Questions tagged [fraud]
Fraud is wrongful or criminal deception intended to result in financial or personal gain. It is one of the challenges to organisations that Information Security tries to prevent.
147
questions
0
votes
0
answers
51
views
Best Practices re: changing email address post fraud
Scenario: Successful fraud attempt via phone call. Victim speaks to fraudster and gets tricked into email transfer of funds due to some situation i.e. falsified family emergency (grandson is injured ...
0
votes
0
answers
30
views
Bank employees asked random 2 characters of password during verification! [duplicate]
Let me ask to experts how bank BBVA and Santander en España can check dedicated digits of my password during call to their hot line?
They said me that it is verification procedure but I am not sure it ...
0
votes
0
answers
41
views
How are these scammers operating from valid IPs? [duplicate]
Lately, my website has had a lot of fraudsters signing up and getting past my security checks.
I use vpnapi.io and stopforumspam.com to vet new registrations but all of the IPs this scammer is using ...
1
vote
0
answers
39
views
Why is PayPal asking for my bank password? [duplicate]
Another posted the exact same question and it was dismissed saying PayPal would never do such a thing.
Well, I was adding a bank acct yesterday to transfer funds and PayPal popped up a username and ...
1
vote
1
answer
134
views
Ways to safeguard Internet users from fraudulent websites
Extended Validation SSL certificates have been effectively abandoned, as web browsers do not even show them as something special, so my question is: how would you go about safeguarding the user from ...
0
votes
2
answers
300
views
Someone seems to have compromised my email address but can't be sure?
Whilst going through my spam folder on Gmail I've found 2 emails that struck me as suspicious. The first is simply a welcome message from DropBox saying 'Hi Ahmed please verify your email' and then ...
1
vote
0
answers
78
views
Same debit card number issued to more than one account? [closed]
I received text alerts from my bank saying my debit card had beeen used when I hadn’t used it. I started a fraud alert investigation. I was later told another account had the exact same debit card ...
0
votes
1
answer
140
views
Debit Card Fraud Question [closed]
Somebody tried to make a purchase with my debit card at a Walgreens in another part the state of I live on.I was notified of the purchase attempt via my bank's fraud detection system. However, I have ...
0
votes
1
answer
657
views
Fraud Detection - 2FA Bypass Methods and SIM Cloning
I am assisting another Data Scientist with helping a bank detect and prevent fraud via data analysis and predictive modeling (Machine Learning). It's a challenge because the proportion of known ...
0
votes
1
answer
146
views
Can paypal vendors verify card used and/or spending history?
So I recently made a purchase from https://us.roborock.com, a well known manufacturer. During the checkout process, I used PayPal.
However several hours after checkout was complete, I received an ...
0
votes
1
answer
106
views
Using another's text number to commit ongoing fraud [duplicate]
Some Vietnamese refugee families have been Bitcoin defrauded by someone using an 805 text number. Lookups say it belongs to a party in Tennessee. I want to know if it is possible that scammers in ...
0
votes
3
answers
7k
views
Unknown numbers sending videos on WhatsApp. What should I do?
A number with ISD code +92 sent a video via WhatsApp. No text, only a video. About 20 days later, another number with same ISD sent another video.
Should I open the video?
OR
Should I Report and Block?...
0
votes
1
answer
2k
views
Credit card reader writer
If someone has all the information from my credit card name, exp date, card number, cvv and pin but no card, would they still be able to use a reader-writer or would they have to have the card to copy?...
0
votes
1
answer
288
views
Purpose of fraudulent AWS SL/TLS certificate request for my domain
I just received an email from AWS re Certificate request for [my personal domain].
This email asked me to approve this request with a link or forward to a AWS email for validation.
Needless to say ...
0
votes
2
answers
894
views
Why would a bus ticketing app require an Internet connection when you board the bus?
The bus company that I use (Arriva UK) is trying to persuade passengers to switch from buying paper tickets to tickets stored on their app. They are particularly pushing this for 'bus passes': tickets ...
