Google Search Reveals Credit Card Numbers

Very sad indeed. Not to mention the fact that a lot of small businesses have no idea of how spyware and other nasties can wreck major havoc. Just another reason even small businesses need ITs.

 

Oh that's terrible!
A real privacy problem.

 

Good post Ronjor

Yet I doubt I would want to stop using my cc for on-line purchases.
One measure would be to make sure you cc. company has a full refund policy for on-line fraud etc.
Though not to say it's a dire situation

 

OH Great!! Thanks for the info, Ronjor, one of my cc accounts just sent me an e-mail about a statement. I called them - it wasn't them!
Glad I didn't fall for it, it looked just like the homepage, but, without the s in https, having Spoofstick has helped me alot and watching both top and bottom add lines.
I can't tell ya how many times before I came to Wilders' that I didn't know to look and found myself in some strange and scary places!
SpoofStick is a great little gimmick I got on Firefox, guess you could use it on anything, look it up if you want to be extra careful!

Marja

 

So many threats to privacy! I recommend using CC only at major sites and foregoing their use at small sites with their own merchant accounts. Take advantage of sites that use Paypal. Another good alternative - see if your CC company provides "one-time use" numbers that are given to you over a secure connection to VISA/Mastercard/Discover or whatever. You can get a number connected with your main account which is only good for a one-time use and only for 24, 48, 72 hours. Some will give you up to three numbers at a time. They are made available specifically for online use and if they're available with your CC account - jump to use them!

 

Hi John,

The disposable credit cards are a good idea. I don't think one should dismiss all small websites and label them all insecure. That would rule out the majority of companies on the internet and hurt the economy. Many small companies take security very seriously. Just because a company is large, does not mean they are more secure. Even without disposable cards, as far as the card number itself is concerned, the customer has a good amount of fraud protection. The Credit Card Banks set up the system so the merchant is the one who shoulders all the risk. Any problems, and they just do a charge back.
I think all companies, big and small, could learn a lot about security from Wilders. Perhaps a thread focussed on small businesses to boost their security with the emphasis on protecting customer data. Security for a small business should have a much higher "paranoia level" than the average user.

Just my thoughts.

 

You're right. It could happen anywhere. In fact, it has happened at major sites in the past. I shouldn't have been so absolute about small business.

You are right that there are personal protections from fraud through Visa and Mastercard. But we all shoulder the burden of fraud through increased prices passed along by business. Disposable numbers are the most secure way to transact business on the Internet - I'm a believer.

I agree about security at the enterprise level - no matter the size. I especially worry, again, about small business that cannot afford an IT department and try to rely on security designed for the home PC. It happens all the time. Wilders can help small businesses I agree, but business really needs people who are trained in enterprise security. Frankly, SANS and CSI and ISF and ISSA could be of more help to business.

 

That's true, guys, why aren't they (Issa,Csi,Isf,etc.) stepping up to help?

Utimately, what is good for a small business is good for the economy, not all people deal with big corporations, can or want to!

Until "man" changes his way of thinking, seeing forward movement for all, I don't see it happening. That doesn't mean a security forum for small business should not happen, it really should have already!!

That is a great idea! There are plenty of Business people on all security forums. Who is teaching us to use their progs? Business people!! They know they wouldn't be in business long if no one used or understood their progs! Plus, they work hard at all aspects! Business, security, implementation, customer Happiness!

It is going to take each person doing a little bit each day in their own way, to change things, to make helping out as exciting as well, pulverizing!?

Just talking all this out together gets our brains going towards new innovative ideas, the world really needs some, this old tired stuff "they" are still pushing, is whack, to put it finely!

So, good on you DeVinco, ideas like that are what the world or at least the people IN it need!

I can be such a chatterbox sometimes!

 

Thanks for the links luv2bsecure. There is a lot of very useful info in there. I think I'll spend some time there too.
While I find the articles very informative, it does not seem geared for the beginner crowd. I think the banks and credit card processors should step up to the plate as well. Merchants are paying them high fees for every transaction and taking all the risk. The LEAST they could do is provide adequate instructions on how to secure customers data with real world examples. Better would be actual training courses (online and real world) for security. The banks and processors are flush with cash and they know how to protect data.
Securing the customer's data can be complex, but it is not rocket science.

 

Thanks Marja!