing new cards to individuals whose account numbers might have been stolen, she said.
"We continuously monitor accounts for any suspicious behavior and notify cardmembers immediately if something unusual is detected," Chase said in a statement.
About 200 debit cards issued by the Lexington Postal Credit Union have been compromised and are being replaced, said Sharon Moore, president of the organization.
The likelihood that those debit cards would be used to make fraudulent purchases is slim, she said. But to be safe, the credit union is immediately blocking affected cards and ordering new ones for those customers.
"The risk is probably really low, but we don't want to play with that risk," Moore said.
After blocking the cards, Moore said, the credit union has been notifying the customers of the situation.
However, some customers who use their cards frequently have been learning of the issue the hard way Ð as they try to use their card and it is declined.
When the University of Kentucky Federal Credit Union was notified of compromised accounts, it flagged the accounts and ordered new debit cards for the customers, said interim CEO Greg Baker.
In the meantime, rather than blocking all transactions to those cards, Baker said the UK credit union has been lowering the limits on the charges that can be applied while still allowing the customer to use the card.
Baker declined to say how many credit union members have been affected, but he said none have been the victims of fraudulent purchases.
TJX has not said how many people's information might have been stolen nationwide.
The company said the stolen customer data included information from 2003 transactions, as well as information from mid-May 2006 through December, when the breach was discovered.
Avivah Litan, a data security analyst for Garter Inc., said it could be difficult for the company to determine the scope of the breach because the thieves had a lot of time to sell and circulate the information before the hacking was discovered.
Some of the customer data has been used to make fraudulent debit card and credit card purchases in Florida, Georgia, and Louisiana, and in Hong Kong and Sweden, according to the Massachusetts Bankers Association.
"We expect that this is going to continue and the fraud may widen," said Bruce Spitzer, spokesman for the Massachusetts group.
He said the cost to banks of reissuing hundreds of thousands of cards alone will be "enormous."
This kind of information breach is not uncommon in today's technology-driven economy.
But Heather Clary, spokeswoman for the Better Business Bureau of Central and Eastern Kentucky, said consumers can use technology to their advantage.
Rather than having to wait for a monthly statement, consumers now have the ability to catch fraud more quickly by checking their bank and credit card accounts online frequently.
"Diligence is the key," she said.
Clary also said consumers who notice something suspicious on their statements should notify their financial institutions immediately.
"Don't delay if you see something that's unauthorized," she said.
Credit card companies have noted that consumers are not responsible for fraudulent purchases, but it's easier to correct such situations when they're caught quickly.
Consumers should also protect against fraud by taking advantage of free annual credit reports, which are available at 1-877-322-8228 or at www. annualcreditreport.com.
Although major thefts of information like this one get lots of attention, Norris, of JP Morgan Chase, said most fraud "is still done the old fashioned way" Ð by thieves who steal cards, sift through the trash for account numbers or peek over consumers' shoulders to see their card numbers.
"You're more at risk if you aren't personally protecting your number," she said.
Canadian banks say no signs of credit card fraud victims after Winners breach
Several Canadian banks said Thursday they have had no reports of credit card fraud after a security breach at the parent company of Winners and HomeSense.
Officials at Royal Bank, Bank of Montreal, and TD Bank all told CBC News that they have seen no cases of fraud stemming from the breach at Massachusetts-based TJX Cos. Visa officials in Canada also said they have not seen cases of abuse from the case.
In an interview with CBC News, RBC spokeswoman Beja Rodeck encouraged customers to examine their accounts for any signs of credit card fraud. She added that customers will not be held responsible in cases of fraudulent use of their cards.
Customer information stolen from TJX has been used to make fraudulent debit and credit card purchases, the Massachusetts Bankers Association confirmed Wednesday. The fraudulent purchases were made in Florida, Georgia and Louisiana, as well as in Hong Kong and Sweden, the association said.
While the association made no mention of Canada, the Globe and Mail, quoting financial sources, reported Thursday that thousands of Canadians are indeed among the fraud victims.
Last week, TJX said hackers stole customer information from its computer systems.
Continue Article
<A TARGET="_blank" HREF="http://ad.doubleclick.net/click%3Bh=v8/34f2/3/0/%2a/g%3B71726569%3B0-0%3B0%3B11710857%3B4307-300/250%3B19898344/19916238/1%3B%3B%7Esscs%3D%3fhttp://clk.atdmt.com/OMT/go/cbcngint0030000042omt/direct/01/"><IMG SRC="http://m1.2mdn.net/1036098/qtw_en1_jan19_300x250_en.gif" BORDER=0></A>
The company has refused to say how many customers had their data stolen or accessed by a computer hacker, but the Globe and Mail reported it could be two million Visa credit card accounts in Canada and roughly 20 million worldwide.
The Massachusetts Bankers Association said it has heard from 60 of its 205 member banks and is expecting the number of fraud cases to grow.
TJX has not commented on these latest reports.
The company is considering offering free credit card monitoring to customers whose cards have been exposed.
A customer alert notification remains on the company's website — including on the Winners and HomeSense sites in Canada — advising people to find out whether they have been victims of fraud.
Officials at Royal Bank, Bank of Montreal, and TD Bank all told CBC News that they have seen no cases of fraud stemming from the breach at Massachusetts-based TJX Cos. Visa officials in Canada also said they have not seen cases of abuse from the case.
In an interview with CBC News, RBC spokeswoman Beja Rodeck encouraged customers to examine their accounts for any signs of credit card fraud. She added that customers will not be held responsible in cases of fraudulent use of their cards.
Customer information stolen from TJX has been used to make fraudulent debit and credit card purchases, the Massachusetts Bankers Association confirmed Wednesday. The fraudulent purchases were made in Florida, Georgia and Louisiana, as well as in Hong Kong and Sweden, the association said.
While the association made no mention of Canada, the Globe and Mail, quoting financial sources, reported Thursday that thousands of Canadians are indeed among the fraud victims.
Last week, TJX said hackers stole customer information from its computer systems.
Continue Article
<A TARGET="_blank" HREF="http://ad.doubleclick.net/click%3Bh=v8/34f2/3/0/%2a/g%3B71726569%3B0-0%3B0%3B11710857%3B4307-300/250%3B19898344/19916238/1%3B%3B%7Esscs%3D%3fhttp://clk.atdmt.com/OMT/go/cbcngint0030000042omt/direct/01/"><IMG SRC="http://m1.2mdn.net/1036098/qtw_en1_jan19_300x250_en.gif" BORDER=0></A>
The company has refused to say how many customers had their data stolen or accessed by a computer hacker, but the Globe and Mail reported it could be two million Visa credit card accounts in Canada and roughly 20 million worldwide.
The Massachusetts Bankers Association said it has heard from 60 of its 205 member banks and is expecting the number of fraud cases to grow.
TJX has not commented on these latest reports.
The company is considering offering free credit card monitoring to customers whose cards have been exposed.
A customer alert notification remains on the company's website — including on the Winners and HomeSense sites in Canada — advising people to find out whether they have been victims of fraud.
Credit card fears widen
Anne Marie Jean of Brockton wasn't scared away from shopping at A.J. Wright in Brockton this week, but since reports that credit and debit card numbers were stolen from its parent company, TJX Companies, she'll think twice about using anything but cash.
“I would be worried,” she said of using her card, even though she has done so in the past.
Local bankers are worried, too. Local banks and credit unions are reissuing thousands of cards to their customers who may have been affected, but the scope of the data theft is still unclear. Framingham-based TJX Companies, the parent company of U.S. stores T.J. Maxx, HomeGoods, Marshalls, A.J.Wright and Bob's Stores, reported Jan. 17 that computer hackers gained access to an undetermined number of credit card and debit card numbers in a security breach in December — possibly committed by a high-tech, international organized crime ring.
Hackers may have data associated with purchases made in 2003, and between May and December in 2006, according to a statement from the company.
The company has determined that transactions at Bob's Stores were not involved in the security breach, according to an advertisement in today's paper.
Last week, evidence of the stolen data began to appear on the bank statements of innocent consumers. According to news reports on TheBostonChannel.com, Paula O'Rourke, of Holbrook was a victim of credit card fraud in December after shopping at HomeGoods in Florida.
She believes the fraudulent purchases stem from the use of her card there.
Meanwhile, bank and credit union workers scrambled to protect their customers.
“We have a whole team of people working on this,” said Jim Blake, president and CEO of Brockton-based HarborOne Credit Union.
While the company is still investigating the records of Bob's Stores purchases, customers who made purchases at any of its other American stores may have had their credit card or debit card information stolen, said a TJX customer service representative.
While the card numbers weren't associated with names or addresses, some of them have been used to make fraudulent purchases in Florida, Georgia, Louisiana, and abroad in Hong Kong and Sweden.
“That says to me that this information has been sold,” said Blake. “These are not people operating out of a basement in a building. They are highly trained — some at U.S. universities — working for organized crime units around the world, mostly outside of the U.S.”
In addition to using the numbers to make purchases, thieves are also mining sources for data associated with those numbers to steal entire financial identities, Blake said.
“You could wake up one day with a $300,000 mortgage on a house in Florida, but no house,” he said.
To protect members of HarborOne Credit union, 9,000 new cards will be issued to some of its 97,000 members. Rather than wait for a report of fraudulent activity, the credit union will issue new cards to any account identified by Visa or Mastercard as associated with the TJX security breach, Blake said. The processing and replacement cards will cost the credit union $100,000, he added.
Security breaches occur on nearly a monthly basis, Blake said, but this is the largest to date.
Randolph Savings Bank will issue 1,500 new cards to its affected members, said Tom Trummey, senior vice president and chief operating officer. The compromised accounts represent a small percentage of the 12,000 cards issued by that bank, he said.
But Trummey himself had to get a new card, since he had used his Randolph Savings Bank debit card to holiday shop at area T.J.Maxx and Marshalls stores, and his account was compromised.
But he hasn't been scared away from making electronic purchases, he said. Neither was Andrea Beaumont of Taunton, who was shopping at T.J. Maxx in Taunton Friday. “I just figure I'll be lucky, I guess.”
Many consumers continue to try their luck, and rightly so, said John Hurst, president of the Retailers Association of Massachusetts. “People shouldn't feel they should pay for everything with cash. Making electronic purchases can be safer than carrying around a lot of cash, and you are protected,” he said.
Consumers are “held harmless” for fraudulent purchases, he said. “They're not going to charge you for criminal activity on your account. Report it immediately, and you'll be OK,” he said.
Some consumers forego the conscientious approach, but still aren't worried. Sarah Seavey, of Norton, was shopping with her card Friday at T.J. Maxx in Taunton, but she doesn't think the number would do thieves any good. “There no money in the account anyway,” she said.
Officials at Bristol County Savings Bank in Taunton declined to be interviewed for this story.
“I would be worried,” she said of using her card, even though she has done so in the past.
Local bankers are worried, too. Local banks and credit unions are reissuing thousands of cards to their customers who may have been affected, but the scope of the data theft is still unclear. Framingham-based TJX Companies, the parent company of U.S. stores T.J. Maxx, HomeGoods, Marshalls, A.J.Wright and Bob's Stores, reported Jan. 17 that computer hackers gained access to an undetermined number of credit card and debit card numbers in a security breach in December — possibly committed by a high-tech, international organized crime ring.
Hackers may have data associated with purchases made in 2003, and between May and December in 2006, according to a statement from the company.
The company has determined that transactions at Bob's Stores were not involved in the security breach, according to an advertisement in today's paper.
Last week, evidence of the stolen data began to appear on the bank statements of innocent consumers. According to news reports on TheBostonChannel.com, Paula O'Rourke, of Holbrook was a victim of credit card fraud in December after shopping at HomeGoods in Florida.