-1
votes
2
answers
244
views
Is it Safe to Rely on Gmail API to Reward Users for Placing Orders on Merchant Sites?
I have an application that rewards users for placing orders with certain merchants. In order to verify that the order was actually placed and delivered, a user is required to grant us read access to a ...
0
votes
1
answer
157
views
Is it possible to identify a financial fraud on a Windows machine? How?
How do forensics identify a banking/financial fraud in a Windows system? Malware usually uses real-time TCP sockets to complete their deeds, infecting and compromising the PC it runs on (not the ...
1
vote
1
answer
342
views
Best way to trace possible root cause of card fraud?
I recently had a fraudulent transaction on my debit card (in the UK, where I am based). Having blocked the card, my main concern is to determine how much information has been stolen and how?
As this ...
0
votes
0
answers
181
views
Is someone using my @domain.com emails for fraud?
I have a TLD, and have set it up to forward any email sent to *@domain.com to [email protected].
Over the last week, I've got a handful of emails from Intuit/TurboTax to random names on my domain, e.g....
1
vote
1
answer
363
views
Is it possible to completely obfuscate proxy servers?
Stripe's fraud detection documentation claims it has
Proxy Detection
When I search for how it might be detecting traffic from proxies, I see this great answer, which show how to detect that traffic.
...
4
votes
0
answers
605
views
What is "JavaGhost - Mass Twilio Checker"?
Over the past week, the account credentials for my organization's Twilio account were stolen and used to send ~10,000 fraudulent SMS messages claiming to be from a major bank.
The passwords have all ...
0
votes
1
answer
126
views
my info was compromised [closed]
My ssn,dob,mother's maiden,phone number, and address were compromised and I am worried that some bad people now have all the afore mentioned information. My question is what could criminals do with ...
1
vote
0
answers
166
views
Current iOS Spyware/Stalkerware Capabilities [closed]
I have a child domestic violence victim I am trying to collect evidence from and coordinate relief for (remotely), but I have cause to believe her phone and/or identity has been hijacked in the past ...
2
votes
1
answer
202
views
Is it normal for a company to request this information after stolen card details were used?
My friend's credit card details were randomly used to make a two small purchases on a food delivery app, by someone other than my friend. They have already contacted the bank and cancelled the card.
...
0
votes
0
answers
1k
views
How can I test if/how STIR/SHAKEN is working on my incoming calls? Both for detecting spoofed caller ID AND [bad sources]
How can I test if/how STIR/SHAKEN is working on my incoming calls? Both for detecting spoofed caller ID AND calls from disreputable (NON-'A' attestation) service providers/carriers/sources.
I'm ...
3
votes
2
answers
833
views
Does replacing the SIM card mitigate any threats after a serious data breach?
I recently heard that a telephone company (a mobile network operator) was hacked and lots of data was stolen, maybe affecting up to a million customers. It sounds like the leaked data is already ...
0
votes
1
answer
1k
views
How does a fraudulent credit card charge to a Department of State work?
I looked at my Credit card statement, and noticed a fraudulent charge to what turned out to be the NY Department of State. This was especially odd to me, since I don't live in NY (and so was obvious ...
0
votes
1
answer
219
views
Security risk for allowing accounts without captcha
I run a website that allows people to create accounts with an email address address and a password. Over the last month, I have had about 100 accounts created with email addresses that look like this:...
1
vote
1
answer
173
views
Is https://div.show/options fraud/malware? [closed]
Is https://div.show/options fraud/malware? I saw via https://app.uriports.com that a customer tried to load the page mentioned before and it was blocked thanks to CSP.
0
votes
1
answer
195
views
How can hackers steal from a savings account that has no client card? [closed]
Someone I know was stolen a few hundreds dollars from a savings account. Looking at the history, she saw transactions like Uber rides and video games purchases she did not do. This account is used ...