Credit card fraud on rise, IT security thoughts
Software
ANZ and Westpac bank buildings on an appropriately drizzly day in central Adelaide, by Dodge 76 on Flickr
After reading the headline, I was expecting this news story from the ABC (Australia) to be about predatory lending,exploitation or other unwarranted behavior on the part of financial institutions. Alas no, it was a report on how people are becoming victims to people who steal their credit card information, not banks!
ABC News: Credit card fraud on the rise: report
By Online business reporter Michael Janda and staff
An industry report has identified a rise in the rate of internet and telephone credit card fraud.
Figures from the Australian Payments Clearing Association (APCA) show the credit card fraud rate was 45 cents per $1,000 in 2007, but in 2008 it had climbed to 53 cents.
There were very good points regarding why banks themselves don't in fact do more to prevent fraud which I encourage you to look at if you're interested.
Several comments though were about using your credit card to shop online, but they were mostly limited to discussing virus protection. I usually just click the "Agree" link next to comments because people on the ABC News website are generally more eloquent and succinct than I am, but this time I figured an explanation was in order.
Kudos to people saying they were expecting the article to be about exorbitant credit interest rates, I did too!
As for the technical question, virus protection and firewalls are only a tiny part of the equation. Especially if you run Microsoft Windows you absolutely MUST keep your system current with patches and security fixes. Viruses, worms and trojan horses (three very different beasts) take advantage of weaknesses that often have already been fixed but that people haven’t bothered to guard against. Confiker is the latest example of this.
There’s also the issue of “social engineering” where instead of blindly sending messages out to millions of addresses, they watch your online activity so they can gather enough information about you to send you an email as a trusted person who you may let your guard down for.
If you use Mozilla Firefox (anyone still using Internet Explorer is dumb, sorry that’s just accepted fact now) the SSL Blacklist plugin from CodeFromThe70s.org helps guard you against suspicious “secure” web authorities, and the “BetterPrivacy” plugin (just Google it) helps guards against the next generation of malicious cookie spying. The weakest part of any system though is the USER, so just stay vigilant and remember if something is too good to be true it usually is. Like those misleading “low balance transfer” advertisements!
In retrospect I shouldn't have called Internet Explorer users dumb. Some casual computer users may still not know, other people like my dad wish they could change but can't because their company machines can't be altered.
