|
|||||||||
| . |
|
||||||||
.Credit card holders beware!(August 31, 2005) Your credit card company should have warned you by now. That you shouldn’t be talking to strangers you meet on the Internet about your card, your card number and most importantly, your password or secret PIN. But should you be talking to your credit card company when they pop up in your emails and ask you for your password? And should you say no, if they are asking for your password so you can join a special company-sponsored contest where you can very easily win a million pesos (or a few thousand dollars) if you simply sign up now? Tempting, right? But not advisable. This time the familiar face or logo of your credit card company or bank appearing in your email might just be your cyberwolf in disguise. And sure enough, it is. Banks will not ask for your password by email. And certainly, you should not provide any password or confidential information to your credit card company via email. According to Tito Basa, Information Security Officer of BancNet, every bank strictly advises its clients and depositors not to disclose their passwords and PINs to anyone. And anyone asking for your password via email or a pop-up web page surely is subject to doubt and scrutiny. Even if it looks like it is coming from your friendly credit card company. This cyber-disguise is termed as “Phising.” The Phising technique is a replicable ruse that makes the target user or victim believe that the e-mail originates from his own bank or credit card company. The unsuspecting victim is led to believe that the request for the password is legitimate since the email is complete with the company’s logo and other legalities. Does this scheme work? The answer is mostly no! But with the few (a few thousand) that do fall trap to this scheme, the scammers rake in millions of dollars considering the number of card holders around the globe. The banks have taken as much precautionary measures as is possible. Credit card holders would have by now received in their mails warnings from the banks of this scheme or scam. The problem is that many people just don’t take the time to read and read carefully notices of this sort. In most cases of this sort, the card holder may not be required to pay for purchases that are falsely made using his or her credit card data, but the victim status, shifts to the merchant who is out the amount purchased, as surely, he will not be able to recover his lost sale. What can card holders and merchants do? Knowing about such shenanigans is one thing, Making sure that necessary precautions are taken to prevent the premeditated misuse of credit cards is another. According to Jun Malacaman, President of the Information Systems Security Society of the Philippines (ISSSP), all concerned should be security conscious and aware of such and other similar threats and treacheries on the Internet if they are to minimize their losses due to online fraud. “Today, people using their computers on the Internet, do not just have to contend with worms and viruses, they also have to be wary about various schemes that can take, not just their information, but their life’s savings as well” says Malacaman. To spread the word about computer information security and how companies can protect themselves from such threats and risks to their systems data and information, the ISSSP, in cooperation with the Commission on Information and Communications Technology (CICT) and Microsoft Philippines convenes a Philippine IT Security conference and exhibit yearly to promote security awareness to the computer using community. This year’s event is dubbed “ManilaCon 2k5: privacy@risk” and will be held on September 13 and 14 at the Hotel Intercontinental in Makati. Among the major sponsors for this year’s event are TippingPoint, Computer Associates, Symantec and Bitstop Network Services. ISSSP is an organization of security concerned professionals that have banded together to promote awareness to the computer-using community on the importance of being security conscious and watchful when it comes to protecting one’s information and privacy when using computers. A special session on credit card fraud is included in this year’s program. |
||||||||
|
||||||||
