Things Happen in 3's...Don't Read Too Much Intuit

Editors Note:  Things happen in 3's and Symantec is alerting those who read, that there will be dozens, if not hundreds, of attempts to "capitalize" on the recent passing's of the King, the Angel and to a lesser extent, the Sidekick.   

Speaking of 3's, before learning math, did anyone else originally think that 3 was half of 8?

Celebrity Deaths and What to Expect in Cyberspace 

Symantec Security Response writes...

This week has seen the tragic deaths of three iconic American super stars: Ed McMahon, Farrah Fawcett, and Michael Jackson. As always, events such as these seem to be prime targets for spammers and malicious code authors alike.

Internet users should expect to see a flurry of threats seeking to play upon the emotions and curiosity of the public around these events. If you’re looking for news, videos, pictures, or any information regarding these individuals and their lives, Symantec recommends that you only visit sites you’re familiar with and trust. Don’t click on every link you see related to this story and always keep your security solutions up-to-date.

For example, Symantec has observed spam that appears to be a spoof on CNN that actually contains a link to a malicious Web page.

Users that click on the link will be redirected to a page that prompts users to download and run a file on a fake Flash Player, which actually installs malicious code.

Here are some of the additional spam and online tactics Symantec does expect to see as attackers seek to further take advantage of these tragedies:

• Spam with subject lines related to any of these deaths trying to peddle fake medicines
• Spam with subject lines related to any of these deaths leading to misleading applications, such as fake antivirus software
• Spam with subject lines related to any of these deaths leading to fake codecs
• Spam with subject lines related to any of these deaths with malware attached
• Search engine poisoning campaigns injecting malicious sites into the top search engine results related to any of these deaths
• Sites claiming to host videos of the last moments of these individuals lives, but actually peddling fake goods or malware
• Links to fake videos of these stars that actually attempt to infect users with malware
• Social networking site messages related to these deaths that could link to malware such as W32.Koobface
• Twitter tweets about these deaths with links to all sorts of malicious Web sites

Related articles by Zemanta

• Security firms warn of bogus Michael Jackson messages (digital.venturebeat.com)
• Death by Threes (tuibguy.com)
• Celebrity malware: beware (seattlepi.com)
• Michael Jackson Death Exploited by Malware Vendors [WARNING] (mashable.com)
• Beware the Michael Jackson Spam (blogs.wsj.com)
• Internet groans under weight of Michael Jackson traffic (arstechnica.com)

Could Your Bank Have Saved You From Becoming a Victim of Fraud? Duh!

HomeATM's SafeTPIN could eliminate phishing, cloned bank websites AND "Account Takeover Fraud" in one fell swoop...er, swipe.

Customers are complaining that lax monitoring of accounts has cost them thousands of pounds

Times Online - Lauren Thompson

Banks are not properly monitoring accounts for fraud, so putting their customers’ money at risk, a Times Money investigation has found.

Many people assume that their banks will pick up on unusual activity and stop transactions if they appear suspicious. However, fraud victims say that their banks have authorised transactions allowing several thousands of pounds to be spent in a few hours.

Sandra Quinn, of Apacs, the UK payments association, says: “There are no industry guidelines for how banks should monitor fraud. Each has a different policy. It is impossible for consumers to know which is best — or worst — because they do not publish their fraud figures or details of their monitoring policies.”

While there is nothing in the Banking Code that compels banks to monitor for fraud, they all say that they have “detection systems” to identify unusual spending patterns and potentially fraudulent transactions. But they deliberately do not tell consumers the type of transactions that may be flagged as suspicious in case it gives fraudsters too much information.

Alex Barnett, of Halifax, says: “We are unable to disclose what values or transaction patterns trip a fraud alert, mainly because this is assessed on an individual basis. A set of normal transactions for one person may not be normal for another.”

Concerns about monitoring have mounted as banks appear more reluctant to compensate victims of chip-and-PIN fraud. Times Money has been inundated with letters from readers who have had thousands of pounds withdrawn from accounts, only to find that their banks refuse to compensate them. Many have been “shoulder-surfed” — watched as they enter their PIN — then had their cards stolen and accounts drained at cash machines and in shops.

Under the Banking Code, consumers are not liable for such fraudulent transactions, but banks are refusing to pay out, telling customers that they "must have been" negligent with their PIN.

Jane Smith, 58, was a victim of fraud after an HSBC cash machine on Baker Street, Central London, swallowed her Abbey debit card. She went back to the branch as soon as it opened the next day, only to find that fraudsters had spent £4,000 — her entire overdraft — in less than 24 hours. Abbey initially refused to pay a refund, saying that she must have given her PIN to someone. It took her three months to recover the money.

She says: “I have been a loyal Abbey customer for 30 years (Editor's Note: which is probably the "only" reason it took three month instead of never...read on) and have never been overdrawn until this happened.

Surely the bank should have noted the transactions and stopped them?”

Professor Ross Anderson, of the University of Cambridge computer laboratory, says that Mrs Smith’s story is common. “Banks have used chip-and-PIN to dump liability,” he says. “If a transaction is disputed and a PIN was used, it is either the customer or the merchant’s fault. Why should banks go to the trouble of running a complex detection system to flag up suspicious transactions? It is simpler to authorize transactions, especially once fraud becomes someone else’s problem.”

Emma Woolf, 27, had a similar problem with her Abbey business account. She was horrified to discover a balance of £23 when she logged on to online banking — her account should have contained about £10,000. Fraudsters had been draining the funds for three months, mainly by making cash withdrawals of up to £500 at a time. They had also changed the address on the account.

Miss Woolf, who lives in northwest London, says: “I have not made a cash withdrawal on my account for several years, so endless cash withdrawals are very out of character. Yet it was not flagged up by the fraud team.”

