infosec-news October 2010 archive
Main Archive Page > Month Archives  > infosec-news archives
infosec-news: [ISN] Credit card 'flash attack' steals up to $500

[ISN] Credit card 'flash attack' steals up to $500,000 a month

From: InfoSec News <alerts_at_nospam>
Date: Thu Oct 28 2010 - 05:24:07 GMT

By Dan Goodin in San Francisco
The Register
27th October 2010

Credit card fraudsters may have pocketed as much as $500,000 over the
past month by pursuing a new type of attack that exploits a major blind
spot in payment processors' defenses, an analyst said.

The "flash attacks" recruit hundreds of money mules who go to ATMs
throughout the US and almost simultaneously withdraw relatively small
sums of money from a single compromised account, according to Avivah
Litan, vice president at market research firm Gartner, who follows the
credit card industry. They then move on to a new account. At the end of
the month, the heists can fetch as much as $500,000.

“The resulting cash transactions fly under the radar of existing fraud
detection systems — they are typically small amounts that don't raise
any alarms,” Litan blogged on Tuesday.

She has dubbed the method a “flash attack” because as much as $100,000
can be stolen in as little as 10 minutes.


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.