Online Classes For Stealing Credit Card Data?

Online Classes For Stealing Credit Card Data?

Secrets of the Dark Web

Cybercriminals can take an in-depth, six-week course of 20 lectures, in Russian, on Carding…learning how to steal credit card data from insecure databases or buy the data on the dark web.  They can also take information on emails and passwords leaked from other data breaches to access banking websites, buy vacation packages, gift cards, all within nine minutes after the information was posted online.

The class, more in-depth than most, was discovered on a deep web forum by Digital Shadows while investigating credit card fraud and criminal activity.  On one forum alone, more than 1.2 million card numbers were available for sale, nearly half of the numbers in the U.S.  While card hackers and sellers are based in Russia and Eastern Europe, the buyers are often here in the U.S.  Digital Shadows estimates $24 billion in credit card fraud next year.

Dark Web, A Simple Explanation

The Dark Web is a collection of thousands of websites that use anonymity tools like Tor and I2P to hide their IP address. While it’s most famously been used for black market drug sales and even child pornography, the Dark Web also enables anonymous whistleblowing and protects users from surveillance and censorship.See This article from Wired for more

How Can a Consumer or Business Reduce the Risk of Credit Card Data Theft?

  1. Place an alert on your credit card and bank for purchases less than $5 and more than $100…it is common for a thief to test the card by trying to process a small amount…usually less than $5
  2. Never give your pin number to anyone
  3. Never use the same password for your bank or credit card that you use for another website
  4. Confirm all communication is authentic such as phone calls or emails
  5. Do not click on links in suspicious emails
  6. When in question always contact the business or individual directly
Hacker Awareness and Internet Security

Hacker Awareness and Internet Security

Today more than ever it’s difficult to turn on your television, tablet, smartphone, or computer without being alerted that another attack on the internet is taking place. At times we hear about hackers taking control of millions of computers with the looming threat of shutting down hundreds of organizations or limiting access to consumer-owned devices. It seems as though it’s a daily routine. Don’t make yourself an easy target for a hacker.

Being hacker aware by making data security a priority to business owners and consumers alike; after all, we’re all someone’s customer.

What are we supposed to do and where do we start?

This is a good beginning to giving you an idea of where some of the faults can be found. Take a look at this interesting Cyber Risk Pressure Test provided by Traveler’s Insurance, to see where you stand. Guidelines like these can help you implement policies in your business, as well as being more conscientious when it comes to protecting the security of your own identity.

Knowledge Is Power Hacker Beware!

Navigating the road to safe payments is the first thing any business owner should be thinking about. Not just to protect your personal business assets but to secure sensitive customer data from being stolen and used fraudulently. The Payment Card Industry (PCI) has established a guideline for business owners to follow in order to protect themselves and customers from wrong doing.

The following is a sample of some shocking statistics compiled relating to businesses being hacked.

$20,752 the average cost to a small business due to hacking

60% of small businesses experienced a cyber breach

71% of hackers attack a business with under 100 employees

60% of small to medium sized businesses involved in a breach close within six months

69% of American consumers worry about the theft of their payment card data

Reference: PCI Security Standards

How To Reduce Your Risk

  • Always change default passwords to strong passwords that aren’t easy to guess ex. Fr0gHa!R95
  • Keep software up to date
  • Install and schedule regular virus scans
  • Encrypt data whenever possible
  • Protect any network connections, including wi-fi with a strong password

At Card Systems we not only provide our customers with the best and most secure means of payment processing, we also partner with our sister company eGuarded in order to provide the best guidelines outlining the hiring process.

 Our customers are our most valuable asset and so is your protection.  If we can help please call 866.207.3298 or email your questions

Flokibot – POS Malware

Flokibot – POS Malware

Flokibot – POS Malware

A new point of sale malware spotted in the wild named “Flokibot” is slowly making its way to point of sale systems worldwide. The Flokibot malware was found compromising several point-of-sale systems in South Amerca, explicitly Brazil. A limited number of reports have been received from merchants targeted in other areas of the globe. These stories stretch from Australia all the way to the United States.

Flokibot, first uncovered back in September of 2016 as specifically targeting financial systems like point-of-sale devices. This software uses many variants to bypass security screening and detection within these types of devices.

With the potential to spread much further than it already has Visa has issued best practices guideline for merchants to reduce their risk of exposure to the Flokibot malware. The following are a few bullets that may require an IT professional to help you implement from that release:

  • Maintain a patch management program, update all software, hardware, and firmware to most current release. These steps will limit the attack surface for zero-day vulnerabilities.
  • Educate employees about avoiding phishing scams and safely opening emails with attachments
  • Perform file integrity monitoring and alert on changes to explore.exe and svchost.exe processes on endpoints.

Chip and pin cards are harder to steal data from for potential hackers. Adoption of Chip and Pin technology is strongly recommended for merchants who have not updated their technology. Retailers should work with their IT professional to be aware of and execute the Payment Card Industry Data Security Standard (PCI DSS) to enhance security at each location further.

Safer Transactions

This malware is further reason why merchants should be diligent in adopting chip and pin technology. This technology makes it harder for fraudsters to steal consumer information. Card users should also be aware of the protections that technology provides them.

Consumers should also be wary of email requests for credit card information, using credit cards in lesser known non-reputable stores, and subscribe to bank transaction updates to further increase their personal payment security.

The Recent Chipotle Breach


Did Malware Compromise the Point Of Sale System?

Chipotle Mexican Grill is just one more large scale merchant to report a possible data breach in its point of sale system. According to a Chipotle representative, the company recently discovered unauthorized activity on the network that supports payments in its over 2,000 restaurants. The investigation focuses on transactions processed between March 24th and April 18th of this year. The organization believes it has stopped the suspicious network activity.  Furthermore, it has notified card networks, in turn, they will notify issuing banks who will notify any affected customers.

Could this have been due to a malware variant of Flokibot?


Boat Theft

Boat Theft


I recently got my hands on a Soundings Trade Only Aug. 19th newsletter for Boat Dealers.  It stated that Florida ranks highest among all 5O states in the number of boat thefts. Tampa only second to Miami. I guess I wasn’t surprised since Florida has the best weather to provide boaters with the luxury of boating year round. A woman in Tampa had her boat stolen right out of her drive way one night and her bedroom window was right next to it. She never heard a thing. She had a tire boot she normally protected her boat with but that evening didn’t apply it. I guess the security system you’re using is only as good if you use it. For all these boats I see parked in driveways up and down the streets it would be so easy to just drive up, hook that trailer to a vehicle and take off. These thieves are professionals.  Don’t think for one minute they aren’t waiting for Human error to get their hands on your valuables.

Individual boat owners are not the only targets. Boat Dealers are as well. These dealers think that security camera is going to protect them, well not if someone paintballs it out. Even then, have you seen the grainy visuals in the footage of those things? What if they are wearing masks? Where does that get you? A Dealer experienced just that, however now that Tattletale has come to the rescue he can rest assure his assets will be protected.

We are so excited to be doing our first Trade Show at the Tampa Convention Center Oct. 2-4, 2015. This will enable us to enlighten all the Dealers and Attendees of a more secure means of protecting their boats. See you there!

Data Breach Projections

Data Breach Projections

According to Forrester’s 2015 Planning for Failure report, at least 60% of enterprises will discover a breach of sensitive data during 2015. Follow these 5 quick tips to protecting your business.

1. Change passwords frequently.

2. Tokenize transactions when possible.

3. Never store complete cardholder data.

4. Background every employee who handles cash and credit cards.

5. Never disclose confidential information over the phone (ie cardholder information, batch information).