Like Mrs Smith, Abbey told Miss Woolf that she must have been negligent with her PIN and is refusing to pay back her money.

“I have kept my card in a safe since October and have never told anyone the PIN,” she says. “I have now lost £10,000 and my business cannot operate. It has been a nightmare.”

Miss Woolf says that she is a victim of "account takeover fraud," which rose by 62 per cent last year, compared with 2007.

A fraudster contacts a bank, masquerading as the genuine cardholder, and then arranges for funds to be transferred out of the account, or changes the address and asks for a replacement card.

Editors Note:  Masquerading as the "genuine" cardholder fraud is UP 62%?  How so, or why so?  Two thoughts:  

1. The genuine cardholder should be "required" to prove they are genuine. 

What better way than swipe their card and enter their PIN? 
Two Factor Authentication with the same protocols as accessing an ATM...and

2. If they claim they "lost" the card, (and need a replacement) how's this for a thought to cut down on fraud that's rose 62% last year...Simply require them to physically come to the bank to get a new one and provide documentation.

The story continues...

Fraud costs the banking industry millions of pounds every year — and losses are increasing. Last year card fraud rose to £609.9 million, a 14 per cent increase on 2007. Cathy Neal, of Which?, the consumer organization, says that there needs to be greater clarity and consistency on how banks monitor fraud: “They will not pick up on highly unusual activity but will often stop transactions if a customer is abroad, for example.

“The vagueness of the Banking Code on fraud liability means that banks are inconsistent with compensation. Many victims are also not told how fraudsters stole account or card details, which can be very unsettling.”

Nina Gregory, 70, is taking Abbey to a small claims court next week after fraudsters took £2,800 from her Isa account two years ago while she was on holiday. The bank has refused to refund the money, a decision upheld by the Financial Ombudsman Service.

She says: “I went to Russia for five weeks and took my VIsa card with me. When I received my monthly statement when I got back, I saw that £200 had been withdrawn from cash machines in West London, every day for two weeks, until the money ran out. I have never withdrawn so much cash from a machine, or so regularly.

“However, Abbey insists that because the correct PIN was used, and the transactions took place near to my house, it cannot be fraud. It implied that I left my card at home and was somehow negligent with my PIN.”

Mrs Gregory, like many victims of fraud, says that she was made to feel like a criminal, adding:

“Abbey’s fraud department asked me lots of aggressive questions to try to establish how I had been negligent. Where did I keep my purse? Had I written down the PIN? To be accused of lying or colluding with fraudsters at my age is an insult.”

Continue Reading at Times Online

account takeover fraud, phishing, SafeTPIN, cloned bank websites

Related articles by Zemanta

• One in five ID fraud victims 'not reimbursed' (telegraph.co.uk)
• Privacy is Dead, Long Live the PIN (pindebit.blogspot.com)
• Online Banking's Innate Security Flaws (information-security-resources.com)
• BofA Targeted by Malicious Code Phishing Attack (pindebit.blogspot.com)
• Who Needs an Ounce of Prevention...We Have 10 pounds of Cure! (pindebit.blogspot.com)
• To Hell With Convenience (pindebit.blogspot.com)

iAWFUL (Internet Advocates Watchlist for Ugly Laws)

Government IT: The Top 10 Worst Internet Proposed Laws in the U.S.

From discriminatory taxes against the Internet to singling out Web operations for unfair treatment to efforts to "fix" social networking sites, the states are seemingly working night and day to conjure up laws that would impact the Internet in more bad ways than good. To highlight some of the really bad boys of Internet regulation, the advocacy group NetChoice has created the iAWFUL (Internet Advocates Watchlist for Ugly Laws) list. eWEEK takes a look at the iAWFUL top 10 list.

Click here to see the slide show

iAWFUL, Internet Advocates Watchlist for Ugly Laws

United Airlines Tells Travel Agencies to Eat Credit Card Fees

United Tells Travel Agents to Cover Credit Card Fees

• Analysis by: GLG Expert Contributor
• Analysis of: United To Shift Card Costs To Agencies
• Published at: http://hudsoncrossing.blogspot.com

Implications: How widely adopted will this change be? What will the effect be on consumers? On OTAs? On the airline industry?

Analysis: It appears United has taken the next step in the airline industry's never-ending quest to lower distribution costs or at least get others to shoulder the burden for them... United today informed a currently unknown number of travel agents that they would no longer be able to use the industry reconciliation system, ARC, to process tickets which were paid for with a credit card.

United is asking these travel agents to process credit card transactions themselves and then report the sale as a cash transaction. Until now, when a travel agency (or OTA) has sold a published ticket on United (or any other carrier) the credit card is actually processed by the airline. As such, the airline is responsible for paying the 2-3% (in rough numbers) that Amex, Visa, Mastercard and Discover charge for using their cards. In the new world proposed by United, agents will process the credit cards themselves (presumably along with an additional consumer fee) and then remit the full amount of the ticket back to United. This would obviously save a considerable amount of money for United if widely adopted.

Still too early to tell what this means for consumers but if the airline industry adopts United's moves broadly, consumers may be forced to pay one more fee if they are not willing or cannot visit an airline's website...

Continue Reading at GLGroup

United Airlines, Travel Agencies, United Tells Travel Agencies to Cover Credit Card Fees

If You Can't Beat 'em (Hackers) Hire 'em

UK looks to young geeks to secure cyberspace

By DAVID STRINGER –

LONDON (AP) — Britain is hiring former computer hackers to join a new security unit aimed at protecting cyberspace from foreign spies, thieves and terrorists, the country's terrorism minister said.

Alan West said the technology-savvy staff will join efforts to trace the source of — and prevent — cyber attacks on Britain's government, businesses and individuals. The country also will develop its capability to wage cyber warfare against the country's foes, he said.