She believes the fraudulent purchases stem from the use of her card there.
Meanwhile, bank and credit union workers scrambled to protect their customers.
“We have a whole team of people working on this,” said Jim Blake, president and CEO of Brockton-based HarborOne Credit Union.
While the company is still investigating the records of Bob's Stores purchases, customers who made purchases at any of its other American stores may have had their credit card or debit card information stolen, said a TJX customer service representative.
While the card numbers weren't associated with names or addresses, some of them have been used to make fraudulent purchases in Florida, Georgia, Louisiana, and abroad in Hong Kong and Sweden.
“That says to me that this information has been sold,” said Blake. “These are not people operating out of a basement in a building. They are highly trained — some at U.S. universities — working for organized crime units around the world, mostly outside of the U.S.”
In addition to using the numbers to make purchases, thieves are also mining sources for data associated with those numbers to steal entire financial identities, Blake said.
“You could wake up one day with a $300,000 mortgage on a house in Florida, but no house,” he said.
To protect members of HarborOne Credit union, 9,000 new cards will be issued to some of its 97,000 members. Rather than wait for a report of fraudulent activity, the credit union will issue new cards to any account identified by Visa or Mastercard as associated with the TJX security breach, Blake said. The processing and replacement cards will cost the credit union $100,000, he added.
Security breaches occur on nearly a monthly basis, Blake said, but this is the largest to date.
Randolph Savings Bank will issue 1,500 new cards to its affected members, said Tom Trummey, senior vice president and chief operating officer. The compromised accounts represent a small percentage of the 12,000 cards issued by that bank, he said.
But Trummey himself had to get a new card, since he had used his Randolph Savings Bank debit card to holiday shop at area T.J.Maxx and Marshalls stores, and his account was compromised.
But he hasn't been scared away from making electronic purchases, he said. Neither was Andrea Beaumont of Taunton, who was shopping at T.J. Maxx in Taunton Friday. “I just figure I'll be lucky, I guess.”
Many consumers continue to try their luck, and rightly so, said John Hurst, president of the Retailers Association of Massachusetts. “People shouldn't feel they should pay for everything with cash. Making electronic purchases can be safer than carrying around a lot of cash, and you are protected,” he said.
Consumers are “held harmless” for fraudulent purchases, he said. “They're not going to charge you for criminal activity on your account. Report it immediately, and you'll be OK,” he said.
Some consumers forego the conscientious approach, but still aren't worried. Sarah Seavey, of Norton, was shopping with her card Friday at T.J. Maxx in Taunton, but she doesn't think the number would do thieves any good. “There no money in the account anyway,” she said.
Officials at Bristol County Savings Bank in Taunton declined to be interviewed for this story.
Credit card fraud could be stopped
In the future, identity thieves and Internet hackers may find themselves out of a job - or at least that's what one Calgary scientist is hoping.
Wolfgang Tittel, from the University of Calgary's Centre for Information Security and Cryptography, is working on a way to secure personal information to stop those trying to gain unauthorized access.
His approach marries quantum information science with encryption technology. The offspring of these - he hopes - will be a system that moves data on light particles so fast, it essentially teleports it from one end to another.
Tamper-proof info
To achieve this ultra-secure state, Dr Tittel is using fibre optics to send data on photons. The fibre optics would act as superhighways for bits of information. Hypothetically, this data would move so fast that any attempt by a hacker to obtain private information would interrupt the flow and alter the encryption in such a way that it would show it has been tampered with.
A fundamental law in quantum physics holds that it is impossible for a hacker to access a key without changing it: In this application, security codes would be carried in bundles with a particular configuration. If the bundles were disrupted during transmission, they re-configure and the information scrambles.
Today and tomorrow
At the moment, there is no way to tell whether a key has been accessed. Some technologies are capable of scrambling the information for short periods of time, but they still leave questions as to whether it was copied.
But Dr. Tittel is working to change that in the next several years. While he notes that initial uses will likely be the military, he projects that one day, everything from Internet banking to medical records will be hacker-proof.
Wolfgang Tittel, from the University of Calgary's Centre for Information Security and Cryptography, is working on a way to secure personal information to stop those trying to gain unauthorized access.
His approach marries quantum information science with encryption technology. The offspring of these - he hopes - will be a system that moves data on light particles so fast, it essentially teleports it from one end to another.
Tamper-proof info
To achieve this ultra-secure state, Dr Tittel is using fibre optics to send data on photons. The fibre optics would act as superhighways for bits of information. Hypothetically, this data would move so fast that any attempt by a hacker to obtain private information would interrupt the flow and alter the encryption in such a way that it would show it has been tampered with.
A fundamental law in quantum physics holds that it is impossible for a hacker to access a key without changing it: In this application, security codes would be carried in bundles with a particular configuration. If the bundles were disrupted during transmission, they re-configure and the information scrambles.
Today and tomorrow
At the moment, there is no way to tell whether a key has been accessed. Some technologies are capable of scrambling the information for short periods of time, but they still leave questions as to whether it was copied.
But Dr. Tittel is working to change that in the next several years. While he notes that initial uses will likely be the military, he projects that one day, everything from Internet banking to medical records will be hacker-proof.
Tuesday, February 06, 2007
Three held after credit card fraud hits city
POLICE have arrested three men in connection with a credit card fraud that has been sweeping the city.
An extensive investigation into the scam was launched after police received 42 complaints from the public about dodgy transactions appearing on their statements.
MMostMost of the victims had never visited the countries where the transactions took place.
Money had gone from unsuspecting victim's accounts and payments had been made from all over the world, including right across Europe and as far away as Malaysia.
Money had gone from unsuspecting victim's accounts and payments had been made from all over the world, including right across Europe and as far away as Malaysia.
Officers noticed all the victims had used their cards in the Texaco garage, Eastern Road, Portsmouth.
It is thought a card-skimming scam may have been in operation, where fraudsters tamper with credit card machines to copy card details. They then use these to make fake transactions and payments.
At 8am today officers from Fratton CID arrested three men, all from Portsmouth, aged 30, 37 and 39.
They are being held in custody in Portsmouth on suspicion of conspiracy to commit theft.
Detective Constable Jon Knox said: 'There is an ongoing investigation into irregular transactions on people's credit cards. There was a large operation this morning and as a result three people have been arrested.
'The proprietor of the Texaco has been fully co-operative.
'He had aided police in this investigation and he is
not a suspect,' he said.
Anyone with information about the fraud is asked to call police on 0845 045 4545
An extensive investigation into the scam was launched after police received 42 complaints from the public about dodgy transactions appearing on their statements.
MMostMost of the victims had never visited the countries where the transactions took place.
Money had gone from unsuspecting victim's accounts and payments had been made from all over the world, including right across Europe and as far away as Malaysia.
Money had gone from unsuspecting victim's accounts and payments had been made from all over the world, including right across Europe and as far away as Malaysia.
Officers noticed all the victims had used their cards in the Texaco garage, Eastern Road, Portsmouth.
It is thought a card-skimming scam may have been in operation, where fraudsters tamper with credit card machines to copy card details. They then use these to make fake transactions and payments.
At 8am today officers from Fratton CID arrested three men, all from Portsmouth, aged 30, 37 and 39.
They are being held in custody in Portsmouth on suspicion of conspiracy to commit theft.
Detective Constable Jon Knox said: 'There is an ongoing investigation into irregular transactions on people's credit cards. There was a large operation this morning and as a result three people have been arrested.
'The proprietor of the Texaco has been fully co-operative.
'He had aided police in this investigation and he is
not a suspect,' he said.
Anyone with information about the fraud is asked to call police on 0845 045 4545
Chip-based cards may cut into fraud
Credit and debit cards embedded with computer chips have virtually wiped out the kind of security breaches that compromised millions of cards used at Winners and HomeSense stores in Canada, industry officials say. But it will be another three years before the cards are widely available in Canada.
Some Royal Bank Avion cards have embedded chips, but few merchants are equipped to take advantage of the feature. The cards are for the convenience of international travellers.
The first major rollout in Canada of chip-based cards will begin later this year as consumers' existing cards begin expiring, according to Visa Canada. Some Canadian retailers already have the kind of readers required to use the cards, but it will take until 2010 to replace all the millions of cards and card readers in use across Canada.
"It's really a large-scale investment on the part of the payments industry," said Kirkland Morris, assistant vice-president of strategic policy and programs at the Interac Association of Canada.
Interac, which represents debit-card issuers in Canada, along with Visa and MasterCard in Canada are participating in a pilot project this fall in Kitchener-Waterloo to test the cards, as well as the readers and network required for processing.
Countries in Europe and Asia that have adopted chip cards, also called smart cards, say the cost of card fraud has been cut by as much as 80 per cent. "We're really excited about what this is going to do for us," said Gord Jamieson, director of risk management and security for Visa Canada.
Card fraud in Canada is a multi-billion-dollar problem that's growing every year, partly because fraud artists have moved to countries that don't yet have chip technology, Jamieson said. Last year, credit- and debit-card fraud added up to more than $360 million, with credit cards bearing the brunt of the cost and counterfeit cards accounting for most of the crime.
No one is guaranteeing smart cards will end the kind of fraud that occurred after hackers broke into computer at Winners parent TJX Cos. Inc., putting millions of cards at risk.
"We never say chips are impossible to crack," said William Giles, vice-president of advance payments for MasterCard Worldwide. "We're making it so the economics aren't there. If it takes you 20 years to do it, or costs $20,000 to do it, the economics aren't there. You may hear about labs that do attacks on chip cards. They're not economically viable attacks."
The fallout from the security breach at TJX continued last week as bankers in the company's home state of Massachusetts confirmed that a handful of the compromised cards had been used for fraudulent activity. In Canada, the banks say they are monitoring any exposed credit card account numbers but have not seen any suspect transactions so far.
"If we do, we're going to contact those customers right away," said Kelly Hechler, a spokesperson for the Toronto Dominion Bank.
Current security features limit credit-card fraud by making the cards difficult to replicate, said Visa's Jamieson. As well, banks and other card issuers have systems to issue alerts about unusual activity. In addition, Visa's Zero Liability policy means cardholders are protected from the cost of any fraud that occurs on their accounts.
Still, the TJX incident has prompted renewed calls from consumers for tougher protective security measures. The card industry says consumers will get that with the new chip-based cards.
The industry is also implementing two other features to curb fraud. For the first time in Canada, a consumer will have to punch in a personal identification number, or PIN, instead of a signature, to use a credit card. Merchants will also be required to meet tougher standards for the collection and storage of card data.
Though PINs don't eliminate fraud, they do make it more difficult, MasterCard's Giles said.
That security feature saved Canadian debit-card users from being compromised in the TJX breach, because the cards are useless without the PIN, Interac spokesperson Tina Romano said. "Debit cards in Canada were not affected," she said.
That's not the case in the United States, where some debit cards require only a signature.
The payment-card industry is already pressing retailers to meet higher security standards.
"We prohibit the storage of what we call full track data, which is everything that's on the magnetic stripe, including the account information, the expiry date and the CVV," a special security code, said Visa's Jamieson. "Obviously, not everybody adheres to that."
He said 94 per cent of Visa's top merchants in Canada are in the process of ensuring they measure up.
To the consumer, making a purchase with a chip-based credit card will seem fairly familiar. Much like with a debit-card purchase today, the consumer will put a card into a reader. But instead of swiping the card through the reader, the owner will leave the card in place throughout the transaction while punching in the PIN and confirming the purchase.
