The Green Sheet Online Edition
March 11, 2019 • Issue 19:03:01
The phishing scourge
Jan Powers sent in the following about phishing attacks that disrupted sales during the year-end holidays, causing extreme upset for merchants she serves. "I am an MLS and an independent contractor. Two of my merchants were victims of phishing attacks in December: one on Dec. 23 was for 20,000 fraudulent auth attempts. The TID was cloned, and a fake account was created to test credit card account numbers ‒ or so it was explained to me.
"I am looking for more info on phishing in our industry. My processor caught it within hours, shut down the account and created a different SIC.
However, due to shorter staffing from Dec. 23 through 25, the merchant was not notified until their customers began calling them on Dec. 26, unable to process online sales. The merchant then contacted our help desk, who conferenced in AuthNet to have the SIC changed. I think the resolution was prompt. But the merchant is ANGRY they were not contacted on Dec. 23 when the phishing was discovered.
"I did not see any recent articles on phishing when I searched The Green Sheet site. Our tech staff was called to work on their laptops from home Dec, 24, so I don't think another processor would have handled it any better than we did."
Jan Powers, Independent Merchant Services Specialist since 1997
Thank you for recounting this upsetting experience. Protecting our payment systems from phishing and other attacks is of paramount importance. It looks like you did an excellent job in handling the event. Here's a link to one of our most recent articles on phishing: www.greensheet.com/emagazine.php?story_id=5911&search_string=phishing. Additional articles that mention phishing can be found here: www.greensheet.com/search.php?node=processSearch.
We will delve further into how the payments industry can address these and other types of attacks since data security and uninterrupted service are critical not only to merchants, but also to payment businesses and the entire financial system. Expect further coverage as we endeavor to stay abreast of developments.
Have you been victimized?
Have your merchants been attacked by criminal hackers? Tell us about this or other compelling issues at firstname.lastname@example.org.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.