Prime Minister Gordon Brown announced the creation of the unit Thursday as he published an updated national security strategy, detailing Britain's response to global terrorism and emerging threats.

"Just as in the 19th century we had to secure the seas for our national safety and prosperity, and in the 20th century we had to secure the air, in the 21st century we also have to secure our position in cyberspace," Brown said.

West said British government systems had probably come under cyber attack but that he did not know of any specific cases where sensitive data had been lost. British telecom BT Group PLC, one of the world's largest telecommunications providers, estimates it has about 1,000 attempted cyber attacks per day on its systems, West said.

Jonathan Evans, the head of Britain's domestic spy agency MI5, has previously warned that both China and Russia are using new technology to spy on Britain. Russia is accused of mounting large-scale attacks on Estonia's computer systems in 2008...

Continue Reading

Related articles by Zemanta

• Security stepped up over cyber-attack threats (guardian.co.uk)
• Hackers To Join Britain's Cyberspace Army (news.sky.com)
• Cyber-security strategy launched (news.bbc.co.uk)
• UK faces 'state-backed' hackers (news.bbc.co.uk)
• Threat of cyber attacks laid out by Government (telegraph.co.uk)

Trojan Steals Banking Details

Trojan Banbra’s New Variant Steals Banking Details

According to the researchers at Panda Security, the notorious 'Banbra Trojan' has been recently identified in another version. Essentially, this malware is designed to capture end-users' online banking details, the researchers stated.

Just like the other versions, the new Banbra.GIM, which affects Windows 2000, 2003, NT, XP, ME, 95 and 98, creeps into computers via an e-mail purporting to have come from a particular banking community in Brazil.

The Trojan succeeds in contaminating numerous PCs by pretending to be a genuine security software. That means the fraudulent e-mail supposedly from the bank presents software that seemingly guarantees the user security while he conducts online banking transactions. But the program actually steals crucial banking details, the researchers elucidated.

Should Global Cash Lose It's License?

Arizona regulators say Vegas ATM company, Global Cash, should lose license

Casino City Times: An Arizona agency says Global Cash Access Inc. of Las Vegas can't be trusted as a casino vendor because it committed theft and fraud years ago, and in recent years has lied to regulators about that scandal and other issues. The harsh words about the company are in a June 3 report from the Arizona Department of Gaming recommending Global Cash lose its license to do business in that state, where it now contracts with about 20 Indian casinos. Global Cash, which provides gaming-credit services and ATMs in casinos, revealed the Arizona action earlier this month and said it plans to contest the recommendation. The Arizona report says that from 1999 to 2002, Global Cash deliberately miscoded transactions involving Visa by disguising cash transactions as retail purchases, meaning it would pay a lower fee to banks issuing the Visa cards. Global Cash made $26 million with this scheme, the Arizona report says.

Continue Reading

Simple Steps to Keep Your Identity Safe Online

Simple steps to keep your identity safe online

June is Internet Safety Month, and simple identity theft protection steps such as shredding your mail and keeping careful tabs on your bank accounts and credit cards are essential first layers of protection against identity thieves. But there is an open door in many homes that is inviting criminals into personal information, and it is often left unprotected - the computer.

A recent study by online security provider Tiversa found more than 13 million online files have been breached over the last year, and P2P sharing services seem to be a popular way for criminals to get in.

There are steps consumers can take to reduce their risk for identity theft through the use of P2P file sharing services. LifeLock offers the following online safety tips:

• Install file-sharing software carefully, taking special note of default settings and permissions placed on shared folders
• Use security software and make sure you keep it up-to-date. You can set most anti-virus and anti-spyware protection programs to update automatically and regularly
• Be sure to close your connections when you are done with a file-sharing session. Closing the window doesn't automatically close the connection, which could leave your computer's information vulnerable
• Maintain backups of all important documents. This will ensure your information is maintained for your personal use should you need to delete it from your computer or any file
• Talk with your family about safe file-sharing practices, and create separate user accounts for others who may use your computer. By separating accounts you can prevent others from installing software on your computer that may expose your information
• Before providing personal information to your doctor, attorney, insurance company, employer or anyone else make sure to ask for details on how they will keep this data secure

Identity theft is costing Americans more than $1.8 billion annually, according to the Federal Trade Commission, and the latest FTC reports show the number of identity theft complaints has grown by 80 percent since 2000. Among the forms of identity theft and fraud reported to the FTC in 2008 are credit card fraud, medical benefit fraud and falsified government or employment documents.

VisaNet IPO: $4.3 Billion, Worlds Largest in Over a Year

Finextra: VisaNet IPO totals $4.3m

VisaNet IPO totals $4.3m
Visa's Brazilian affiliate VisaNet is raising around $4.3 billion in its initial public offering, the biggest in the world for over a year.

The Sao Paulo-based credit card company's shareholders - including Visa, Banco Bradesco, Banco do Brasil and Banco Santander - sold 559.81 million shares at a price of 15 reais each.

Book-building in the IPO closed out yesterday with shares set to begin trading on the Brazilian Stock Exchange on Monday.

According to a Reuters report, on Wednesday 19 brokerages were banned from participating in the IPO for allegedly releasing unapproved advertising material about the sale.

VisaNet was the first Brazilian IPO of the year and the country's biggest ever.

VisaNet, IPO

How Convenient is it when 20% of Fraud Victims Can't Get Their Money Back?

When "Convenience creates Inconvenience" is it time for a Change?

I know that everyone is pushing convenience over security when it comes to financial transactions, but did you know that 1 out of 5 victims of credit/debit card fraud never see their money again? 


