nsored Links
-->

Saturday, January 27, 2018

Credit card hijacking

Black Hat Hacking Archives - Ethical Hacking Tutorials - Learn ...
src: www.ethicalhackingtutorials.com

Credit card hijacking is a form of credit card fraud and the term is used when a person's credit card is used by some unauthorized person (e.g. a thief or overaggressive vendor) to buy goods or services. The credit card owner usually has trouble reasserting control over the card, because usually they don't find out immediately, and the owner must distinguish legitimate purchases from illegitimate in a credible manner.


Video Credit card hijacking



Identity theft

The first form of credit card hijacking is basically identity theft, which is the deliberate assumption of another person's identity. Identity theft is usually the result of serious breaches of privacy and often involves the victim compromising a great deal of financial and personal information allowing the thief to charge an existing credit card account or open up new credit card accounts in the name of the victim. Traditionally, methods of identity theft for credit card hijacking have involved mail interception or skimming of credit card data. As online transaction volumes increase, new methods for hijacking identities for credit card fraud include phishing and the use of spyware and botnets.


Maps Credit card hijacking



Cancellation barrier

The second form of credit card hijacking is the continued charging of a person's credit card for a subscription to goods or services no longer desired by the credit card owner. This type of credit card hijacking was pioneered by major ISPs, credit monitoring services and online dating services, is perfectly legal, and is still common today in a wide range of subscription based goods and services. Credit card hijacking of this type came about as online subscription based marketers realized that traditional subscription systems, such as the annual subscriptions that paper magazines use, were an impediment to enrolling customers. A typical dial-up ISP, at US$24.95 per month, is US$299.40 annually. By breaking the subscription period into small units like months or quarters, and allowing direct monthly charging of the subscriber's credit card, the psychological and economic barriers potential subscribers see are greatly reduced.

The issue which makes one subscription system a hijacking of the credit card is not the mode of entry into the subscription nor the billing interval, but the marketing organization creating barriers for the user to easily cancel the subscription. Organizations which use credit card hijacking as part of their marketing strategy make online registration for the subscription easy, enforce default automatic renewal policies, and create barriers to halting the subscription. (This is in contrast to traditional subscription based system such as paper magazines where the subscriber has to periodically proactively reauthorize the subscription, hence the default is to not renew.) The most common subscription exit barrier is to not provide any online subscription cancellation mechanism at all, but to instead require the user to cancel by telephone or by "on-line chats". Such organizations often add the additional barrier of making any subscription cancellation information difficult for the user to even find, thus creating an additional delay in the subscription cancellation. This is very common amongst ISP's, who know the psychological barrier to making the call, which the subscriber anticipates will be unpleasant, is very high. It also allows the marketing organization to talk the subscriber into changing their minds and not cancelling the subscription. Another common subscription cancellation barrier is to have a relatively long subscription period, a no refund policy, and to require the user upon cancellation to forfeit all money covering the present subscription period. This is very common amongst online dating services.

This second form of credit card hijacking was created by marketers who recognized that subscription based services generally have relatively low periodic billing amounts which will generally go unnoticed on any given credit card statement. So what happens is that long after the user loses interest in the subscription, they forget to cancel the subscription and because the periodic billing is so low, they don't tend to notice it on their credit card statement.

A simple solution to this problem is to phone the credit card company, request a new card with a different account number, and cancel the previous account. They will transfer the debt amount from the old account to the new account.


How Hackers Hack your ATM Card Password in 2017? [EXPLAINED]
src: i1.wp.com


Negative option billing

Negative option billing is the practice of sending goods automatically and billing the recipient unless the recipient is proactive in declining the goods before they are sent. Negative option billing reverses the usual direction of sales transactions. It assumes that unless you say 'no', you've agreed to have bought the goods. This is the common practice used in book clubs, record clubs, and magazine subscriptions with automatic renewal. Some practitioners of negative option billing prefer to call it "advance consent marketing".


Like Uber, But For Credit Card Fraud
src: images.fastcompany.net


Billing for membership rather than services

If a customer cancels services provided by a vendor, the vender would be committing fraud if they bill for services not provided (for example internet access). Some venders avoid this problem by billing monthly for a "membership", even though no services are used by the former customer. By retaining the membership number in an active status, the vendor makes it difficult for the customer to prove that the membership was cancelled.


Credit card - Wikipedia
src: upload.wikimedia.org


See also

  • Credit card
  • Credit card fraud

bank hacked | Hacking | Cyber Security
src: 1.bp.blogspot.com


References


Amazon.com: Safety Sleeves RFID Protectors Credit Card & Identity ...
src: images-na.ssl-images-amazon.com


External links

  • "How hard can it be to cancel an AOL account?" -- One man's frustrating call, caught on tape, resounds in the blogosphere
  • "Negative Option: When No Means Yes"

Source of the article : Wikipedia