Full Disclosure mailing list archives
RE: credit card numbers
From: "Justin Shin" <zorkshin () tampabay rr com>
Date: Thu, 17 Jul 2003 20:51:18 -0400
carding is still very much the same as it was 10 years ago, before online shopping kicked off. basically its a ring of losers who dig in the trash cans, use deceptive web pages (ie fake logins for paypal, ebay, etc.), steal numbers from cc vendors databases, and then trade them off because they are too much of pussies to actually try to use any of them... for example if you ever visit an irc carding room or a carding newsgroup its all the same: Thrash1: i have 10 gazillion ccs w/cvv2 and full info, selling for $25 each Thrash2: huh, i dont understand. how do u use these credit cards online Thrash3: newbie, get out, go screw yourself Thrash2: whats cvv2 Although it can be a serious problem carding remains largely the same deal as before. The best thing online vendors can do is to encrypt cc information as well as any accounts tied to those numbers (ie user/pass) in case another one of those 0day shopping cart sploits come out. Another thing they can do is to delete cc info after "x" days or just not store it at all ... after all, doesn't that eliminate the problem all together? Also, sorry about the stupid vacation message. I got about 20 million emails that said something along the lines of:
Its July, dipshit.
:) -- Justin Shin _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Credit card numbers, (continued)
- RE: Credit card numbers gml (Jul 17)
- Re: Credit card numbers micah mcnelly (Jul 17)
- RE: Credit card numbers gml (Jul 17)
- Re: Credit card numbers Jeremiah Cornelius (Jul 17)
- RE: Credit card numbers Scott Phelps / Dreamwright Studios (Jul 17)
- RE: Credit card numbers gml (Jul 17)
- Re: Credit card numbers micah mcnelly (Jul 17)
- Re: Credit card numbers Steve (Jul 18)