New research has found that one in five victims of financial fraud have not managed to retrieve the money they have lost. Some one in four people surveyed by Which? said they had been a victim of financial fraud and while most had managed to reclaim the lost money from their bank or credit card provider, 20 per cent of victims said they had been left out of pocket.



There is a rule that banks are enforcing which statesthat if a customer acts without "reasonable" care to limit risks, theywill have a hard time getting their money back. 
For example, if a customer enters their PIN while a criminal is overlooking their shoulder, the banks could argue that you should have covered the keypad with your hand.  Question is, when will that rule apply to consumers who "type" their numbers into a box on the web? 

It seems to me (although one could make a "Post hoc ergo propter hoc" case against this argument) that if banks refuse to refund money because you "typed/entered" your PIN without taking proper precaution to cover it with your hand, then consumers should known better than to  "type/enter" their credit/debit card number on the web.

My point is, that it is NOT reasonable to believe that your card numbers won't be intercepted by hackers, when there are stories saying that it happens every day.  My point is also that card companies assume the risks of "insecurity" because they make so much money on "convenience."  (that and the fact that insecure transactions have higher interchange and thus higher profit)  The card companies have consumers trained to "type vs. swipe" and they have them trained to believe in zero-liability, but according to this article, the facts are that consumers actually stand a 20% chance of having that zero liability transformed into 100% liability.

Martyn Hocking, the editor of Which?, said: "Identity fraud is"inconvenient" and stressful, and can also be costly if you're unable torecover your losses.

As consumers become more aware of this fact, will they choose security over "inconvenience"?   If so, I predict it won't be long before we'll see a major behavioral change/shift in the way consumers shop online.  So the question begsto be asked, how convenient is it when the so-called convenience actually causesinconvenience?  If an ounce of prevention is worth a pound of cure,then how long before consumers "weigh in" on the pros and cons of convenience and tip the scalestoward security?

Here is an excerpt from an article from  Compare and Save dot com:

"Clever" criminals cause credit card fraud rise

Which? has issued best-practice credit card guidance.  Many people who suffer from a certain type of credit card fraud are facing difficulty with reclaiming their money, according to the consumer group.

Which? said in new analysis released today that one in five ID theft victims do not get a refund from their bank or credit card provider.

ID theft occurs when a fraudster impersonates a cardholder in order to gain access to their accounts.

It is commonly achieved through criminals looking over a victim's shoulder while they are entering their pin at a cash machine or in a shop and then stealing the card.

Victims can have a hard time getting the money back, as bank rules state that claims can be turned down if the customer acted without "reasonable" care to limit risks.
 

Continue Reading

Related articles by Zemanta

• One in five ID fraud victims 'not reimbursed' (telegraph.co.uk)
• 'Both Sides of the Mouth' Security Analysis (information-security-resources.com)
• Fraudsters Watch as You Enter PIN (pindebit.blogspot.com)
• To Hell With Convenience (pindebit.blogspot.com)

Twitter CEO Says No Advertisements will Target Tweeters

Twitter CEO pours cold water on ecommerce ad claims

The chief executive of Twitter has denied that the website will soon launch a service allowing companies to push product recommendations to users.

Rumors of the new ads began last week after Todd Chaffee, a partner at Institutional Venture Partners which has invested in Twitter, told the New York Times Bits blog that such a service is likely to be launched to help the site generate revenues in the near future.

The recommendations would aim to take advantage of the fact that Twitter is used by many people to ask friends and followers for product advice and would take the form of automatic replies to individual tweets containing ecommerce links and money off vouchers, he said.

Evan Williams, chief executive of Twitter, responded to the claims in a comment on a Business Insider article by stating: "Todd ... is not actually on Twitter's board and, in this article, he's brainstorming on his own.

"These are not in the least bit concrete plans of the company."

A study recently conducted by Harvard Business School found that 90 per cent of all posts on Twitter are generated by the top ten per cent of users sending the highest number of tweets.

This news story was brought to you by Bluhalo, a leading UK

Twitter, Todd Chaffee, Venture Partners, Evan Williams

Whitepaper - How To Defend Against New Botnek Attacks

According to Symantec's MessageLabs Intelligence, botnets were responsible for 90% of spam in 2008. More importantly, these compromised "robot" computer networks do not seem to be going away anytime soon.

The ever changing nature of botnets make them hard to detect and even harder to defend against. MessageLabs' latest industry white paper, "How to Defend Against New Botnet Attacks" aims to help you understand how to fight them.

About Bots or A Bout w/Bots

A "bot" is a type of malware that allows an attacker to take control over an affected computer. Also known as “Web robots”, bots are usually part of a network of infected machines, known as a “botnet”, which is typically made up of victim machines that stretch across the globe.

Since a bot infected computer does the bidding of its master, many people refer to these victim machines as “zombies.”

The cybercriminals that control these bots are called botherders or botmasters.

Some botnets might have a few hundred or a couple thousand computers, but others have tens and even hundreds of thousands of zombies at their disposal. Many of these computers are infected without their owners' knowledge. Some possible warning signs? A bot might cause your computer to slow down, display mysterious messages, or even crash.

How Bots Work

Bots sneak onto a person’s computer in many ways. Bots often spread themselves across the Internet by searching for vulnerable, unprotected computers to infect. When they find an exposed computer, they quickly infect the machine and then report back to their master. Their goal is then to stay hidden until they are instructed to carry out a task. After a computer is taken over by a bot, it can be used to carry out a variety of automated tasks.


To download the whitepaper from ZDNet, click here

How to Defend Against New Botnek Attacks, Symantec

NRF and RILA Call Off Merger

NRF, RILA End Merger Discussions

For Immediate Release

Contact: Scott Krugmanor krugmans@nrf.com

NRF, RILA End Merger Discussions
Associations Continue to Work Together to Represent Retail Industry

Washington,June 24--The National Retail Federation (NRF) and the Retail IndustryLeaders Association (RILA) today announced that the two organizationshave ended merger discussions.

