Re: Customers 'blamed for card fraud'

[Robert Slade <rmslade () shaw ca>]

From: chris () blask org
Date: Sunday, October 4, 2009 8:46 am

> This is a hard one to argue against, it leaves the question of 
> "how did they get your PIN?" to be answered.  The only 
> answers possible are:
>
> o  Someone saw/stole it
> o  the bank has bad tech
> o  the customer wrote it down


As I understand it, the bank involved was in the UK.  For some time, card numbers harvested in Europe have been 
exported and put on swipe cards in the US.  Because most North American banks and retailers don't (yet) have pin/chip 
terminals, the card gets used and the user gets defrauded.

It would be interesting to know if transactions carried details of where used and what type of terminal ...

====================== 
rslade () computercrime org  slade () victoria tc ca  rslade () vcn bc ca
"If you do buy a computer, don't turn it on."     - Richards' 2nd Law
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs:     [Base URL]mnbksccd.htm
Security Dict.: [Base URL]secgloss.htm
Book reviews:   [Base URL]mnbk.htm
                [Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
Review mailing list: send mail to techbooks-subscribe () egroups com
http://blogs.securiteam.com/index.php/archives/author/p1/
http://blog.isc2.org/isc2_blog/slade/index.html http://twitter.com/rslade



_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.