Behind the scenes, the transaction will look quite different, because the reader can now obtain much of the information it needs directly from the card, including the authenticity of the PIN, instead of retrieving it over the network from the cardholder's financial institution.
As well, the banks can continually upgrade and change the "public and private keys" used to encrypt the cardholders' data.
The cards could also reduce the risk of shopping online, the industry said, if consumers installed card readers at home to communicate with merchants' sites and require PINs before registering payments.
Security isn't the only reason the card industry can't wait to get smart cards into consumers' hands. The cards also open up a whole new window of marketing and promotion opportunities. Smart cards can be loaded, for example, with all the customers' loyalty-program information. Chip cards can be programmed to make small "contactless" payments – over wireless networks that don't require PINs – at such places as fast-food restaurants and transit stations where speed is of the essence.
So, if chip-card technology is so attractive, why is it taking so long to get to Canada, which is known for having a banking industry among the most automated in the world?
Europe got an early start with France adopting its own proprietary system in the 1980s. As fraudulent activity began migrating, France's neighbours had to follow its example to protect themselves.
But an international standard wasn't set up until 1996, said MasterCard's Giles. The fact that the U.S. shows few signs of adopting chip technology anytime soon is also a factor.
"We can't ignore the fact that we share a border with the U.S.," he said. He hopes Canada's decision to forge ahead will help spur on the U.S.
Meanwhile, Visa's Jamieson said, the number of people likely to be defrauded from the TJX security breach will probably be very small compared with the number the company said were compromised. TJX has said the hackers got access to cards used over a long period, including all of 2003 and from last May to December. That could encompass millions of transactions, observers have said.
But those cards and the networks used for processing are loaded with security features that make the cards difficult to replicate and use, he said.
Some Royal Bank Avion cards have embedded chips, but few merchants are equipped to take advantage of the feature. The cards are for the convenience of international travellers.
The first major rollout in Canada of chip-based cards will begin later this year as consumers' existing cards begin expiring, according to Visa Canada. Some Canadian retailers already have the kind of readers required to use the cards, but it will take until 2010 to replace all the millions of cards and card readers in use across Canada.
"It's really a large-scale investment on the part of the payments industry," said Kirkland Morris, assistant vice-president of strategic policy and programs at the Interac Association of Canada.
Interac, which represents debit-card issuers in Canada, along with Visa and MasterCard in Canada are participating in a pilot project this fall in Kitchener-Waterloo to test the cards, as well as the readers and network required for processing.
Countries in Europe and Asia that have adopted chip cards, also called smart cards, say the cost of card fraud has been cut by as much as 80 per cent. "We're really excited about what this is going to do for us," said Gord Jamieson, director of risk management and security for Visa Canada.
Card fraud in Canada is a multi-billion-dollar problem that's growing every year, partly because fraud artists have moved to countries that don't yet have chip technology, Jamieson said. Last year, credit- and debit-card fraud added up to more than $360 million, with credit cards bearing the brunt of the cost and counterfeit cards accounting for most of the crime.
No one is guaranteeing smart cards will end the kind of fraud that occurred after hackers broke into computer at Winners parent TJX Cos. Inc., putting millions of cards at risk.
"We never say chips are impossible to crack," said William Giles, vice-president of advance payments for MasterCard Worldwide. "We're making it so the economics aren't there. If it takes you 20 years to do it, or costs $20,000 to do it, the economics aren't there. You may hear about labs that do attacks on chip cards. They're not economically viable attacks."
The fallout from the security breach at TJX continued last week as bankers in the company's home state of Massachusetts confirmed that a handful of the compromised cards had been used for fraudulent activity. In Canada, the banks say they are monitoring any exposed credit card account numbers but have not seen any suspect transactions so far.
"If we do, we're going to contact those customers right away," said Kelly Hechler, a spokesperson for the Toronto Dominion Bank.
Current security features limit credit-card fraud by making the cards difficult to replicate, said Visa's Jamieson. As well, banks and other card issuers have systems to issue alerts about unusual activity. In addition, Visa's Zero Liability policy means cardholders are protected from the cost of any fraud that occurs on their accounts.
Still, the TJX incident has prompted renewed calls from consumers for tougher protective security measures. The card industry says consumers will get that with the new chip-based cards.
The industry is also implementing two other features to curb fraud. For the first time in Canada, a consumer will have to punch in a personal identification number, or PIN, instead of a signature, to use a credit card. Merchants will also be required to meet tougher standards for the collection and storage of card data.
Though PINs don't eliminate fraud, they do make it more difficult, MasterCard's Giles said.
That security feature saved Canadian debit-card users from being compromised in the TJX breach, because the cards are useless without the PIN, Interac spokesperson Tina Romano said. "Debit cards in Canada were not affected," she said.
That's not the case in the United States, where some debit cards require only a signature.
The payment-card industry is already pressing retailers to meet higher security standards.
"We prohibit the storage of what we call full track data, which is everything that's on the magnetic stripe, including the account information, the expiry date and the CVV," a special security code, said Visa's Jamieson. "Obviously, not everybody adheres to that."
He said 94 per cent of Visa's top merchants in Canada are in the process of ensuring they measure up.
To the consumer, making a purchase with a chip-based credit card will seem fairly familiar. Much like with a debit-card purchase today, the consumer will put a card into a reader. But instead of swiping the card through the reader, the owner will leave the card in place throughout the transaction while punching in the PIN and confirming the purchase.
Behind the scenes, the transaction will look quite different, because the reader can now obtain much of the information it needs directly from the card, including the authenticity of the PIN, instead of retrieving it over the network from the cardholder's financial institution.
As well, the banks can continually upgrade and change the "public and private keys" used to encrypt the cardholders' data.
The cards could also reduce the risk of shopping online, the industry said, if consumers installed card readers at home to communicate with merchants' sites and require PINs before registering payments.
Security isn't the only reason the card industry can't wait to get smart cards into consumers' hands. The cards also open up a whole new window of marketing and promotion opportunities. Smart cards can be loaded, for example, with all the customers' loyalty-program information. Chip cards can be programmed to make small "contactless" payments – over wireless networks that don't require PINs – at such places as fast-food restaurants and transit stations where speed is of the essence.
So, if chip-card technology is so attractive, why is it taking so long to get to Canada, which is known for having a banking industry among the most automated in the world?
Europe got an early start with France adopting its own proprietary system in the 1980s. As fraudulent activity began migrating, France's neighbours had to follow its example to protect themselves.
But an international standard wasn't set up until 1996, said MasterCard's Giles. The fact that the U.S. shows few signs of adopting chip technology anytime soon is also a factor.
"We can't ignore the fact that we share a border with the U.S.," he said. He hopes Canada's decision to forge ahead will help spur on the U.S.
Meanwhile, Visa's Jamieson said, the number of people likely to be defrauded from the TJX security breach will probably be very small compared with the number the company said were compromised. TJX has said the hackers got access to cards used over a long period, including all of 2003 and from last May to December. That could encompass millions of transactions, observers have said.
But those cards and the networks used for processing are loaded with security features that make the cards difficult to replicate and use, he said.
Man allegedly stole $20,000 in electronics through credit card fraud
A Bermuda Dunes man is in jail after police found $20,000 worth of property in his home that he bought with fake credit cards, authorities reported today.
Officers from the La Quinta Police Department responded to an in-progress credit card fraud that occurred Sunday at the La Quinta Circuit City store, according to a news release from the Riverside County Sheriff's Department. Officers determined that a suspect fled prior to the their arrival. Investigators from the Indio Sheriff's Station Investigation Bureau were called and assumed the investigation.
They were able to identify the suspect, Marc Rossworn, 43, from Bermuda Dunes, the release said.
During a consensual search of his residence, all of the property that was bought through the use of fraudulent credit cards was recovered. Additional electronic equipment that was purchased in the City of Palm Desert also was recovered.
The value of the property that was recovered was estimated at $ 20,000.
Investigators arrested and booked Rossworn at the Indio Jail for commercial burglary, receiving stolen property, use of fraudulent credit cards and conspiracy.
His bail was set at $25,000.
Officers from the La Quinta Police Department responded to an in-progress credit card fraud that occurred Sunday at the La Quinta Circuit City store, according to a news release from the Riverside County Sheriff's Department. Officers determined that a suspect fled prior to the their arrival. Investigators from the Indio Sheriff's Station Investigation Bureau were called and assumed the investigation.
They were able to identify the suspect, Marc Rossworn, 43, from Bermuda Dunes, the release said.
During a consensual search of his residence, all of the property that was bought through the use of fraudulent credit cards was recovered. Additional electronic equipment that was purchased in the City of Palm Desert also was recovered.
The value of the property that was recovered was estimated at $ 20,000.
Investigators arrested and booked Rossworn at the Indio Jail for commercial burglary, receiving stolen property, use of fraudulent credit cards and conspiracy.
His bail was set at $25,000.
While most people worry about their credit card information falling into the wrong hands, there is a more ominous problem out there: Identity. Your identity is a collection of information that your doctor, insurance company, bank, credit card companies, employer and others have on file. These companies and people will have your social security number, your address and your date of birth. One misstep by any of these entities and you could be in big trouble.
Once a crook gets your identity, they will usually want to add a new address to your credit. This way they can get the bills for their new credit cards sent to them and not you. They can use your identity and sign up for credit cards without you even knowing it. This was done once to me when they purchased a cell phone in my name. Later they opened up credit card accounts and started charging.
There are several things you should do if your identity has been compromised. You should contact your credit card companies and let them know what happened. They may want to issue you a new credit card with a new number and PIN (Personal Identification Number).
Identity Guard
You will also want to contact the three credit reporting bureaus and place a fraud alert on your credit file. The three companies are Experian, Equifax and Transunion. This will make it hard for the crooks to sign-up for new credit cards with your name on them.
There are two types of alerts to consider. The first is an “Initial Alert” which stays on your credit record for 90 days. You can renew the alert as many times as you want with a simple phone call. Usually when you notify one credit reporting agency they will notify the other two. This will make it nearly impossible for the crooks to open new accounts. I chose to use the “Initial Alert” and called in to extend it several times.
The next alert is called an “Extended Alert”. This will stay on file with the credit reporting agencies for seven years. The “Extended Alert” will allow you to get a copy of your credit report twice. The “Extended Alert” will also remove your name from the pre-screened credit offers marketing lists for a period of five years. Martin Sumner in an article titled “Coping with ID Theft” recommends the seven year “Extended Alert” if your identity has been compromised.
It is a good idea for people to get some sort of credit monitoring service. This type of service will notify you when someone has placed a new address on your account or added a new credit card or loan to your ID. They usually offer free credit reports yearly as well. There are many services available, so you will want to compare prices and features before you decide.
Once a crook gets your identity, they will usually want to add a new address to your credit. This way they can get the bills for their new credit cards sent to them and not you. They can use your identity and sign up for credit cards without you even knowing it. This was done once to me when they purchased a cell phone in my name. Later they opened up credit card accounts and started charging.
There are several things you should do if your identity has been compromised. You should contact your credit card companies and let them know what happened. They may want to issue you a new credit card with a new number and PIN (Personal Identification Number).
Identity Guard
You will also want to contact the three credit reporting bureaus and place a fraud alert on your credit file. The three companies are Experian, Equifax and Transunion. This will make it hard for the crooks to sign-up for new credit cards with your name on them.
There are two types of alerts to consider. The first is an “Initial Alert” which stays on your credit record for 90 days. You can renew the alert as many times as you want with a simple phone call. Usually when you notify one credit reporting agency they will notify the other two. This will make it nearly impossible for the crooks to open new accounts. I chose to use the “Initial Alert” and called in to extend it several times.