“Following a deliberativeprocess, RILA and NRF have ended discussions aimed at merging the twoorganizations. NRF and RILA will devote all resources to continuing thework they are each doing to address the serious issues that America’sconsumers and retailers are facing in today’s economic environment,”said the two boards of directors in a joint statement.

TheRetail Industry Leaders Association (RILA) promotes consumer choice andeconomic freedom through public policy and industry operationalexcellence. RILA members include the largest and most successfulcompanies in the retail industry. RILA provides its members with uniqueeducational forums, effective public policy advocacy, and advancementof the retail industry.

The National Retail Federation is theworld's largest retail trade association, with membership thatcomprises all retail formats and channels of distribution includingdepartment, specialty, discount, catalog, Internet, independent stores,chain restaurants, drug stores and grocery stores as well as theindustry's key trading partners of retail goods and services. NRF'smission is to advance and protect the interests of the retail industryand to help retailers achieve excellence in all areas of theirbusiness.

###

Related articles by Zemanta

• NRF And RILA To Merge (joesbunker.net)
• 58% of Onlinie Retailers Saw Q1 Sales Increase (pindebit.blogspot.com)

UK Spy Chief Warns of Blackberry/iPhone Threat

UK Spy chief warns of terrorism threat to Blackberrys and iPhones (he won't even have one)

By Tim Shipman, Deputy Political Editor
Last updated at 11:13 PM on 25th June 2009

Editors Note: It's not that the phones themselves are unsafe, it's the fact that the new phones use web browsers. So, more e-vidence that you might want to think twice about typing your credit/debit card numbers into a smart phone. Guess what? Same goes for typing your credit/debit numbers into a box on a merchant website. Here's a story from the UK"s Mail Online:

Security Minister Lord West has warned that BlackBerrys and iPhones are vulnerable to attack from spies, criminals and terrorists. He said Britain must be alert to the growing threat of cyber attacks on computers and internet-enabled smart phones, which costs the country several billion pounds a year.

Lord West, unveiling the UK's first Cyber Security Strategy yesterday, said: 'With an email, more people see what you have written than if you wrote a postcard.

Security Minister Lord West has revealed that he refuses to have a smartphone because of fears of internet hacking

'When you get a new phone you open yourself up to all the internet issues. Suddenly, people can get access to all sorts of data. We know terrorists use the internet for radicalisation, but there is a fear they will move down that path.

'As their ability to use the web grows, there will be more opportunity for these attacks.'

The initiaitive, which will feature an M15-run Office for Cyber Security to coordinate Government policy, will also see teenage computer hackers drafted in to the GCHQ listening post in Cheltenhamto hunt down cyberterrorists attempting to infiltrate Whitehall computer systems.

Officials refuse to say how many times government computers are targeted, but admit that BT alone faces 1,000 attacks every day.

Lord West has revealed he is personally refusing to use any of the new generation of multi-media phones that are on the market.

Security experts have already warned that some mobile phone owners who use text messages to access bank account details face the risk of having confidential information stolen.

Lord West, who has a Nokia business mobile, said today: It's one reason why I have this Stone Age phone.'He said fashionable smart mobiles are at risk if linked to the internet.

Related articles by Zemanta

• Hackers To Join Britain's Cyberspace Army (news.sky.com)
• Intel and Nokia team up to battle the iPhone (telegraph.co.uk)
• 40% of iPhone Users access web more from phone than PC (sociallyminded.co.uk)

Why Interchange Fees Should Come Down

Felix Salmon writes that he believes Interchange Fees Should Come Down in an article he wrote for Seeking Alpha:  Here's an excerpt:

Juan Lagorio is right. The various proposed bills regulating interchange fees — the fees that merchants pay whenever a customer uses a credit card to pay for something — could definitely hurt Visa (V) and Mastercard (MA), despite the fact that Visa and Mastercard don’t actually charge those fees and claim that they would not be impacted by the legislation.

How do we know that Visa and Mastercard are worried? Well, for one thing, Shawn Miles, the head of global public policy at Mastercard, has written an essay arguing against them:

No matter how loudly the big box merchants claim the mantle of “Protector of Consumer Interests,” granting big box merchants a collusionary antitrust exemption will have the opposite effect: less credit availability, higher prices, and reduced choice for consumers.

Miles points to the precedent of Australia, which saw credit-card fees rise after the government mandated lower interchange fees. But the post hoc ergo propter hoc argument is weak: For-profit card companies will naturally raise fees as much as they can no matter how much or how little money they make on interchange. It’s the same mechanism driving penalty rates of interest. And indeed the base case in the US is for a slow yet inexorable rise in interchange fees: One purpose of this legislation is to try and put an end to interchange-fee inflation (up 14% last year to about $48 billion, averaging an eye-popping 1.75% of total purchases).

Continue Reading at Seeking Alpha

Sheets to Offer First Data GO-Tag at 250 Locations

Sheetz Offers Latest Payment Technology from First Data
Submitted by PIN Payments Blog on June 25, 2009

The GO-Tag Contactless Payment Sticker to Be Introduced at All 350 Convenience Store Locations

DENVER--(AllPayNews.com)--First Data, a global leader in electronic commerce and payment processing services, today announced Sheetz, Inc. as a new customer of the First Data® GO-TagTM payment technology solution. The GO-Tag solution is First Data’s latest innovation that allows consumers to make purchases simply by tapping their sticker on a contactless reader. Sheetz will begin to sell the First Data GO-Tag solution at all of its 350 locations across the U.S. by the end of July.

