[asterisk-biz] [asterisk-users] FRAUD: BE AWARE

Trixter aka Bret McDanel trixter at 0xdecafbad.com
Thu Jul 3 02:06:46 CDT 2008


On Wed, 2008-07-02 at 23:25 -0700, Nitzan Kon wrote:
> --- On Thu, 7/3/08, Trixter aka Bret McDanel <trixter at 0xdecafbad.com> wrote:
> 
> > I do not know how much they lose per year with seller protection,
> 
> What seller protection? I have yet to see a single transaction with
> paypal "protected". They absolutely could not care less if the seller
> gets screwed over time and time again.
> 
Oh I agree, typically seller protection only applies to real goods sold
on ebay using an approved carrier (watch it though, USPS has often been
said by paypal to be approved, but the online requirement for tracking
verification normally gets it shot down by paypal).  This might be
available for people that sell gear to their customers (and thus more
relevant to this list) I dont know.  I know they have a ton of
conditions so its hard to say how much paypal looses to this plan. 

I also did more poking, the paypal OTP generator is free (or was) to
business people, $5 for personal accounts only.  I guess they figured
they would make it up in fees more than anything else.  But if they can
give it free to some users, mandating it would certainly help protect
their users better.


> I don't know where the 0.5% figure comes from, but when it comes to
> VoIP a more accurate figure would be 50%. We have 100 times more
> fraud attempts with PayPal than we do with Google Checkout.

Paypal claims 0.5% on their page, so now you know the source.  It also
isnt fair to apply it to voip, since I never attempted to say by market
sector or industry.  0.5% for payment stuff like that is low, when you
look at the (now old) 2-3% in the US and 15% in europe you can see just
how low it is.  Since the 15% (8 years or so ago when I got it) a lot of
changes occured in europe to combat this at least to some degree.

Again those are just "all credit card transactions" and not broken down
by any sector, industry or anything else.

As for more with paypal than google, give it time, once there are
sufficient people with google checkout accounts there will be more
attacks that way.  Its like the mac, when it was less than 5% of
desktops no one bothered, this led people to think malware, worms,
trojans, viruses, etc do not apply - now people are seeing more
compromises in OSX since its becoming a more attractive target.  

A lot of the accounts are compromised by phishing sites, they work on
volume so they will target the places that have the largest user base.
The press releases of these companies bragging about how much money they
process, how many customers they have, etc are at least in part the
triggrs, once a company says they have a sufficient number of customers
expect to see the emails about it.

-- 
Trixter http://www.0xdecafbad.com     Bret McDanel
Belfast +44 28 9099 6461        US +1 516 687 5200
http://www.trxtel.com the phone company that pays you!




More information about the asterisk-biz mailing list