The next alert is called an “Extended Alert”. This will stay on file with the credit reporting agencies for seven years. The “Extended Alert” will allow you to get a copy of your credit report twice. The “Extended Alert” will also remove your name from the pre-screened credit offers marketing lists for a period of five years. Martin Sumner in an article titled “Coping with ID Theft” recommends the seven year “Extended Alert” if your identity has been compromised.
It is a good idea for people to get some sort of credit monitoring service. This type of service will notify you when someone has placed a new address on your account or added a new credit card or loan to your ID. They usually offer free credit reports yearly as well. There are many services available, so you will want to compare prices and features before you decide.
Don’t Let Selling Internationally Scare You
Matt Alper launched Copshoes.com three years ago from his living room in San Antonio, Texas. His idea was to sell specialized shoes and boots to police, firemen and security personnel. Now, three years later, he’s moved into his own warehouse, he has 11 employees and 10 percent of his total sales come from outside of the U.S.
“We’ve learned many lessons about selling internationally,” said Alper. “The two primary issues are credit-card fraud and shipping. Any U.S.-based ecommerce business that sells internationally deals with them. It’s not just us.”
Credit Card Pro Offers Fraud Prevention Steps
John Waldron is co-owner of e-onlinedata, inc., a credit-card merchant-account provider. e-onlinedata assists thousands of ecommerce merchants with domestic and overseas credit-card transactions, and he offers the following advice for merchants who wish accept credit-card payments from international customers.
1. Ask customer for fax verification. For suspect orders or large orders, ask the customer to fax the front and back of his credit card as well as a form of identification. This is better than a phone call.
2. Call your credit-card processor. Your credit-card processor has a staff to assist you with questionable orders. Rely on their expertise.
3. Analyze the order, and be skeptical. Why would a customer purchase, for example, 10 routers? Likewise, why would an overseas customer request overnight shipping?
4. Overseas banks are different. Many overseas banks don’t support the card-code verification system, and they can’t verify billing addresses. Be aware, therefore, that these fraud-prevention steps may not help you with cards that have been issued from such banks.
5. Do a BIN look-up. The first six digits of a credit card are called the bank identification number, or BIN. They tell you which bank has issued the credit card. Go to http://all-nettools.com/toolbox,financial, and enter these six digits. If the issuing bank is located in a country that is different from where the order is originating, you should investigate further.
6. Purchase fraud-detection tools. Many credit-card banks and payment gateways offer effective fraud detection tools that are incredibly inexpensive. Use these tools.
Credit-card Fraud Issues
Credit-card fraud occurs when a thief steals a credit-card number (or, purchases a stolen credit-card number) and uses that number to buy legitimate goods and services from an unsuspecting merchant. The merchant will not get paid for the merchandise, but he’ll have to pay the credit card fees and he’ll lose the merchandise because he’s shipped it to the thief. This type of fraud happens every day, and everyone agrees ecommerce merchants selling products internationally are especially vulnerable. That’s because many developing and Third-World countries do not and cannot properly police these thieves and, moreover, the market for buying and selling stolen credit-card numbers is largely outside of U.S. boundaries.
U.S.-based ecommerce merchants who sell products internationally quickly learn these lessons and take appropriate precautions. Ben Boxall is president of VR3 Wholesale, a Los Angeles-based importer, wholesaler and retailer of aftermarket automotive products. Boxall’s company sells its products through several ecommerce sites (vr-3.com, vr3wholesale.com and roadmasterusa.com) it owns and operates.
“We export roughly 1,200 orders a week outside of the U.S.,” says Boxall. “And we’ve learned many credit-card fraud precautions. For one, there are certain countries that we simply will not ship orders to because we’ve received too many fraudulent cards from them. These countries include Latvia, Nigeria, Czech Republic and many others.”
“Second, we individually review each order over $250. We call every customer who placed that order unless it’s a repeat customer who’s previously been approved by us. For our company, we’ve found that fraudulent orders are generally greater than $250 each.”
Boxall continues, “We have other checks, too. We never ship to a post office box. We always compare the credit card billing address to the shipping address. And, we have what I call our ‘too-good-to-be-true rule.’ That is, if an order arrives that’s too good or simply doesn’t look right, we’ll refund the credit-card charge and reject the order. That probably cost us some legitimate business, but it also prevents us from losing money from stolen credit cards.”
AdvertisementStarCom (NetSol)
Copshoes.com’s Alper will not ship to Venezuela, Indonesia or Nigeria, among other countries. “I once shipped goods to Indonesia that were, as it turns out, purchased with a stolen credit card,” says Alper. “I got so angry that I called the Indonesian embassy in Washington, D.C. It was unbelievable. They told me they couldn’t help because the Indonesian national broke no Indonesian law since it was a stolen American card. So I learned a lesson there.”
Alper agrees with Boxall that an experienced merchant can frequently detect fraudulent orders. Alper says that sudden orders from a single country will raise concerns, as will large purchase amounts and orders with multiple quantities of the same product.
Shipping Hurdles
But credit-card fraud is not the only concern for merchants who sell internationally. How to ship the products, many experienced merchants say, is the other primary issue.
Mark Romero is co-owner of Siamese Dream, a California-based retailer of clothing and gift items. Romero launched the business in 1998 as a brick-and-mortar operation, and he created Siamese-dream.com, its ecommerce site, in 1999. The business has five employees in addition to Romero, and roughly 7 percent of overall sales are outside of the U.S.
“We’ve shipped products to 19 different countries,” says Romero. “We’ve found that sending these via the United States Postal Service works best. It’s far cheaper for us than using, say, UPS or FedEx. And, we’ve found the shipments seem to clear the overseas customs process better using USPS than the other carriers.”
Many merchants agree USPS is less expensive for smaller international packages than private carriers such as UPS and FedEx. But, these merchants say, there are drawbacks. For one, merchants cannot track an international package using USPS, but they can track it using private carriers. Second, the USPS coordinates its international shipments with the postal services of recipient countries and, depending on the country, the local postal service may be unreliable.
“You learn,” says Copshoes.com’s Alper, “which countries have good postal services and which do not. Canada, England, Greece and others are quite good. But China’s postal service, for example, is terrible.”
“Lots of international customers don’t understand how expensive shipping can be,” said Romero. “It can be a material portion of the purchase and we are careful to find the least expensive shipping option for them.”
Alper has installed a shipping calculator on his site to assist his international customers determine the shipping cost. He uses the USPS for his international shipments. “The USPS is by far the cheapest, but the lack of tracking can be a problem. Also, if a package is lost, you are frequently dealing with local, overseas postal services. That can be a real hassle.”
VR3’s Boxall agrees that, for smaller packages, the USPS is the cheapest. But for cartons and pallets of goods, Boxall says that he uses UPS. “The UPS provides very helpful information for international shipments,” said Boxall. “I’d encourage merchants to visit both the UPS website and the USPS site. They have lots of advice to help with overseas shipments.”
Boxall also relies on his order-management software to help manage international shipments. Says Boxall, “We use Interapptive’s ShipWorks software to manage all of our orders, including international ones. It’s incredibly helpful. It sorts between domestic and international orders and it automatically prints shipping labels and customs forms — saves us tons of time.”
For ecommerce merchants who ship with the USPS, Boxall offers this advice. “You can negotiate volume discounts with the postal service for certain types of shipments. Many folks don’t realize that. Also, we use boxes and forms supplied by the postal service, which reduces our costs. Because of our volume, the postal service has even agreed to customize boxes for us with our VR3 logo for no additional cost. “
All three merchants have learned valuable lessons about international sales in addition to credit-card fraud and shipping matters. “Toll free numbers don’t work overseas,” says Copshoes.com’s Alper. “Selling products in local currencies can increase your profit margin,” says VR3’s Boxall. “Make sure the customer realizes he’s responsible for import tariffs and customs’ fees,” says Siamese Dream’s Romero.
The three merchants also agree that, in the end, the extra effort is worth it. “It’s far too big of a market to ignore,” said Matt Alper. “It’s profitable business for us, international customers tend to be repeat buyers, and it’s a segment of our business that we hope to grow.”
“We’ve learned many lessons about selling internationally,” said Alper. “The two primary issues are credit-card fraud and shipping. Any U.S.-based ecommerce business that sells internationally deals with them. It’s not just us.”
Credit Card Pro Offers Fraud Prevention Steps
John Waldron is co-owner of e-onlinedata, inc., a credit-card merchant-account provider. e-onlinedata assists thousands of ecommerce merchants with domestic and overseas credit-card transactions, and he offers the following advice for merchants who wish accept credit-card payments from international customers.
1. Ask customer for fax verification. For suspect orders or large orders, ask the customer to fax the front and back of his credit card as well as a form of identification. This is better than a phone call.
2. Call your credit-card processor. Your credit-card processor has a staff to assist you with questionable orders. Rely on their expertise.
3. Analyze the order, and be skeptical. Why would a customer purchase, for example, 10 routers? Likewise, why would an overseas customer request overnight shipping?
4. Overseas banks are different. Many overseas banks don’t support the card-code verification system, and they can’t verify billing addresses. Be aware, therefore, that these fraud-prevention steps may not help you with cards that have been issued from such banks.
5. Do a BIN look-up. The first six digits of a credit card are called the bank identification number, or BIN. They tell you which bank has issued the credit card. Go to http://all-nettools.com/toolbox,financial, and enter these six digits. If the issuing bank is located in a country that is different from where the order is originating, you should investigate further.
6. Purchase fraud-detection tools. Many credit-card banks and payment gateways offer effective fraud detection tools that are incredibly inexpensive. Use these tools.
Credit-card Fraud Issues
Credit-card fraud occurs when a thief steals a credit-card number (or, purchases a stolen credit-card number) and uses that number to buy legitimate goods and services from an unsuspecting merchant. The merchant will not get paid for the merchandise, but he’ll have to pay the credit card fees and he’ll lose the merchandise because he’s shipped it to the thief. This type of fraud happens every day, and everyone agrees ecommerce merchants selling products internationally are especially vulnerable. That’s because many developing and Third-World countries do not and cannot properly police these thieves and, moreover, the market for buying and selling stolen credit-card numbers is largely outside of U.S. boundaries.
U.S.-based ecommerce merchants who sell products internationally quickly learn these lessons and take appropriate precautions. Ben Boxall is president of VR3 Wholesale, a Los Angeles-based importer, wholesaler and retailer of aftermarket automotive products. Boxall’s company sells its products through several ecommerce sites (vr-3.com, vr3wholesale.com and roadmasterusa.com) it owns and operates.
“We export roughly 1,200 orders a week outside of the U.S.,” says Boxall. “And we’ve learned many credit-card fraud precautions. For one, there are certain countries that we simply will not ship orders to because we’ve received too many fraudulent cards from them. These countries include Latvia, Nigeria, Czech Republic and many others.”
“Second, we individually review each order over $250. We call every customer who placed that order unless it’s a repeat customer who’s previously been approved by us. For our company, we’ve found that fraudulent orders are generally greater than $250 each.”
Boxall continues, “We have other checks, too. We never ship to a post office box. We always compare the credit card billing address to the shipping address. And, we have what I call our ‘too-good-to-be-true rule.’ That is, if an order arrives that’s too good or simply doesn’t look right, we’ll refund the credit-card charge and reject the order. That probably cost us some legitimate business, but it also prevents us from losing money from stolen credit cards.”
AdvertisementStarCom (NetSol)
Copshoes.com’s Alper will not ship to Venezuela, Indonesia or Nigeria, among other countries. “I once shipped goods to Indonesia that were, as it turns out, purchased with a stolen credit card,” says Alper. “I got so angry that I called the Indonesian embassy in Washington, D.C. It was unbelievable. They told me they couldn’t help because the Indonesian national broke no Indonesian law since it was a stolen American card. So I learned a lesson there.”
