Tags: US | TEC | Finding | Online | Fraud

Internet Sleuths Get New Way to Report Stolen Data

Thursday, 17 Jun 2010 10:35 AM


  Comment  |
   Contact Us  |
|  A   A  
  Copy Shortlink

A new program being spearheaded by Microsoft Corp. is designed to provide a trusted way for researchers to report stolen credit card numbers and other data they've found in the dark corners of the Internet.

Establishing that link is important because when a researcher finds stolen data, it can be hard to convince a bank or another affected institution that the data is legitimate. The lost time can mean the difference between someone's identity being used for fraud, and stopping a fraud before it occurs.

The program Microsoft is spearheading could greatly help researchers deal with data they've found online and submitted to affected companies, said Dan Clements, former president of CardCops, which specializes in tracking down stolen payment card numbers online.

When researchers find card numbers being sold or hawked online, "We send it to everybody immediately. We send it to companies, the government, the consumer — it's a blitzkrieg. That way they have all the intel and can act accordingly," he said. "You could call it scattershot. It's the only way you can assure that we've done our job. But we have no way of knowing it's effective."

Clements said the speed of the new program — how quickly it leads to notifications for affected institutions and consumers — will be key to whether it is successful.

Some merchants and gambling websites have tried similar programs in the past. They created databases of stolen cards against which they'd check transactions, Clements said. But the programs fell apart, partly because the companies didn't work well together without a middleman, he said.

The new program is being managed by the National Cyber-Forensics & Training Alliance, a nonprofit organization focused on cybercrime. Other participating organizations include the American Bankers Association and eBay Inc.

More banks, retailers and Internet security firms will be added as they sign up and are vetted by a third party.

Nancy Anderson, Microsoft's deputy general counsel, said in an interview that the idea for the program came from problems Microsoft security researchers encountered in their attempts to alert banks and online retailers to fraud they've discovered.

"When these kinds of credentials are stolen, they may not get used immediately, so the goal here is to get the information to the institutions quickly, quickly, quickly, so the appropriate action can be taken before the damage is done," she said.

Clements said that one weakness of Microsoft's program is that it won't allow people to anonymously submit what they've found, which could discourage whistleblowers from coming forward.

He cited an example from CardCops that involved an insider at an e-commerce company who discovered his company was hacked and lost 50,000 credit card numbers. The employee said management threatened to fire him if he disclosed the breach. Clements said CardCops allowed the employee to disclose the breach anonymously and sent the information to the banks and the government.

© Copyright 2014 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

  Comment  |
   Contact Us  |
  Copy Shortlink
Around the Web
Join the Newsmax Community
>> Register to share your comments with the community.
>> Login if you are already a member.
blog comments powered by Disqus
Retype Email:
Zip Code:
Hot Topics
Follow Newsmax
Like us
on Facebook
Follow us
on Twitter
Add us
on Google Plus
Around the Web
You May Also Like

Space Station Gets Easter Delivery of Food, Supplies

Sunday, 20 Apr 2014 15:42 PM

A Space Exploration Technologies' cargo ship made an Easter Sunday delivery of food, science experiments and supplies to . . .

Obamacare Enrollees Urged to Change Passwords over Heartbleed Bug

Sunday, 20 Apr 2014 10:55 AM

Americans with accounts on President Barack Obama's health insurance enrollment website, HealthCare.gov, were advised th . . .

Dragon Supply Capsule Reaches the Orbiting ISS

Sunday, 20 Apr 2014 10:35 AM

The unmanned Dragon capsule from the private US firm SpaceX successfully reached the International Space Station Sunday, . . .

Newsmax, Moneynews, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, NewsmaxWorld, NewsmaxHealth, are trademarks of Newsmax Media, Inc.

America's News Page
©  Newsmax Media, Inc.
All Rights Reserved