Page 8 - GS190301
P. 8

ReadersSpeak




        The phishing scourge                                                       However, due to shorter staffing from
                                                                                   Dec. 23 through 25, the merchant was
                 an Powers sent in the following about phishing attacks that disrupted   not notified until  their  customers
                 sales during the year-end holidays, causing extreme upset for mer-  began calling them on Dec. 26,
                 chants she serves. "I am an MLS and an independent contractor. Two   unable  to  process  online  sales.  The
        J of my merchants were victims of phishing attacks in December: one        merchant then contacted our help
        on Dec. 23 was for 20,000 fraudulent auth attempts. The TID was cloned, and   desk, who conferenced in AuthNet
        a fake account was created to test credit card account numbers ‒ or so it was   to have the SIC changed. I think
        explained to me.                                                           the resolution was prompt. But the
                                                                                   merchant is ANGRY they were
        "I am looking for more info on phishing in our industry. My processor caught it   not contacted on Dec. 23 when the
        within hours, shut down the account and created a different SIC.           phishing was discovered.

                                                                                   "I did not see any recent articles on
                                                                                   phishing when I searched The Green
                                                                                   Sheet site. Our tech staff was called
                                                                                   to work on their laptops from home
                                                                                   Dec, 24, so I don't think another
                                                                                   processor would have handled it any
                                                                                   better than we did."
                                                                                                          Jan Powers
                                                                                       Independent Merchant Services
                                                                                                 Specialist since 1997

                                                                                   Jan,

                                                                                   Thank you for recounting this
                                                                                   upsetting experience. Protecting
                                                                                   our    payment    systems    from
                                                                                   phishing and other attacks is of
                                                                                   paramount  importance.  It  looks
                                                                                   like you did an excellent job in
                                                                                   handling the event. Here's a link
                                                                                   to one of our most recent articles
                                                                                   on phishing:  www.greensheet.com/
                                                                                   emagazine.php?story_id=5911&search_
                                                                                   string=phishing.  Additional articles
                                                                                   that mention phishing can be found
                                                                                   here:     www.greensheet.com/search.
                                                                                   php?node=processSearch.

                                                                                   We will delve further into how the
                                                                                   payments industry can address these
                                                                                   and other types of attacks since data
                                                                                   security and uninterrupted service
                                                                                   are critical not only to merchants,
                                                                                   but also to payment businesses and
                                                                                   the entire financial system. Expect
                                                                                   further coverage as we endeavor to
                                                                                   stay abreast of developments.
                                                                                   Have you been victimized?

                                                                                   Have your merchants been attacked
                                                                                   by criminal hackers? Tell us about
                                                                                   this or other compelling issues at
                                                                                   greensheet@greensheet.com.






        8
   3   4   5   6   7   8   9   10   11   12   13