Credit Card information theft has always been a worry to their users, a worry multiplied by the internet and online shopping. Users have often been haunted by ‘scare stories’ of data being intercepting and their details getting hi-jacked to purchase goods illegally online. Supposedly, SSL technology and encryption on websites solved this issue, and to a large extent it has.
However, that’s not to say that the problem has been completely wiped out. It’s not that un-common to see mainstream newspapers reporting that it is easy to get stolen credit card details online. As a 'well-informed' techie and web user, one can usually disregard this as a journalists padding out articles with a piece of spice. Yet is this really the case? We decided to look into the validity of claims like this, and investigated exactly how hard it is to get credit card information over the web. The worrying answer we found: not very.
Many news outlets reported earlier this week that via the world's most popular search engine, Google, one could easily harvest credit card numbers using it's advanced search tricks; with a little investigation, Within 5 minutes and a bit of researching on the search giant, Neowin uncovered these queries and managed to exploit them to the extent that we were able to find literally hundreds of credit card numbers, along with their owners names and addresses. The information in many cases contained the ‘added security feature’ that is the 3 digit CVV code, recently introduced to add another layer of security to the online purchase process. One of the sites we uncovered, with a sizable list of numbers and details, was hosted on popular free Invision forum host, invisionfree.com.
Using advanced Google searches and easily available information on the format and structure of various credit cards (easily found on Google), we, and potentially more malicious web users, were able to find not only MasterCard information but a wide variety of card types such as Visa; somewhat disconcerting.
So what practically can be done? We contacted the hosts of a few the sites involved informing then that they were hosting credit card details. However, with many sites it's pretty in-practical and in-effective to deal with it in this manner. Neowin would urge it's readers to practise responsible and conservative use of their card details online; ensuring they use it only on trusted sites only, and sites which offer secure transactions (look for the padlock in your browser). Importantly, it helps to tell other more vulnerable people about the potential for scams on the internet – e.g. parents, new users to the web. Teaching people these dangers is really the only effective way to combat a growing and worrying issue.
View: Example of just one the sites we found
View: Google : Gateway to Credit Card Piracy? | Advice on Fraud
However, that’s not to say that the problem has been completely wiped out. It’s not that un-common to see mainstream newspapers reporting that it is easy to get stolen credit card details online. As a 'well-informed' techie and web user, one can usually disregard this as a journalists padding out articles with a piece of spice. Yet is this really the case? We decided to look into the validity of claims like this, and investigated exactly how hard it is to get credit card information over the web. The worrying answer we found: not very.
Many news outlets reported earlier this week that via the world's most popular search engine, Google, one could easily harvest credit card numbers using it's advanced search tricks; with a little investigation, Within 5 minutes and a bit of researching on the search giant, Neowin uncovered these queries and managed to exploit them to the extent that we were able to find literally hundreds of credit card numbers, along with their owners names and addresses. The information in many cases contained the ‘added security feature’ that is the 3 digit CVV code, recently introduced to add another layer of security to the online purchase process. One of the sites we uncovered, with a sizable list of numbers and details, was hosted on popular free Invision forum host, invisionfree.com.
Using advanced Google searches and easily available information on the format and structure of various credit cards (easily found on Google), we, and potentially more malicious web users, were able to find not only MasterCard information but a wide variety of card types such as Visa; somewhat disconcerting.
So what practically can be done? We contacted the hosts of a few the sites involved informing then that they were hosting credit card details. However, with many sites it's pretty in-practical and in-effective to deal with it in this manner. Neowin would urge it's readers to practise responsible and conservative use of their card details online; ensuring they use it only on trusted sites only, and sites which offer secure transactions (look for the padlock in your browser). Importantly, it helps to tell other more vulnerable people about the potential for scams on the internet – e.g. parents, new users to the web. Teaching people these dangers is really the only effective way to combat a growing and worrying issue.
View: Example of just one the sites we found View: Google : Gateway to Credit Card Piracy? | Advice on Fraud
Other exciting features include the original Intellivision TV commercials, never-before-released games, “radical” game modes, and two exclusive historical documentaries featuring interviews with the Blue Sky Rangers, the name given to the original Intellivision game programmers. The pizza arcade also features a jukebox that plays music inspired by the Intellivision console and many of its games.
“We’re excited to have Intellivision Lives! available for everyone,” said Keith Robinson, president/co-founder of Intellivision Productions, Inc. and an original Blue Sky Ranger. “Now gamers can enjoy their favorite Intellivision games on the three most popular gaming consoles! Intellivision Lives! is more than just a game collection. With all these extra features, the games have taken on a new life for a new generation of video game players.”
Intellivision Lives! comes loaded with more than 60 of Intellivision’s classic games including:
· Astrosmash
· Baseball
· Basketball
· Buzz Bombers
· Football
· Golf
· Hockey
· Hover Force
· Motocross
· Night Stalker
· Pinball
· Shark! Shark!
· Skiing
· Snafu
· Space Armada
· Space Battle
· Space Hawk
· Star Strike
· Sub Hunt
· Thin Ice
· Thunder Castle
· Tower of Doom
· Vectron
· Volleyball
· Wrestling
· And many more!!
Intellivision Lives! was developed by Realtime Associates, the software firm founded by David Warhol, another Blue Sky Ranger. Realtime Associates produced all the original Intellivision games published by INTV Corp. in the mid- to late- 1980s. Intellivision co-founders Robinson and Stephen Roney were involved in each stage of development to ensure that the design and game emulation are faithful to the original Intellivision system.
Published and distributed by Crave Entertainment, Intellivision Lives! (MSRP $19.99) for the Nintendo GameCubeÔ will be available this fall through mass merchants and online retailers nationwide. Intellivision Lives! is also currently available on the Sony PlayStation®2 computer entertainment system, and the Xbox® video game system from Microsoft.
Last edited by 48274 on 05 Aug 2004 - 18:20
it all comes down to the ignorance of the end user. google's technology is just doing what it's supposed to, and can't control what it spiders. people need to learn what they are really doing on the internet with their information.
edit: I found that site within 2 minutes of reading this article the between numbers thing does a job 1 + 15 zeros to 9999 9999 9999 9999
lol
and why did it take you 2 min to find it?
err, just type the name + the word ccv/amex
But for the most part, online purchasing is just about the same risk as swiping your debit/credit card at the store. They can be stored in the same databases too. Also offline someone could easily keep the copies (yes some gateway providers still give the option to show all data on the transfer receipt so they can have a backup copy).
Something should be done about this though. The internet is not secure in the least bit. I've saw people using my forum system (and people have contacted me as for help), and sometimes the sites are hosted on their own servers, which is very dumb because their IP can be traced most easiestly to their ISP, which I always recommend those people do -- contact their ISP. I've done this several times, as has someone else I know (and the ISP sent a warning to the user of the action, and the problems stopped).
All that can be done, is reporting this type of activity to users ISPs, and then reporting those IP address to the FBI and/or the credit card company that has that number (as some would love to get into some sort of legal action against such people).
Ha Ha!
Even though the board closed the thread, you can still see the cached version on Google.
Aren't you glad we have Google?
People who commit crimes like this oughta be castrated.
For those ... they need ... years in the prison (like more than 5, more like 20).
Did Google uncover/decode this information, or did Google just find a post from a forum that contained a user posting his details?
From the screenshot, it seems that all Google did was find the relative keywords. If anything, the idiotic poster of the topic should be blamed.
Last edited by 22927 on 06 Aug 2004 - 08:46
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.