The First Data GO-Tag solution allows consumers to use contactless payment technology to make purchases easier and faster. The GO-Tag solution deployed by Sheetz is configured as an open-loop, reloadable prepaid payment sticker and can be used wherever Visa payWave is accepted. For those merchant locations that do not accept contactless payments, the GO-Tag solution includes a separate magnetic-stripe Visa prepaid card.

“We are pleased to partner with Sheetz on providing consumers a more innovative way to pay for their purchases,” said Barry McCarthy, general manager of Mobile Commerce and Point of Sale Solutions at First Data. “With First Data’s GO-Tag solution, Sheetz customers no longer have to carry cash or go through the hassles of storing loose change. By simply tapping their GO-Tag on a contactless reader, the transaction is completed instantly – no waiting or signature required.”

Sheetz convenience stores operate 24 hours a day, 365 days a year throughout Pennsylvania, West Virginia, Maryland, Virginia, Ohio and North Carolina. As one of America’s fastest growing convenience store chains, Sheetz is committed to using technology to enhance the customer experience whether it is their award-winning menu items ordered through unique touch-screen order points, Wi-Fi access in most locations, or contactless payment options at the pump.

“We are always looking for ways to improve the in-store experience for our customers by making purchases faster and more convenient,” said Louie Sheetz, executive vice president, Sheetz marketing. “This new GO-Tag technology will make things easier for customers, as well as for our store employees. We are excited to be among the first retailers to implement this system.”

Innovations in contactless technology are creating new payment form factors for consumers and furthering the migration of payments from paper to electronic. The GO-Tag solution can virtually eliminate the need to carry cash for purchases. Consumers have the flexibility to place the contactless payment sticker on anything that they routinely carry, such as an employee badge, student ID or other personal item. To learn more about the First Data GO-Tag solution, go to www.gotag.com.

About Sheetz

Established in 1952 in Altoona, Pennsylvania, Sheetz, Inc. is one of America’s fastest growing family-owned and operated convenience store chains, with more than $4.9 billion revenue for 2008 and more than 12,000 employees. The company operates more than 350 convenience locations throughout Pennsylvania, West Virginia, Ohio and North Carolina. Sheetz provides an award-winning menu of MTO® subs, sandwiches and salads, which are ordered through unique touch-screen order point terminals. Sheetz currently ranks 82nd on the Forbes list of largest private companies and has ranked for seven consecutive years on the list of Best Places to work in Pennsylvania. All Sheetz convenience stores are open 24 hours a day, 365 days a year. For more information, visit www.sheetz.com.

About First Data

First Data powers the global economy by making it easy, fast and secure for people and businesses to buy goods and services using virtually any form of electronic payment. Whether the choice of payment is a gift card, a credit or debit card or a check, First Data securely processes the transaction and harnesses the power of the data to deliver intelligence and insight for millions of merchant locations and thousands of card issuers in 36 countries. For more information, visit www.firstdata.com.

Contacts

Media Contacts:
First Data
Elizabeth Grice, 303-967-8526
elizabeth.grice@firstdata.com

GO Tag, First Data, Sheetz

From The Street

: Mad About Options: The Master of Cards

The Mad About Options crew discusses FastMoney's take on Mastercard and offers options strategies for traders and investors.

HSBC Bringing Biz Banking to iPhone

Summary:

Global bank HSBC is now offering its business internet banking services to UK customers using the Apple iPhone and iPod Touch.

HSBC claims to be the first financial institution to offer this type of service on these mobile devices in the UK. The bank launched the service for BlackBerry devices in October last year.

Thanks to the new service, the bank's 325,000 business internet banking customers with an iPhone or iPod Touch can securely monitor their financial transactions, make payments of up to £100,000 per day, apply for overdrafts and set up and manage pensions.

Continue Reading at Silicon.com

HSBC, iPhone, Business Banking

RFID Allows V/MC to Track Users - That's LBS

RFID-Enabled Phones Could Let Credit Card Companies Track Users | Threat Level | Wired.com

RFID-Enabled Phones Could Let Credit Card Companies Track Users | by Kim Zetter | Wired.com

An Ericsson executive says all new mobile phones sold in 2010 will include an RFID chip that will allow owners to open their car or house door with their phone. A handy feature, no doubt, for some people. But the executive says the chip might also be used by credit card companies to track the location of cardholders to cut down on fraud.

Håkan Djuphammar, vice president of systems architecture for Ericsson, speaking at a conference in Stockholm this week, said credit card companies could make use of mobile user location data and IP mapping to determine if the owner of a card is in the same location where a card transaction is taking place.

Continue Reading

RFID, LBS, Location Based Services, Visa, MasterCard, Ericsson, mobile phones, mpay

Social Networking Can Cost You

Users of social network sites may be far more vulnerable to financial loss, identity theft and malware infection than they realize, according to new research from Internet security firm Webroot.

The research consulted over 1,100 users of the most popular social network sites, including Facebook, LinkedIn, MySpace and Twitter.  Here's the Press Release:

Webroot® Survey Reveals Social Networkers’ Risky Behaviors

Two-thirds share personal information with strangers – knowingly or unknowingly

Members of online social networks may be more vulnerable to financial loss, identity theft and malware infection than they realize, according to a new survey from Webroot, a leading provider of Internet security software for the consumer, enterprise and SMB markets.