Alper agrees with Boxall that an experienced merchant can frequently detect fraudulent orders. Alper says that sudden orders from a single country will raise concerns, as will large purchase amounts and orders with multiple quantities of the same product.
Shipping Hurdles
But credit-card fraud is not the only concern for merchants who sell internationally. How to ship the products, many experienced merchants say, is the other primary issue.
Mark Romero is co-owner of Siamese Dream, a California-based retailer of clothing and gift items. Romero launched the business in 1998 as a brick-and-mortar operation, and he created Siamese-dream.com, its ecommerce site, in 1999. The business has five employees in addition to Romero, and roughly 7 percent of overall sales are outside of the U.S.
“We’ve shipped products to 19 different countries,” says Romero. “We’ve found that sending these via the United States Postal Service works best. It’s far cheaper for us than using, say, UPS or FedEx. And, we’ve found the shipments seem to clear the overseas customs process better using USPS than the other carriers.”
Many merchants agree USPS is less expensive for smaller international packages than private carriers such as UPS and FedEx. But, these merchants say, there are drawbacks. For one, merchants cannot track an international package using USPS, but they can track it using private carriers. Second, the USPS coordinates its international shipments with the postal services of recipient countries and, depending on the country, the local postal service may be unreliable.
“You learn,” says Copshoes.com’s Alper, “which countries have good postal services and which do not. Canada, England, Greece and others are quite good. But China’s postal service, for example, is terrible.”
“Lots of international customers don’t understand how expensive shipping can be,” said Romero. “It can be a material portion of the purchase and we are careful to find the least expensive shipping option for them.”
Alper has installed a shipping calculator on his site to assist his international customers determine the shipping cost. He uses the USPS for his international shipments. “The USPS is by far the cheapest, but the lack of tracking can be a problem. Also, if a package is lost, you are frequently dealing with local, overseas postal services. That can be a real hassle.”
VR3’s Boxall agrees that, for smaller packages, the USPS is the cheapest. But for cartons and pallets of goods, Boxall says that he uses UPS. “The UPS provides very helpful information for international shipments,” said Boxall. “I’d encourage merchants to visit both the UPS website and the USPS site. They have lots of advice to help with overseas shipments.”
Boxall also relies on his order-management software to help manage international shipments. Says Boxall, “We use Interapptive’s ShipWorks software to manage all of our orders, including international ones. It’s incredibly helpful. It sorts between domestic and international orders and it automatically prints shipping labels and customs forms — saves us tons of time.”
For ecommerce merchants who ship with the USPS, Boxall offers this advice. “You can negotiate volume discounts with the postal service for certain types of shipments. Many folks don’t realize that. Also, we use boxes and forms supplied by the postal service, which reduces our costs. Because of our volume, the postal service has even agreed to customize boxes for us with our VR3 logo for no additional cost. “
All three merchants have learned valuable lessons about international sales in addition to credit-card fraud and shipping matters. “Toll free numbers don’t work overseas,” says Copshoes.com’s Alper. “Selling products in local currencies can increase your profit margin,” says VR3’s Boxall. “Make sure the customer realizes he’s responsible for import tariffs and customs’ fees,” says Siamese Dream’s Romero.
The three merchants also agree that, in the end, the extra effort is worth it. “It’s far too big of a market to ignore,” said Matt Alper. “It’s profitable business for us, international customers tend to be repeat buyers, and it’s a segment of our business that we hope to grow.”
Credit scam hits Adams couple
Pamela Ginter is pretty vigilant about reviewing her bank statement when it arrives in the mail. But last month she was busy with the holidays and a new grandchild's arrival.
"The bank business got put off a couple weeks," the Mount Pleasant Township resident said.
But when she finally got around to looking at her statement, she noticed something odd: three transactions she didn't recognize.
"My first thought was, 'what on earth did my husband buy?'" she said. "Then I realized that É this wasn't right, we had never made these charges."
The Ginters are victims in part of a nationwide debit and credit card fraud case, according to Pennsylvania State Police in Gettysburg.
In Ginter's case, charges of $74.95, $69.95 and $14.95 appeared on her bank statement from a company called "LEANRX," according to police. The charges are for "LEANRX," "XtremeBurn" and "DreamSmile." Ginter said she learned online that the products are diet pills.
An Internet search for the company name leads to several consumer affairs Web sites containing complaints about fraudulent charges.
Trooper Scott Denisch said that hundreds of people in nearly every state have received the same fake charges, in the same time frame, with the same amounts and company names as Ginter.
Police aren't sure how the company is obtaining people's account numbers, Denisch said. Phone numbers for the business lead nowhere, he said.
Internet crimes are "logistically hard to follow up on and prosecute," he said. Police advise possible victims of such fraud to contact the Pennsylvania attorney general's office, because more complaints will likely speed action, he said.
Ginter called her bank when she found the transactions and the bank advised her to call police. No one is sure how the company got her account number, she said.
"I do quite a bit of Internet shopping," she said. But she's "so paranoid" about doing that so she's extra careful to only use secure Web sites.
Online shoppers should make sure they're only making transactions through a server they're confident in, Denisch said, and consumers should also check their bank statements regularly to watch for false charges.
Ginter said the experience hasn't scared her away from online shopping.
"I will be even more vigilant about checking the bank statement. That's the best defense," she said. "If anyone really wants this information, they're going to get it. É The convenience of using the Internet, for me, outweighs the risks."
"The bank business got put off a couple weeks," the Mount Pleasant Township resident said.
But when she finally got around to looking at her statement, she noticed something odd: three transactions she didn't recognize.
"My first thought was, 'what on earth did my husband buy?'" she said. "Then I realized that É this wasn't right, we had never made these charges."
The Ginters are victims in part of a nationwide debit and credit card fraud case, according to Pennsylvania State Police in Gettysburg.
In Ginter's case, charges of $74.95, $69.95 and $14.95 appeared on her bank statement from a company called "LEANRX," according to police. The charges are for "LEANRX," "XtremeBurn" and "DreamSmile." Ginter said she learned online that the products are diet pills.
An Internet search for the company name leads to several consumer affairs Web sites containing complaints about fraudulent charges.
Trooper Scott Denisch said that hundreds of people in nearly every state have received the same fake charges, in the same time frame, with the same amounts and company names as Ginter.
Police aren't sure how the company is obtaining people's account numbers, Denisch said. Phone numbers for the business lead nowhere, he said.
Internet crimes are "logistically hard to follow up on and prosecute," he said. Police advise possible victims of such fraud to contact the Pennsylvania attorney general's office, because more complaints will likely speed action, he said.
Ginter called her bank when she found the transactions and the bank advised her to call police. No one is sure how the company got her account number, she said.
"I do quite a bit of Internet shopping," she said. But she's "so paranoid" about doing that so she's extra careful to only use secure Web sites.
Online shoppers should make sure they're only making transactions through a server they're confident in, Denisch said, and consumers should also check their bank statements regularly to watch for false charges.
Ginter said the experience hasn't scared her away from online shopping.
"I will be even more vigilant about checking the bank statement. That's the best defense," she said. "If anyone really wants this information, they're going to get it. É The convenience of using the Internet, for me, outweighs the risks."
How to...Prevent IDTheft
• Don't leave mail in your residential mailbox.
• Don't store personal information or account numbers on computers with modems.
• Don't carry your Social Security number, other personal information or account numbers in your wallet or purse.
• Take ATM, credit card and other receipts with you, and either save them in a safe place or destroy them.
• Shred documents that could contain personal information.
• Don't give any part of your Social Security number or personal account numbers over the phone, through the mail or over the Internet unless you know who you are dealing with.
• Never click on links sent in unsolicited e-mails.
• Don't use obvious passwords like your birth date, your mother's maiden name or the last four digits of your Social Security number.
• Never put your account number on an envelope or a postcard.
• Keep a record of your credit card numbers, their expiration dates and the telephone numbers of each company for reporting losses.
• Open billing statements promptly and compare them with your receipts. Report any mistakes in writing immediately.
DETECT ID THEFT
Be alert to signs of suspicious activity, such as:
• Bills that do not arrive as expected
• Bills and other accounts that have purchases you did not make
• Unexpected credit cards or account statements
• Denials of credit for no apparent reason
• Calls or letters about purchases you did not make
Inspect your credit report.
The law requires the three major national consumer reporting companies -- Equifax, Experian and TransUnion -- to give you a copy of your credit report each year if you ask for it.
IF YOU SUSPECT IDENTITY THEFT
• File a police report immediately.
• Cancel credit cards and get new cards with new account numbers. (Federal and state law limit your responsibility to the first $50.)
• Report missing cards to the three major credit reporting services.
• Place a "fraud alert" on your credit reports and review them carefully. Placing a fraud alert entitles you to free copies of your report. A call to one of the companies is sufficient.
• Call the security or fraud departments of each credit card company where an account was opened or changed without your approval. Follow in writing with copies of supporting documents.
• Ask for verification that the disputed account has been closed and the fraudulent debits discharged.
• Keep copies of documents and records of your conversations about the theft.
• Report the loss to your bank. Cancel checking and savings accounts and open new ones. Stop payment on all outstanding checks.
• Get a new ATM card, account number, PIN and online password.
• Call your utilities, including the phone company. Inform them someone may try to get new service using your identification.
• Report a missing driver's license to the Kansas Division of Motor Vehicles and get a new driver's license.
• Report the theft to the Federal Trade Commission to help law enforcement officials across the country investigate. Contact the FTC at 877-ID-THEFT (438-4338), online at ftc.gov/idtheft, or by mail at Identity Theft Clearinghouse, Federal Trade Commission, Washington, DC 20580.
• Don't store personal information or account numbers on computers with modems.
• Don't carry your Social Security number, other personal information or account numbers in your wallet or purse.
• Take ATM, credit card and other receipts with you, and either save them in a safe place or destroy them.
• Shred documents that could contain personal information.
• Don't give any part of your Social Security number or personal account numbers over the phone, through the mail or over the Internet unless you know who you are dealing with.
• Never click on links sent in unsolicited e-mails.
• Don't use obvious passwords like your birth date, your mother's maiden name or the last four digits of your Social Security number.
• Never put your account number on an envelope or a postcard.
• Keep a record of your credit card numbers, their expiration dates and the telephone numbers of each company for reporting losses.
• Open billing statements promptly and compare them with your receipts. Report any mistakes in writing immediately.
DETECT ID THEFT
Be alert to signs of suspicious activity, such as:
• Bills that do not arrive as expected
• Bills and other accounts that have purchases you did not make
• Unexpected credit cards or account statements
• Denials of credit for no apparent reason
• Calls or letters about purchases you did not make
Inspect your credit report.
The law requires the three major national consumer reporting companies -- Equifax, Experian and TransUnion -- to give you a copy of your credit report each year if you ask for it.
IF YOU SUSPECT IDENTITY THEFT
• File a police report immediately.
• Cancel credit cards and get new cards with new account numbers. (Federal and state law limit your responsibility to the first $50.)
• Report missing cards to the three major credit reporting services.
• Place a "fraud alert" on your credit reports and review them carefully. Placing a fraud alert entitles you to free copies of your report. A call to one of the companies is sufficient.
• Call the security or fraud departments of each credit card company where an account was opened or changed without your approval. Follow in writing with copies of supporting documents.
• Ask for verification that the disputed account has been closed and the fraudulent debits discharged.
• Keep copies of documents and records of your conversations about the theft.
• Report the loss to your bank. Cancel checking and savings accounts and open new ones. Stop payment on all outstanding checks.
