Posted by John Kindervag on June 24, 2009
In the old days criminals like Robin Hood and Don Corleone had scruples. Remember when Don Vito stood up to Virgil "The Turk" Sollozzo and refused to become involved in the heroin trade? The Don stood for honor at the cost of a couple of bullets.
It seems that modern cyber criminals are more like Sollozzo. One disturbing trend seems to be the exploitation of nonprofits to enumerate valid credit card numbers. Recently, some nonprofits have been inundated with bogus, fraudulent donations. Typically the donations are small amounts, although larger donations have been seen. When the nonprofit organization goes to reconcile these transactions, they discover that the account is fraudulent. Unfortunately, these organizations may suffer from chargebacks as well as concurring the enormous effort involved in straightening this stuff out.
It appears that these credit card thieves are using the donation websites to try to determine which cards are valid and therefore, which numbers they can sell to their clients for more nefarious purposes.
If any of you have experienced something similar, we'd love to hear about it. Cyber crime is a fact of life in the Internet age, but targeting nonprofits and charitable organizations is beyond the pale. No one expects thieves to renounce their life of crime, but is just a little bit of honor too much to ask?