Surveying over 1,100 members of Facebook, LinkedIn, MySpace, Twitter and other popular social networks, Webroot uncovered numerous behaviors that put social networkers’ identities and wallets at risk. Among the highlights:

• Two-thirds of respondents don’t restrict any details of their personal profile from being visible through a public search engine like Google;
• Over half aren’t sure who can see their profile;
• About one third include at least three pieces of personally identifiable information;
• Over one third use the same password across multiple sites; and
• One quarter accept “friend requests” from strangers

“The growth of social networks presents hackers with a huge target. The amount of time spent on communities like Facebook last year grew at three times the rate of overall Internet growth,” said Mike Kronenberg, chief technology officer of Webroot’s Consumer business. “Three in ten people Webroot polled experienced a security attack through a social network in the past year, including identity theft, malware infection, spam, unauthorized password changes and “friend in distress” money-stealing scams. The first step to staying protected is being aware of what the threats are and knowing how to help prevent them.”

Social Networks Present New Opportunities for Cybercriminals
Cybercriminals employ various types of trickery and malware to capitalize on risky behaviors. One common tactic is phishing, which hackers use to entice victims into downloading an infected file, visiting a disreputable site outside the social network, or wiring money to a “friend in distress.”

In recent months, Webroot has seen an increase in these types of attacks on social networks, including “Trojan-MyBlot,” which targeted users of MyYearbook.com, and others targeting Facebook users including “Koobface” and several spread through the domains “mygener.im,” “ponbon.im” and “hunro.im.”

“Hackers lure users into taking actions they shouldn’t by making it appear as if a friend within their social network has sent them a message – only the message is from a hacker who’s hijacked the friend’s account,” continued Kronenberg. “We’ve seen instances where a salacious yet poorly worded message like, ‘This video of u is evrywhere’ includes a link that, when clicked, prompts the user to download a seemingly legitimate file which, once on your PC, can do a number of things -- spam your friends, monitor your online activity or record your personal information.”

Hackers can also use less sophisticated means to execute attacks on social networks: The Webroot survey respondents who reported experiencing identity theft, a hijacked account and unauthorized username or password changes may have been victimized by hackers who were able to access their profiles and guess their passwords based on the personal information they included.

Results indicate a general lack of awareness of the security risks on social networks and the tools available to protect personal information, as well as higher rates of risky behaviors exhibited by younger social networkers.

Social networkers make private information public:

• 80 percent allow at least part of their profiles to be searchable through Google or other public search engines; 66 percent don’t restrict any profile information from being visible through public search
• Over half (59 percent) of respondents aren’t sure who can see their profile
• Over one quarter (28 percent) accept friend requests from strangers; of those, one third (36 percent) do not cloak any of their profile information
• About one third (32 percent) include at least three pieces of identifiable information

Privacy concerns outweigh protective actions:

• 78 percent expressed some concern over the privacy of the information they share in their profiles
• However, 36 percent use the same password across multiple sites
• And 30 percent do not have adequate protection against viruses and spyware

Younger users take more risks – 18-29 year olds are more likely to:

• Use the same password across multiple sites (51 percent, versus 36 percent overall)
• Accept a friend request from a stranger (40 percent, versus 28 percent overall)
• Share more personal information that may compromise online privacy (67 percent share birth date, versus 52 percent overall; 62 percent share home town, versus 50 percent overall; 45 percent share employer, versus 35 percent overall)
• Experience a security attack (nearly 40 percent, versus 30 percent overall)

Tips for Safe Social Networking
Webroot recommends the following actions to protect privacy and prevent threats on social networks.

• Guard your personal information – Use privacy settings to restrict who can see your sensitive information, or consider omitting all personal information from your profile
• Be skeptical -- E-mails, friend requests, Web site links and other items from sources you do not know could be laced with malware
• Choose passwords wisely -- Use different passwords for each of your sites; select a randomized combination of numbers and letters
• Have antivirus and antispyware protection – Even if you think you’re not infected, scan your machine for dormant viruses with a free scan; and protect your PC with an Internet security suite that includes antivirus, antispyware, and firewall technologies
• Always install updates – If you’re already using antimalware software, be sure to install updates which include the latest malware definitions; do the same with updates to your operating system
• Even with security in place, remain vigilant – Malware authors are continually writing new programs to avoid detection, so pay close attention to suspicious behavior

Webroot offers several comprehensive Internet security solutions for consumers including Webroot® AntiVirus with AntiSpyware, and Webroot Internet Security Essentials. For more information about these and other products, please visit http://www.webroot.com/En_US/consumer.html.

ABOUT WEBROOT
Webroot, a Boulder, Colorado-based company provides industry-leading security solutions to consumers, enterprises and small to medium-sized businesses worldwide. For more information visit http://www.webroot.com/ or call 800.772.9383.

©2009 Webroot Software, Inc. All rights reserved. Webroot is a registered trademark of Webroot Software, Inc. in the United States and other countries. All other trademarks are properties of their respective owners.

Social Networking, Twitter, LinkedIn, Facebook, Webroot Software, Webroot Survey, ID Theft, Financial Data, social networks, Social Networking Can Cost You

PrePaid Card Regulation Next?

Should Prepaid Cards Be Regulated? - WSJ.com

By KRISTINA PETERSON

Credit cards, debit cards and gift cards are due to face tighter regulations in the coming months thanks to a new credit-card law signed by President Barack Obama, but one piece of plastic is flying under the regulatory radar.

Prepaid reloadable cards, payment cards that aren’t tethered to a traditional bank account, won’t get the same regulatory scrutiny under the recently enacted Credit Card Act of 2009.

Between 2003 and 2007, prepaid transactions jumped from less than $5 billion a year to somewhere between $39 billion and $113 billion, according to industry estimates

Consumer advocates want to change that. They are urging the Federal Reserve to strengthen guidelines affecting prepaid cards from companies such as Wal-Mart Stores Inc., Green Dot Corp., NetSpend Corp. and H&R Block Inc. while the Obama administration’s focus remains concentrated on regulating the credit-card and banking industries.

Unlike credit cards, prepaid reloadable cards aren’t covered by the federal statutes that protect credit-card holders from fraud or limit their losses when cards are lost or stolen. Though many prepaid card companies do offer some consumer protections, they do so voluntarily.

