RE: Online Fraud Protection

["Craig Wright" <cwright () bdosyd com au>]

Hello,
To add to this, Anti-fraud measures are not focused on Information
security. True there are some aspects, but these are relatively minor.
Most credit card fraud is not a result of the Internet as yet, so at
best this is an issue perception.

This is an issue of data mining and inferential analysis of spending
patterns, limits and other customer activity.

The idea of stating that this is a "fraud site" is one that will not
work. It is liable to error and civil penalty. If you do this I hop that
your lawyers are all paid up.

Next and as in the last post, I hope you do not mind losing customers.

Regards,
Craig

-----Original Message-----
From: Adviser [mailto:theadviser () gmail com]
Sent: Sunday, 25 June 2006 3:58 AM
To: Umut Inetas; pen-test () securityfocus com
Subject: Re: Online Fraud Protection

Apologies if i haven't understood your question .... Are you saying that
you
are going to ask all you customers to have Vista + IE 7???????

Regards
Syed
----- Original Message -----
From: "Umut Inetas" <inetasumut () yahoo com>
To: <pen-test () securityfocus com>
Sent: Friday, June 23, 2006 11:36 AM
Subject: Online Fraud Protection


>    Hi All;
> I've been reading e-mails on this site for a couple of years and it
helped
> me so much,thanks all the people who keep this lists alive.
> Now i'm working for a banking comp. and we are planning deployment of
> anti-phising and anti-fraud services for our company.
> As the specified needs are:
> Scanning and reporting dns domain names, e-mail content, brands in web

> sites, company names and ssl certificates which are fraud or not.
>  Taking precautions for  fraud and phising sites  We are going to
advance
> MS new operating system (Vista) and IE7 in a near future and we have
> Microsoft as partner; we will need reporting to Microsoft for
Microsoft's
> anti-phishing add-on filter or IE7's integrated anti-phishing filter
to
> prevent people accessing detected fraud sites automatically.
> There are some vendors which proposed us some solutions but we haven't

> decided yet.
> As you are IT security pro. what is your advice about this case? Have
you
> ever tested,pen-tested or experienced this kind of anti-fraud
services?
> Thanks in advance...
------------------------------------------------------------------------
------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the
> Analyst's
> Choice Award from eWeek. As attacks through web applications continue
to
> rise,
> you need to proactively protect your applications from hackers. Cenzic
has
> the
> most comprehensive solutions to meet your application security
penetration
> testing and vulnerability management needs. You have an option to go
with
> a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service
can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm
your
> results from other product. Contact us at request () cenzic com for
details.
>
------------------------------------------------------------------------
------
>


------------------------------------------------------------------------
------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the
Analyst's
Choice Award from eWeek. As attacks through web applications continue to
rise,
you need to proactively protect your applications from hackers. Cenzic
has the
most comprehensive solutions to meet your application security
penetration
testing and vulnerability management needs. You have an option to go
with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service
can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm
your
results from other product. Contact us at request () cenzic com for
details.
------------------------------------------------------------------------
------


Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within 
those States and Territories of Australia where such legislation exists.

DISCLAIMER
The information contained in this email and any attachments is confidential. If you are not the intended recipient, you 
must not use or disclose the information. If you have received this email in error, please inform us promptly by reply 
email or by telephoning +61 2 9286 5555. Please delete the email and destroy any printed copy. 

Any views expressed in this message are those of the individual sender. You may not rely on this message as advice 
unless it has been electronically signed by a Partner of BDO or it is subsequently confirmed by letter or fax signed by 
a Partner of BDO.

BDO accepts no liability for any damage caused by this email or its attachments due to viruses, interference, 
interception, corruption or unauthorised access.

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------