Originally published April 19 2005
Bogus airline ticket sites used to scam credit card data
by Mike Adams, the Health Ranger, NaturalNews Editor
Web sites that sold airline tickets at extremely low prices have been shut down after it was found that they were fraudulently collecting credit card information and were not selling bona fide tickets. Users of the phony sites were asked to fill in personal information, including their credit card data, but the site then generated a fake error message, saying that the transaction had not completed and asking the user to pay for the tickets via money order instead. Panda Software, an anti-virus vendor, noted that the attack is different from traditional phishing schemes, in which the criminals solicit the victims; the phony ticket sites relied on visitors using web search engines to find them. The anti-virus company warned that similar attacks should be anticipated in the future.
Several Web sites supposedly selling very cheap airline tickets have been shut down, said a security firm, after it was discovered they existed only to harvest credit card account data.
The Glendale, Calif.-based anti-virus vendor noted that the scheme differs from typical phishing attacks, in which the criminal contacts the victim.
Once at a site claiming ultra-low fares, the consumer is asked to fill out a form requiring personal details, including their credit card number, the card's expiration date, and its verification value.
The consumer is told that the transaction didn't complete, and is given instructions on how to pay for the tickets by money order.
"It's actually the buyer, in searching for the best prices online, who goes to the fraudulent Web page," said Luis Corrons, the director of Panda's research lab, in a statement.
"This creates a false sense of security that can lead users to proceed with the transaction."
Although the illegal sites have been shuttered, Corrons said to expect more of the same as other scammers take up the tactic to "sell" virtually anything at "bargain" prices.
View stories from past issues sorted by date.
Competitive Token Upgrade Enterprises can now dramatically reduce their TCO by replacing existing and expensive proprietary, two-factor authentication systems with new, state-of-the-art tokens.
Click here to learn why leading enterprises have chosen LURHQ as their Managed Security Services Partner.
DigiCert SSL Wildcard Certificates Secure Unlimited first level Sub-Domains and FREE 10 Server License for only $449 (Single Certificates $99).
Detect and Protect Your PDAs and Smartphones This white paper will guide you step-by-step through the best practices for securing PDAs and smartphones, along with the benefits of implementing a CREDANT Technologies solution for detecting and protecting these popular productivity tools.
All content posted on this site is commentary or opinion and is protected under Free Speech. Truth Publishing LLC takes sole responsibility for all content. Truth Publishing sells no hard products and earns no money from the recommendation of products. NaturalNews.com is presented for educational and commentary purposes only and should not be construed as professional advice from any licensed practitioner. Truth Publishing assumes no responsibility for the use or misuse of this material. For the full terms of usage of this material, visit www.NaturalNews.com/terms.shtml