[Dshield] stolen credit card

Blake McNeill mcneillb at linklogger.com
Tue Jan 20 21:19:01 GMT 2004


Darren someone did your friend a real favour here.  Imagine if you didn't
know that the card was stolen and this message showed up, it would be a
chance to cancel the card and minimize the damage.  R.I.S.S. is a real site
at least and is located at http://www.riss.ro, but I believe is a company
and not a government organization.

This brings up a question that we were discussing the other day.  What do
you do if you come across a hacker or organization which is involved in
stealing of personal information such as credit cards?  What steps are
recommended?  Do you report this to anyone, and who would that be if the
'crime' doesn't occur in your country?  Are there any guidelines, policies
or such concerning this?  Also considering that there are limits as to how
large a crime has to be before it is acted upon by the authorities, how
would this affect your response or actions?

What brought this up was someone while investigating a hacker came across
tons of credit card numbers and such, but he was afraid that if he reported
them that he might be implicated as the hacker.  The actual hacker of course
would denies any knowledge or involvement (ie the cards were not on his
computer, but on one of his zombies) and the investigator could be left
holding the bag (as the old saying goes procession is 9/10 of the law).  The
person investigating this thought the hacker was just a script kiddie so his
original intent was to see what the kid was up to, but then came across the
credit cards.  So what do you do?  If your a known white hat its easier to
talk to the authorities (or you have contacts already within the various
agencies), but what if your hat is nonexistent or grey like this person's
was?

Blake


----- Original Message ----- 
From: "Darren" <darren at dshield.org>
To: <list at dshield.org>
Sent: Tuesday, January 20, 2004 1:36 PM
Subject: [Dshield] stolen credit card


> Fellow Listers-
>
> I have a colleague at the my bank who has had his credit card information
> stolen from his home pc.  He is aware of this and he and I have been
working
> to try and figure out where and when.  He then received an e-mail this
> morning that states the following:
>
> > > Good day Mr. Rxxxx Xxxxxx
> > > My name is Kenji Nurasaki, I am the director of R.I.S.S.(Romanian
> > > Internet Security Service).A couple of days ago I've just
> > > intercepted a IRC conversation betwen two kids.One of them gave the
> > > following to the other. The R.I.S.S. recomend that you change your
> > > Credit Card of block it.
>
> Following this was his credit card number, expiration date, and all
personal
> information.  I would like some advise on what to do and if this person is
> an actual person/company.  Thank you very much in advance.
>
> Darren
>
> _______________________________________________
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list