RE: Stolen Card Purchases

From: Greg Reber (greg.reber@astechconsulting.com)
Date: 07/10/02


From: "Greg Reber" <greg.reber@astechconsulting.com>
To: "Jonathan A. Zdziarski" <jonathan@networkdweebs.com>, <incidents@securityfocus.com>
Date: Tue, 9 Jul 2002 18:43:03 -0700

Jonathon - try Mary Kimura, Infragard coordinator for the San Francisco FBI
office.

-greg

The information in this email is likely confidential and may be legally
privileged. It is intended solely for the addressee. Access to this email by
anyone else is unauthorized. If you are not the intended recipient, any
disclosure, copying, distribution or any action taken or omitted to be taken
in reliance on it, is prohibited and may be unlawful.

-----Original Message-----
From: Jonathan A. Zdziarski [mailto:jonathan@networkdweebs.com]
Sent: Tuesday, July 09, 2002 5:24 PM
To: incidents@securityfocus.com
Subject: Stolen Card Purchases

We've seen a significant increase in the number of stolen credit card
purchase [attempts] made on our website recently, and I'm wondering if
anyone has had very good experience in convincing any legal arm to take
action. We have sent three related incidents to the Secret Service, who
will not touch it unless there's at least $50,000 involved.
Unfortunately, most local law enforcement agencies are impotent at such
issues. We traced the first attempt back through an open proxy where
the administrator even sent us enough information to track him back to a
residential DSL line, but nobody's willing to put in even a little work
to go and subpoena the data and make an arrest.

We're getting pretty sick of having to feel "paranoid" when customers
purchase our products, so I'm hoping some of you may have had more luck
than I have thus far in dealing with such issues. Any creative comments
would be appreciated.

Jonathan A. Zdziarski
President
Network Dweebs Corporation
http://www.networkdweebs.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com



Relevant Pages

  • RE: A small quandary
    ... This list is provided by the SecurityFocus ARIS analyzer service. ... and tracking system please see: http://aris.securityfocus.com ... For more information on this free incident handling, management ...
    (Incidents)
  • Re: fbi.gov weirdness?
    ... > This list is provided by the SecurityFocus ARIS analyzer service. ... > For more information on this free incident handling, management ... > and tracking system please see: http://aris.securityfocus.com ...
    (Incidents)
  • Re: Code Red - A Possible Origin?
    ... > This list is provided by the SecurityFocus ARIS analyzer service. ... > For more information on this free incident handling, management ... > and tracking system please see: http://aris.securityfocus.com ...
    (Incidents)
  • Re: Code Red - A Possible Origin?
    ... > This list is provided by the SecurityFocus ARIS analyzer service. ... > For more information on this free incident handling, management ... > and tracking system please see: http://aris.securityfocus.com ...
    (Incidents)
  • RE: Port 113 requests?
    ... > This list is provided by the SecurityFocus ARIS analyzer service. ... > For more information on this free incident handling, management ... > and tracking system please see: http://aris.securityfocus.com ...
    (Incidents)