Though the new credit-card laws don’t oblige the Fed to weigh in on prepaid cards, it could choose to issue regulations. The Fed added consumer protections to payroll cards in July 2007, for example.

Continue Reading at the Wall Street Journal

Related articles by Zemanta:

• A Look at Details in The Credit CARD Act of 2009
• OneTXT lands $2M, takes on glutted virtual goods market
• Prepaid Cash Cards "Swipe your Dollars!"

Prepaid Cards, Green Dot, NetSpend, Regulation, Payroll Cards

Coupons.com eClips's '08 Numbers in First 5 Months of '09

Michelle Megna, from InternetNews.com writes that the sour economy has resulted in a boom for eCoupons which have eClipsed last years numbers already...

E-Coupon Use Growing at Rapid Clip

A whole new demographic is digging digital coupons, spurring huge growth in the online coupon category.
By Michelle Megna:

Online coupon sites saw strong growth for the month of May, signaling a trend being spurred on both by the recession as well as by the "modern" digital coupon demographic.

The coupon category posted a particularly strong month, surging 19 percent to 34.7 million visitors to lead as the top-gaining category in May, according to a comScore (NASDAQ: SCOR) study released today researching traffic at the top 50 Web properties.

Coupons Inc., which includes Coupons.com, captured the top position in the category with more than 15 million visitors, a gain of 85 percent from the previous month. Eversave.com ranked second with 3.8 million visitors, followed by RetailMeNot.com with 3.5 million visitors.

The news comes at a time when online coupon use is experiencing unprecedented growth, as a new generation of bargain hunters -- those who do not subscribe to newspapers or clip physical coupons -- turn to the Internet for the convenience and vast selection realized by the digital format.

Coupons.com just announced that in five months, the savings printed on its digital coupon network in 2009 surpassed the $313 million in value printed for all of 2008. In 2009, the value of savings printed increased 212 percent compared to the same period last year, according to the company...

Continue Reading

Related articles by Zemanta

• Kroger Won't Accept Coupons From ...Kroger? [Coupons] (consumerist.com)

Vitacost.com Latest to Accept eBillMe

Vitacost.com Expands Payment Option Offerings with eBillme

Online retailer is the latest to join the eBillme family of merchants, offering secure cash checkout.

eBillme(TM), the payment option that enables consumers and small businesses to use online banking to pay now and pay securely with available funds from their checking or savings accounts, welcomes Vitacost.com as the latest online retailer to offer shoppers the debt-free checkout option on their site. Now Vitacost customers have access to a new way to pay without credit, fees, or interest.


Vitacost.com is the Internet's leading retailer of vitamins, nutritional supplements, herbs, natural health, beauty, and organic products, offering shoppers wholesale prices on over 22,000 products from over 900 premium brands. Consumers of natural health products can save up to 80 percent off suggested retail price.

"Our customers value the quality of our products, our service, and our everyday low prices," says Ira Kerker, CEO of Vitacost. "eBillme helps us reach more consumers by offering our shoppers a secure way to pay for their purchases without credit. We are excited to be able to bring this new method of payment to our customers, and look forward to working with eBillme to meet our customers' needs for a cash checkout option."

"Vitacost helps consumers Live Longer and Save Money," says Marwan Forzley, President and CEO of eBillme. "We are thrilled to be a part of their site and to offer our debt-free payment option that helps consumers better manage their spending habits during this recession. eBillme meets the consumer need for a debt-free checkout option without any fees or interest, and with more security and protection. We continue to help online retailers attract customers and sales with secure cash checkout."

eBillme is easy to use. When shoppers choose the option at checkout, their order is confirmed with an eBill sent to their e-mail address. Consumers simply pay the eBill through their online checking or savings account--the same way they pay utilities, loans, and other bills. The transaction occurs securely, bank to bank, with no personal or financial information required or transmitted over the Internet.

Because shoppers pay directly from their online bank account, they don't release any financial information online. This helps consumers manage their spending and debt, while better safeguarding themselves from identity theft and fraud risks. eBillme's buyer protection program takes security a step further. Provided at no cost to shoppers and retailers, the buyer protection features have the same or better level of buyer protection than premium credit cards. Protection features include a return guarantee, price guarantee, in-transit protection, and fraud protection. Consumers can shop with confidence knowing their eBillme transaction is guaranteed and protected.

About eBillme
eBillme™ is the only online payment solution that extends the convenience of online banking to the merchant's checkout, reduces the security risks of shopping online, and enables merchants to increase sales while reducing transaction costs. No financial data is exposed and the payment transaction is securely transferred from the customer's bank to the retailer's bank. Consumers can shop online, by catalog or through call centers, and pay for their purchases at their bank, credit union, or bill pay portal using the security and convenience of online banking. eBillme gives retailers access to the over 110 million Americans who use online banking. For more information, please visit www.eBillme.com or eBillme's Online Debt-Free Shopping Mall, http://shopdebtfree.ebillme.com

About Vitacost:
Vitacost.com is a leading online retailer of nutraceutical, health & wellness products offering over 22,000 products from over 900 top brands at everyday discounts of up to 80 percent off MSRP. Vitacost.com provides 24 X 7 X 365 toll free customer service at 800-793-2601 and a 30-day money-back guarantee. Greater than 95% of orders ship the same day for the low flat rate price of $4.99. Vitacost.com is a proud member of the prestigious INC 500 Hall of Fame, recognized as a Top 500 Retailer by Internet Retailer, and consistently ranked by Nielsen as a top converting online retailer.

Source: Company Press Release

Related articles by Zemanta

• How to Capture $21B of Lost eCommerce Sales - Security (pindebit.blogspot.com)