Aktnadmin
Grand Forks,#2UPDATE Employee
Wed, July 09, 2008
Amazon's Secure server has actually NEVER been compromised. Your theory is incorrect as well. Employees have NO access to ANY credit card information. Even when using the most sophisticated tools when updating the website, or dealing with associates accounts... Credit Card numbers are still blocked. Not one single person who deals with Amazon.com actually has access to full credit card numbers. The last person who ever sees the complete CC number is the person entering it in on the order, after that it is completely incripted even before you hit the place order button. It's disgusting that you bad mouth Amazon. What you are probably experiencing is what is called a one-click order. You most likely didn't even realize that you had done it. My THEORY: You were surfing the web and clicking on everything and ended up downloading a key logger which in turn recorded every single key stroke you made and then sold your info to the highest bidder. How do you like that conspiracy theory?
Leroy
Sacramento,#3Author of original report
Fri, August 03, 2007
THEORY: This scheme appears to involve a diversion of consumer credit card and bank debit card information by the employees of legitimate on-line internet merchandisers and the employees of other businesses who receive consumer credit card and debit card information. VIP Tune is an on-line internet MP3 download company located in Limassol, Cyprus. VIP Tune offered (and still does) a very lame mechanism over the internet to recruit affiliates who would then create internet links and sign up customers for VIP Tune. For each new free trial subscription the affiliate linked to VIP Tune, the affiliate was promised a $1.00 payment from VIP Tune and for each new paid download music subscription, the affiliate was promised an additional 10% rebate of the subscription sale. So, apparently consumer credit card and debit card information went south via employees from on-line merchandisers to VIP Tune affiliates (who may have been the employees themselves), who then misused the stolen/embezzled credit and debit card information to sign up the cardholders for bogus VIP Tune download subscriptions and earn the promised commissions from VIP Tune (at about $4 each). Maybe no sophisticated hacking technology was required to pull this off. What is amazing here, is the apparent lack of concern from the legitimate on-line merchandisers, who failed to secure their customers creit information, and the failure of these companies to make a quick response to this scheme. Unlike a lot of multi-layered internet fraud schemes, it wouldnt take very much diligent investigation to discover the identities of the people involved in this scheme at the various levels. Maybe real problem here is outsourcing? The legitimate on-line merchandisers have sent their customers credit identity information out of the country to cheaper labor overseas, and it is from there that it went south. Just try and reach the security unit for one of these heavily outsourced companies. s/Leroy