• Get a new ATM card, account number, PIN and online password.
• Call your utilities, including the phone company. Inform them someone may try to get new service using your identification.
• Report a missing driver's license to the Kansas Division of Motor Vehicles and get a new driver's license.
• Report the theft to the Federal Trade Commission to help law enforcement officials across the country investigate. Contact the FTC at 877-ID-THEFT (438-4338), online at ftc.gov/idtheft, or by mail at Identity Theft Clearinghouse, Federal Trade Commission, Washington, DC 20580.
Mesa No. 3 for ID theft rate; Employment fraud high
Arizona has the highest rate of identity theft in the nation and Mesa is one of the top cities in the state for identity theft, according to Arizona Attorney General Terry Goddard.
In the Federal Trade Commission’s annual report released Jan. 25 detailing identity theft in 2005, Arizona had the most victims per 100,000 than any other state with 9,320 cases. Mesa ranked No. 3 in the top 5 cities for identity theft in Arizona in 2005 with 745 victims. Gilbert did not rank in the top cities, but Chandler made No. 5 with 342 victims.
The FTC found 34 percent of Arizona’s 9,320 reported identity theft cases were employment related fraud. The second highest, 23 percent, of the cases were categorized as “other identity theft” and the third highest was credit card fraud at 18 percent. “Other identity theft” includes: evasion of legal sanctions; internet/e-mail; medical; apartment/house rented; insurance; property rental fraud; bankruptcy; child support; magazines; and securities and other investments.
Sgt. Mike Goulet of Mesa Police Department’s Document Crimes Unit said the department does not keep statistics on identity theft specifically, but he informally tracks the crimes.
“I would say I’m getting 50-60 cases per month,” Sgt. Goulet said.
He noted that figure includes cases where the crime is in Mesa, as well as cases where the victim is in Mesa, but their identity is being used in other states.
The U.S. Department of Justice’s definition of identity theft is when someone wrongfully obtains and uses another person’s personal data in some way that involves fraud or deception, typically for economic gain.
While the Mesa Police Department has not determined trends in Mesa’s identity theft cases, Sgt. Goulet said he has seen a lot of cases originating from vehicle burglaries.
“People leave personal items in vehicles, such as briefcases and purses. There’s so much information about everyone out there. Don’t leave anything in your vehicle like that,” Sgt. Goulet said.
Sgt. Goulet sees employment-related and Internet fraud frequently as well. While credit card fraud was almost 10 percent lower than the national average in Arizona in the FTC’s annual report, the state’s employment-related fraud was nearly three times higher than the national average.
“Social Security numbers are used by somebody getting employment. I see that occurring all over,” Sgt. Goulet said. “Some cases we also get occur over the Internet. Individuals are contacted by someone they think is their bank and they reveal passwords and pin numbers. People should never do that.”
Vickie Owen, crime prevention specialist with the Gilbert Police Department, said stolen computers are also a way thieves steal identities.
“I tell people to use the metal plumber’s tape to secure their computers to the floor. This makes them harder to take and acts as a deterrent,” Officer Owen said.
She also said encryption programs help protect sensitive information on the computer.
According to Officer Owen, the biggest identity theft issues in Gilbert are mail theft and credit card fraud.
“Those are always in the forefront here,” Officer Owen said. “With credit card slips, some places still have the full credit card numbers on the receipts. You don’t want to throw those away. Shred them.”
Officer Owen said the same goes with Social Security numbers on business documents.
Gilbert Police Department frequently works with the Country Attorney’s Office to offer presentations on identity theft. Officer Owen said the County Attorney Office’s upcoming East Valley Neighborhood Summit at 7:30 a.m. Saturday, March 10 at Mesa’s Word of Grace Church, 655 E. University Drive, will feature a presentation on ID theft. People can register online at www.mcaoconference.com or by calling 602-506-5754.
The Federal Trade Commission estimates as many as 9 million Americans have their identities stolen each year.
According to the U.S. Department of Justice, most people do not realize how easily criminals can obtain personal information without having to break into someone’s home. Listening in on telephone conversations in public places; looking over one’s shoulder when making purchases or withdrawing money; “dumpster diving” for statements with a person’s name, address and telephone number; and using e-mail or the Internet to obtain information are some of the most common ways identity thieves obtain information.
Sgt. Goulet recommends avoiding check fraud by using post office drop boxes when mailing checks.
Identity Theft was officially recognized as a federal offense in 1998, when Congress passed the Identity Theft and Assumption Deterrence Act. This act essentially states that identity theft crimes carry a maximum term of 15 years in prison, plus fines.
In the Federal Trade Commission’s annual report released Jan. 25 detailing identity theft in 2005, Arizona had the most victims per 100,000 than any other state with 9,320 cases. Mesa ranked No. 3 in the top 5 cities for identity theft in Arizona in 2005 with 745 victims. Gilbert did not rank in the top cities, but Chandler made No. 5 with 342 victims.
The FTC found 34 percent of Arizona’s 9,320 reported identity theft cases were employment related fraud. The second highest, 23 percent, of the cases were categorized as “other identity theft” and the third highest was credit card fraud at 18 percent. “Other identity theft” includes: evasion of legal sanctions; internet/e-mail; medical; apartment/house rented; insurance; property rental fraud; bankruptcy; child support; magazines; and securities and other investments.
Sgt. Mike Goulet of Mesa Police Department’s Document Crimes Unit said the department does not keep statistics on identity theft specifically, but he informally tracks the crimes.
“I would say I’m getting 50-60 cases per month,” Sgt. Goulet said.
He noted that figure includes cases where the crime is in Mesa, as well as cases where the victim is in Mesa, but their identity is being used in other states.
The U.S. Department of Justice’s definition of identity theft is when someone wrongfully obtains and uses another person’s personal data in some way that involves fraud or deception, typically for economic gain.
While the Mesa Police Department has not determined trends in Mesa’s identity theft cases, Sgt. Goulet said he has seen a lot of cases originating from vehicle burglaries.
“People leave personal items in vehicles, such as briefcases and purses. There’s so much information about everyone out there. Don’t leave anything in your vehicle like that,” Sgt. Goulet said.
Sgt. Goulet sees employment-related and Internet fraud frequently as well. While credit card fraud was almost 10 percent lower than the national average in Arizona in the FTC’s annual report, the state’s employment-related fraud was nearly three times higher than the national average.
“Social Security numbers are used by somebody getting employment. I see that occurring all over,” Sgt. Goulet said. “Some cases we also get occur over the Internet. Individuals are contacted by someone they think is their bank and they reveal passwords and pin numbers. People should never do that.”
Vickie Owen, crime prevention specialist with the Gilbert Police Department, said stolen computers are also a way thieves steal identities.
“I tell people to use the metal plumber’s tape to secure their computers to the floor. This makes them harder to take and acts as a deterrent,” Officer Owen said.
She also said encryption programs help protect sensitive information on the computer.
According to Officer Owen, the biggest identity theft issues in Gilbert are mail theft and credit card fraud.
“Those are always in the forefront here,” Officer Owen said. “With credit card slips, some places still have the full credit card numbers on the receipts. You don’t want to throw those away. Shred them.”
Officer Owen said the same goes with Social Security numbers on business documents.
Gilbert Police Department frequently works with the Country Attorney’s Office to offer presentations on identity theft. Officer Owen said the County Attorney Office’s upcoming East Valley Neighborhood Summit at 7:30 a.m. Saturday, March 10 at Mesa’s Word of Grace Church, 655 E. University Drive, will feature a presentation on ID theft. People can register online at www.mcaoconference.com or by calling 602-506-5754.
The Federal Trade Commission estimates as many as 9 million Americans have their identities stolen each year.
According to the U.S. Department of Justice, most people do not realize how easily criminals can obtain personal information without having to break into someone’s home. Listening in on telephone conversations in public places; looking over one’s shoulder when making purchases or withdrawing money; “dumpster diving” for statements with a person’s name, address and telephone number; and using e-mail or the Internet to obtain information are some of the most common ways identity thieves obtain information.
Sgt. Goulet recommends avoiding check fraud by using post office drop boxes when mailing checks.
Identity Theft was officially recognized as a federal offense in 1998, when Congress passed the Identity Theft and Assumption Deterrence Act. This act essentially states that identity theft crimes carry a maximum term of 15 years in prison, plus fines.
Thief takes judge’s card for a joyride
Police charged a Fort Wayne woman Monday with racking up nearly $2,000 worth of charges on an Allen Superior Court judge’s stolen credit card.
Barbara Ann Evans, 39, of the 3000 block of Woodrow Avenue, is charged with two counts of forgery, two counts of credit card fraud, three counts of receiving stolen property and one count of check fraud.
According to court documents, Evans is accused of running up charges using the stolen credit cards and checks of Allen Superior Court Judge Kenneth Scheibenberger and his wife, Susan.
Susan Scheibenberger, who works as a home health care nurse, was working at a patient’s home Dec. 17 when family members and their friends distracted her while they took her car keys and stole her wallet out of her purse in her car, Kenneth Scheibenberger said.
They returned her keys as if she had just misplaced them, and Susan Scheibenberger didn’t notice until later that her wallet had been stolen, he said.
Police said Evans purchased $1,178.51 worth of merchandise that same day using Kenneth Scheibenberger’s Macy’s credit card, according to court documents.
Kenneth Scheibenberger said the thief also spent $200 at a gas station and about $500 at a J.C. Penney.
That same day, the Scheibenbergers told police someone had tried to cash one of Susan Scheibenberger’s checks at a Pizza Hut, even presenting Susan Scheibenberger’s driver’s license. The manger refused to accept the check, but kept the driver’s license and later returned it to Susan Scheibenberger.
As police showed the Pizza Hut manager photos from Macy’s, another employee identified Evans.
Evans tried to pass a fake payroll check using Susan Scheibenberger’s check card at White Swan Supermarket on Jan. 14, according to court documents. The store’s managers told police they recognized the check as a fake and denied the transaction.
Evans was arrested Friday on unrelated charges of forgery and receiving stolen property after police said she tried to cash a stolen check.
She has prior convictions for forgery and receiving stolen property.
Barbara Ann Evans, 39, of the 3000 block of Woodrow Avenue, is charged with two counts of forgery, two counts of credit card fraud, three counts of receiving stolen property and one count of check fraud.
According to court documents, Evans is accused of running up charges using the stolen credit cards and checks of Allen Superior Court Judge Kenneth Scheibenberger and his wife, Susan.
Susan Scheibenberger, who works as a home health care nurse, was working at a patient’s home Dec. 17 when family members and their friends distracted her while they took her car keys and stole her wallet out of her purse in her car, Kenneth Scheibenberger said.
They returned her keys as if she had just misplaced them, and Susan Scheibenberger didn’t notice until later that her wallet had been stolen, he said.
Police said Evans purchased $1,178.51 worth of merchandise that same day using Kenneth Scheibenberger’s Macy’s credit card, according to court documents.
Kenneth Scheibenberger said the thief also spent $200 at a gas station and about $500 at a J.C. Penney.
That same day, the Scheibenbergers told police someone had tried to cash one of Susan Scheibenberger’s checks at a Pizza Hut, even presenting Susan Scheibenberger’s driver’s license. The manger refused to accept the check, but kept the driver’s license and later returned it to Susan Scheibenberger.
As police showed the Pizza Hut manager photos from Macy’s, another employee identified Evans.
Evans tried to pass a fake payroll check using Susan Scheibenberger’s check card at White Swan Supermarket on Jan. 14, according to court documents. The store’s managers told police they recognized the check as a fake and denied the transaction.
Evans was arrested Friday on unrelated charges of forgery and receiving stolen property after police said she tried to cash a stolen check.
She has prior convictions for forgery and receiving stolen property.
Woman arraigned on credit card fraud
A local woman was arraigned on Monday in Bennington District Court on charges she fraudulently used a credit card belonging to Hoosick Falls, N.Y., Mayor Laura Reynolds.
Charlotte Rogers, 61, of Rich Lane, North Bennington, pleaded not guilty to two counts of fraudulent credit card use greater than $50, and seven counts of fraudulent credit card use less than $50. According to an affidavit filed by Bennington Police Department Officer David Rowland, the department was contacted by the Hoosick Falls Police Department regarding the use of a stolen credit card. According to police, Reynolds had reported that her purse and wallet were stolen from a restaurant in Hoosick Falls.
Although the card was stolen in Hoosick Falls, the card was being used in Bennington stores, including Hannaford, CVS, Kmart and Wal-mart. The total amount of the charges was around $391.
One of the store employees allegedly identified Rogers as the customer for those transactions. According to police, when they entered Rogers' residence, they found the missing wallet with the credit cards inside.
Reynolds praised the work of the police. "The Hoosick Falls
Advertisement
Click Here!
police worked very well with the Bennington police," Reynolds said. "They did a great job."
Reynolds recommended that those who find themselves in a similar situation go to the police, because the police may be able to track the usage of the credit card and find those responsible.
Charlotte Rogers, 61, of Rich Lane, North Bennington, pleaded not guilty to two counts of fraudulent credit card use greater than $50, and seven counts of fraudulent credit card use less than $50. According to an affidavit filed by Bennington Police Department Officer David Rowland, the department was contacted by the Hoosick Falls Police Department regarding the use of a stolen credit card. According to police, Reynolds had reported that her purse and wallet were stolen from a restaurant in Hoosick Falls.
Although the card was stolen in Hoosick Falls, the card was being used in Bennington stores, including Hannaford, CVS, Kmart and Wal-mart. The total amount of the charges was around $391.
One of the store employees allegedly identified Rogers as the customer for those transactions. According to police, when they entered Rogers' residence, they found the missing wallet with the credit cards inside.
Reynolds praised the work of the police. "The Hoosick Falls
Advertisement
Click Here!
police worked very well with the Bennington police," Reynolds said. "They did a great job."
Reynolds recommended that those who find themselves in a similar situation go to the police, because the police may be able to track the usage of the credit card and find those responsible.
Phone Scam Offering Great Rates On Visa Card Targets P.E.Islanders
City Police are advising the public to be on guard against a possible fraud attempt by someone claiming to be a representative of credit card giant Visa.
Constable Gary Clow said Tuesday at least one city resident has received a call from the party in question.
"This person called from the 712 area code in Iowa, said they were from Visa and proceeded to offer the recipient of the call a lower interest rate on their Visa card," Clow said. "They then proceeded to ask for personal banking information."
Clow said police contacted Visa and officials of the credit card company said Visa does not solicit personal banking information over the telephone.
"This is clearly a scam," Clow said.
"Somebody just wants access to your personal information. Anyone who gets a call like this should refuse to provide that information, hang up and call police."
Constable Gary Clow said Tuesday at least one city resident has received a call from the party in question.
"This person called from the 712 area code in Iowa, said they were from Visa and proceeded to offer the recipient of the call a lower interest rate on their Visa card," Clow said. "They then proceeded to ask for personal banking information."
Clow said police contacted Visa and officials of the credit card company said Visa does not solicit personal banking information over the telephone.
"This is clearly a scam," Clow said.
"Somebody just wants access to your personal information. Anyone who gets a call like this should refuse to provide that information, hang up and call police."
How to protect yourself from ID fraud
Figures released last week show one Briton in five thinks they have been a victim of identity crime, and this figure is only set to increase as millions more leave themselves vulnerable to criminals.
Identity fraud is when criminals impersonate someone, using their victim's personal details to take out or get access to credit cards, loans, and other financial products in their name.
For example, bank statements and credit card bills fraudsters find in a bin could be used to get access to a customer's bank account or to take out a loan in that person's name.
But despite the risks, one Briton in three admits to throwing away personal documents such as bank statements and receipts without shredding or destroying them, one person in four does not routinely check bank statements for unfamiliar transactions and almost half of us use the same pin and password across different accounts.
And despite the increased risk of identity theft, four Britons in five have never requested a copy of their credit file. This file holds your credit history and is an easy way to check if credit has been taken out in your name by someone else.
"We are living in an age where protecting your personal information has never been so important," said David Smith, deputy commissioner at the Information Commissioner’s Office (ICO).
"Almost every day we give out our personal details which can leave us open to identity theft, unwanted marketing and a loss of privacy."
In response to this danger, the ICO has produced a top ten list of tips to keeping your identity safe from fraudsters and released a new toolkit for protecting yourself from ID fraud.
The ICO's top ten tips to protect against ID fraud
# Remember, your personal information is important - treat it like any other valuable item.
# If you move house, redirect all your mail and inform your bank, utility companies and other organisations of your new address.
# Ensure your home computer is protected before you go online.
# Always think about who you are giving your information to.
# Get a copy of your personal credit file to check any suspicious credit applications.
# Never disclose secret passwords or pins.
# If you have to post personal documents, ask the post office for advice on the most secure method.
# Check your bank and credit card statements regularly for unfamiliar transactions.
# Shred or destroy personal documents you are throwing away such as bills, receipts, bank or credit card statements, and other documents that show your details.
# Stop unwanted marketing by registering with both the mailing and telephone preference services.
Identity fraud is when criminals impersonate someone, using their victim's personal details to take out or get access to credit cards, loans, and other financial products in their name.
For example, bank statements and credit card bills fraudsters find in a bin could be used to get access to a customer's bank account or to take out a loan in that person's name.
But despite the risks, one Briton in three admits to throwing away personal documents such as bank statements and receipts without shredding or destroying them, one person in four does not routinely check bank statements for unfamiliar transactions and almost half of us use the same pin and password across different accounts.
And despite the increased risk of identity theft, four Britons in five have never requested a copy of their credit file. This file holds your credit history and is an easy way to check if credit has been taken out in your name by someone else.
"We are living in an age where protecting your personal information has never been so important," said David Smith, deputy commissioner at the Information Commissioner’s Office (ICO).
"Almost every day we give out our personal details which can leave us open to identity theft, unwanted marketing and a loss of privacy."
In response to this danger, the ICO has produced a top ten list of tips to keeping your identity safe from fraudsters and released a new toolkit for protecting yourself from ID fraud.
The ICO's top ten tips to protect against ID fraud
# Remember, your personal information is important - treat it like any other valuable item.
# If you move house, redirect all your mail and inform your bank, utility companies and other organisations of your new address.
# Ensure your home computer is protected before you go online.
# Always think about who you are giving your information to.
# Get a copy of your personal credit file to check any suspicious credit applications.
# Never disclose secret passwords or pins.
# If you have to post personal documents, ask the post office for advice on the most secure method.
# Check your bank and credit card statements regularly for unfamiliar transactions.
# Shred or destroy personal documents you are throwing away such as bills, receipts, bank or credit card statements, and other documents that show your details.
# Stop unwanted marketing by registering with both the mailing and telephone preference services.
Monday, February 05, 2007
Restaurant Owner Suspected In Credit Card Scheme
Feb. 1 - KGO - Our advice: Check your credit card statements carefully. It's always a good idea, but especially for anyone who's eaten at a certain Chinese restaurant in San Francisco in recent years.
We've uncovered many scams over the years, but the experts say this goes beyond a scam, that it's an out-and-out crime.
When we met 50-year-old Phau Lam, he took off and kept running and running, until he was out of sight. We know why.
Irene Bartholomew, Victim: "It's a scam. It's a crime and he has to be in jail. That's it. He has to be in jail."
Irene Bartholomew used to have lunch at Lam's Home Menu restaurant on Mission at South Van Ness, before it closed almost a year ago. She was shocked when she checked her bank statement recently and found a new charge for $175 dollars.
She went to the restaurant -- still closed -- and confronted Lam.
Irene Bartholomew: "'Why I was charged $175 dollars for just lunch, you know, a rice plate meal, you know.' And he goes, 'Oh, can you come back, my friend, tomorrow at about 12 o'clock at this time?' I go, 'Okay, I'll come back.'"
And she brought the I-Team with her.
ABC7's Dan Noyes: "What's going on here? What happened?"
Phau Lam, Restaurant Owner: "I don't know."
Dan Noyes: "Why did you bill her ATM card?"
Phau Lam: "I don't bill that."
Dan Noyes: "You didn't bill that, well, who did?"
Phau Lam: "No, I don't know."
Dan Noyes: "Oh, come on."
Phau Lam: "No, I don't want to take a picture."
Phau Lam didn't want to answer any questions about his business. He led us through the back of the restaurant and out the loading dock.
Dan Noyes: "You aren't even selling food and you're billing their credit card? Mr. Lam."
He took off and kept running. On few occasions have we seen someone run so far from our cameras. Lam left the doors to his restaurant wide open. It's clear he was not ready for business -- we found no food on the shelves. But two cash registers and three credit card machines were powered up and ready for action.
We found several receipts for credit card charges dated long after the business had shut down -- one for $800 dollars.
Pat Wallace, Better Business Bureau: "This isn't even a scam. I don't even call this a scam. This is just out and out theft."
Pat Wallace of the Better Business Bureau has received several complaints about Lam charging his former customers' credit cards, months after the restaurant closed.
Pat Wallace: "We found that he not only charged once, but two and three times to the same card. So, I guess he ran through his, all of his credit card records and then started over again at the beginning."
Naveen Nathan had his card charged four times since the restaurant closed, for more than $800 dollars.
Naveen Nathan, Victim: "And the credit card company finally said that there's no way that we can stop these guys charging you. Rather you report this as stolen or lost and we could stop the number and we can issue a new number."
In all, we tracked down 15 people who say they've had fraudulent charges from Home Menu or another restaurant Lam's preparing to open, Asia Taste. All of the bills are for much more than you would expect to pay for a meal at a Chinese restaurant -- $145, $218, $475, up to $935 dollars.
Van Dyke Roth, Victim: "Had he been successful it would have totaled, you know, easily, I don't know, $1,200 dollars or so."
One thing we wondered was why -- why would someone think they could get away with this? And what kind of pressures would drive them to take such risks?
Bank records show that someone using Phau Lam's machines tried six times to charge Van Dyke Roth's credit card, but didn't have the correct expiration date. They finally entered the right date at four o'clock one morning -- the charge went through for $125 dollars.
Van Dyke Roth: "How can someone do that? Just how can someone do that? You're still affecting lives even though it's just a bunch of numbers that you're running through a machine."
We may have found the answer in Phau Lam's court records. In them, a picture emerges of a man with serious legal problems and money troubles. He's been sued at least 16 times in the last 15 years by restaurant vendors, car companies, the government and former business partners.
Shun Lui, Lam's Former Business Partner: "It was $180,000 dollars, we lost."
Shun Lui and his brother, Roy, loaned Lam almost $180,000 dollars to help open his restaurant. What's more, they say Lam ran up tens of thousands of dollars in unauthorized charges on Shun's credit card. So, they sued and a judge awarded more than $200,000 dollars in damages, finding Lam "guilty of actual fraud."
Shun Lui: "Even a penny, he don't pay back."
Another of Lam's partners even filed a police report in 2004, again, for charging customers' debit and credit cards after they dined at the restaurant.
Agatha Okuda got charged $850 dollars.
Agatha Okuda, Victim: "He just kept giving me the run-around, and call back tomorrow, and we'll get in touch with our bank, yeah."
Dan Noyes: "Eight-hundred-fifty bucks, for how much of a lunch?"
Agatha Okuda: "Seventeen dollars (laughs)."
She can laugh about it now. Agatha Okuda's bank finally credited her account. Next stop for us, the authorities. Tomorrow at 6 p.m., we take the case to the San Francisco District Attorney's Office.
By the way, we've tried several times to get some explanation from Phau Lam and his attorneys for what he's done -- no luck
We've uncovered many scams over the years, but the experts say this goes beyond a scam, that it's an out-and-out crime.
When we met 50-year-old Phau Lam, he took off and kept running and running, until he was out of sight. We know why.
Irene Bartholomew, Victim: "It's a scam. It's a crime and he has to be in jail. That's it. He has to be in jail."
Irene Bartholomew used to have lunch at Lam's Home Menu restaurant on Mission at South Van Ness, before it closed almost a year ago. She was shocked when she checked her bank statement recently and found a new charge for $175 dollars.
She went to the restaurant -- still closed -- and confronted Lam.
Irene Bartholomew: "'Why I was charged $175 dollars for just lunch, you know, a rice plate meal, you know.' And he goes, 'Oh, can you come back, my friend, tomorrow at about 12 o'clock at this time?' I go, 'Okay, I'll come back.'"
And she brought the I-Team with her.
ABC7's Dan Noyes: "What's going on here? What happened?"
Phau Lam, Restaurant Owner: "I don't know."
Dan Noyes: "Why did you bill her ATM card?"
Phau Lam: "I don't bill that."
Dan Noyes: "You didn't bill that, well, who did?"
Phau Lam: "No, I don't know."
Dan Noyes: "Oh, come on."
Phau Lam: "No, I don't want to take a picture."
Phau Lam didn't want to answer any questions about his business. He led us through the back of the restaurant and out the loading dock.
Dan Noyes: "You aren't even selling food and you're billing their credit card? Mr. Lam."
He took off and kept running. On few occasions have we seen someone run so far from our cameras. Lam left the doors to his restaurant wide open. It's clear he was not ready for business -- we found no food on the shelves. But two cash registers and three credit card machines were powered up and ready for action.
We found several receipts for credit card charges dated long after the business had shut down -- one for $800 dollars.
Pat Wallace, Better Business Bureau: "This isn't even a scam. I don't even call this a scam. This is just out and out theft."
Pat Wallace of the Better Business Bureau has received several complaints about Lam charging his former customers' credit cards, months after the restaurant closed.
Pat Wallace: "We found that he not only charged once, but two and three times to the same card. So, I guess he ran through his, all of his credit card records and then started over again at the beginning."
Naveen Nathan had his card charged four times since the restaurant closed, for more than $800 dollars.
Naveen Nathan, Victim: "And the credit card company finally said that there's no way that we can stop these guys charging you. Rather you report this as stolen or lost and we could stop the number and we can issue a new number."
In all, we tracked down 15 people who say they've had fraudulent charges from Home Menu or another restaurant Lam's preparing to open, Asia Taste. All of the bills are for much more than you would expect to pay for a meal at a Chinese restaurant -- $145, $218, $475, up to $935 dollars.
Van Dyke Roth, Victim: "Had he been successful it would have totaled, you know, easily, I don't know, $1,200 dollars or so."
One thing we wondered was why -- why would someone think they could get away with this? And what kind of pressures would drive them to take such risks?
Bank records show that someone using Phau Lam's machines tried six times to charge Van Dyke Roth's credit card, but didn't have the correct expiration date. They finally entered the right date at four o'clock one morning -- the charge went through for $125 dollars.
Van Dyke Roth: "How can someone do that? Just how can someone do that? You're still affecting lives even though it's just a bunch of numbers that you're running through a machine."
We may have found the answer in Phau Lam's court records. In them, a picture emerges of a man with serious legal problems and money troubles. He's been sued at least 16 times in the last 15 years by restaurant vendors, car companies, the government and former business partners.
Shun Lui, Lam's Former Business Partner: "It was $180,000 dollars, we lost."
Shun Lui and his brother, Roy, loaned Lam almost $180,000 dollars to help open his restaurant. What's more, they say Lam ran up tens of thousands of dollars in unauthorized charges on Shun's credit card. So, they sued and a judge awarded more than $200,000 dollars in damages, finding Lam "guilty of actual fraud."
Shun Lui: "Even a penny, he don't pay back."
Another of Lam's partners even filed a police report in 2004, again, for charging customers' debit and credit cards after they dined at the restaurant.
Agatha Okuda got charged $850 dollars.
Agatha Okuda, Victim: "He just kept giving me the run-around, and call back tomorrow, and we'll get in touch with our bank, yeah."
Dan Noyes: "Eight-hundred-fifty bucks, for how much of a lunch?"
Agatha Okuda: "Seventeen dollars (laughs)."
She can laugh about it now. Agatha Okuda's bank finally credited her account. Next stop for us, the authorities. Tomorrow at 6 p.m., we take the case to the San Francisco District Attorney's Office.
By the way, we've tried several times to get some explanation from Phau Lam and his attorneys for what he's done -- no luck
Police: Crooks Stole $30,000 By Cloning Credit Cards
A sweeping high-tech credit card fraud ring is victimizing dozens of banks, cities and people in northeast Ohio, NewsChannel5 reported.
Authorities said the crooks are cloning credit cards and stealing thousands of dollars. They do it by obtaining working credit card numbers, stamping out duplicate cards and then taking out huge cash advances.
Police said two men shown on a bank surveillance camera ripped off nearly $3,000 from National City Bank using fake IDs.
The high-tech part of the crime is actually duplicating credit cards, even cloning the magnetic strip on the back, police said.
In a three-day period last week, the fraud team hit banks in Beachwood, Strongsville, Shaker Heights, Mayfield Heights and University Circle.
The crooks made off with an estimated $30,000.
Bank security and police passed the surveillance photos around and finally caught up with 31-year-old Larry Colbert.
Police said Colbert came to Cleveland from Tennessee to conduct his credit card crimes. Investigators are now trying to find a man and a woman they believe are his partners in crime.
Colbert is facing a host of charges, including fraud and theft.
Authorities said the crooks are cloning credit cards and stealing thousands of dollars. They do it by obtaining working credit card numbers, stamping out duplicate cards and then taking out huge cash advances.
Police said two men shown on a bank surveillance camera ripped off nearly $3,000 from National City Bank using fake IDs.
The high-tech part of the crime is actually duplicating credit cards, even cloning the magnetic strip on the back, police said.
In a three-day period last week, the fraud team hit banks in Beachwood, Strongsville, Shaker Heights, Mayfield Heights and University Circle.
The crooks made off with an estimated $30,000.
Bank security and police passed the surveillance photos around and finally caught up with 31-year-old Larry Colbert.
Police said Colbert came to Cleveland from Tennessee to conduct his credit card crimes. Investigators are now trying to find a man and a woman they believe are his partners in crime.
Colbert is facing a host of charges, including fraud and theft.
Two arrested for credit card fraud
Two people were arrested after a search warrant served at their residence turned up thousands of dollars in fraudulently purchased merchandise on Monday.
Deputies from the San Bernardino County Sheriff's Department arrested Jose Trujillo, 33, and Stephanie Martinez, 31, at their home in Ontario, according to a sheriff's statement.
Macy's employees reported the two made purchases with fraudulent credit cards.
Trujillo and Martinez were arrested after deputies found items from Bebe and Victoria Secret stores in their possession. It was later determined that those items were purchased fraudulently, according to the statement.
Investigators later found $4,000 worth of items from Best Buy and more than $8,000 in stereo and electronic equipment, once they served a warrant at the home. Also found were 12 fraudulent credit cards from 12 different victims, according to the statement.
Investigators expect to find additional victims.
Deputies from the San Bernardino County Sheriff's Department arrested Jose Trujillo, 33, and Stephanie Martinez, 31, at their home in Ontario, according to a sheriff's statement.
Macy's employees reported the two made purchases with fraudulent credit cards.
Trujillo and Martinez were arrested after deputies found items from Bebe and Victoria Secret stores in their possession. It was later determined that those items were purchased fraudulently, according to the statement.
Investigators later found $4,000 worth of items from Best Buy and more than $8,000 in stereo and electronic equipment, once they served a warrant at the home. Also found were 12 fraudulent credit cards from 12 different victims, according to the statement.
Investigators expect to find additional victims.
Funeral director accused of using customer's credit card for online porn
Criminal charges have been filed against a Hippensteel Funeral Home director suspected of using a customer's credit card to access pornography Web sites.
Michael J. Moehring, 31, of Lafayette was charged Friday in Tippecanoe Superior Court 5 with two counts of felony fraud and felony identity deception.
Detective Jeff Rooze of the Lafayette Police Department said a customer had paid for a relative's funeral services in early January using a credit card. About two weeks later, the family found four suspicious charges on their monthly credit card statement.
"They weren't big purchases -- $30, $40. But they questioned it and took the initiative to investigate," Rooze said. "In this case, look what it resulted in."
He said the family was able to track the Internet protocol address to a computer at Hippensteel. Rooze got a subpoena to further narrow it down to a computer that Moehring used.
Hippensteel officials said that Moehring, a licensed funeral director who had worked there since 2003, was immediately terminated upon news of the charges.
Rooze said that Moehring is suspected of using the credit card number on two separate days to pay membership fees to four adult porn sites.
The fees totaled about $179.
Moehring also is accused of using a portion of the dead man's name to create an e-mail address that he used as correspondence for the Web sites, Rooze said.
ADVERTISEMENT
He said both Hippensteel and Moehring have been cooperative in the investigation.
"They are devastated by this," Rooze said of Hippensteel employees.
Police believe it was an isolated incident and do not suspect that there are other victims.
Still, Rooze encourages everyone to carefully check their credit card statements and contact the card issuer and police if there are any suspicious charges.
If convicted of the most serious charge, fraud as a Class D felony, Moehring could be sentenced to up to three years in prison for each count.
Moehring, who was arrested Friday afternoon, after posting a $5,000 bond.
Michael J. Moehring, 31, of Lafayette was charged Friday in Tippecanoe Superior Court 5 with two counts of felony fraud and felony identity deception.
Detective Jeff Rooze of the Lafayette Police Department said a customer had paid for a relative's funeral services in early January using a credit card. About two weeks later, the family found four suspicious charges on their monthly credit card statement.
"They weren't big purchases -- $30, $40. But they questioned it and took the initiative to investigate," Rooze said. "In this case, look what it resulted in."
He said the family was able to track the Internet protocol address to a computer at Hippensteel. Rooze got a subpoena to further narrow it down to a computer that Moehring used.
Hippensteel officials said that Moehring, a licensed funeral director who had worked there since 2003, was immediately terminated upon news of the charges.
Rooze said that Moehring is suspected of using the credit card number on two separate days to pay membership fees to four adult porn sites.
The fees totaled about $179.
Moehring also is accused of using a portion of the dead man's name to create an e-mail address that he used as correspondence for the Web sites, Rooze said.
ADVERTISEMENT
He said both Hippensteel and Moehring have been cooperative in the investigation.
"They are devastated by this," Rooze said of Hippensteel employees.
Police believe it was an isolated incident and do not suspect that there are other victims.
Still, Rooze encourages everyone to carefully check their credit card statements and contact the card issuer and police if there are any suspicious charges.
If convicted of the most serious charge, fraud as a Class D felony, Moehring could be sentenced to up to three years in prison for each count.
Moehring, who was arrested Friday afternoon, after posting a $5,000 bond.
Subscribe to:
Posts (Atom)