Ecommerce vendors need to tighten up their systems to avoid being ripped off by canny scammers the RSA 2009 conference was told.
##CONTINUE##
In his address to the conference Trey Ford, director of Solutions Architecture for WhiteHat Security, explained how simple faults in procurement systems could cost companies hundreds of thousands of dollars.
Some of these techniques required little or no technical skill at all. For example, a woman in North Carolina found that by making an order and then canceling it before the browser had reloaded she would still be sent the products but not billed for them.
She sold over $400,000 of these goods on eBay before being caught – not because the company identified her but because buyers of the products became suspicious.
The reload function of the browser could also be used by pump and dump scams (where stock prices are manipulated by online information) by interfering with Google News rankings he said.
It would be easy to write code that reloaded a certain news page many thousands of times and shift it up into the Google News top stories page he said and this could be very profitable for a pump and dump scam.
“Pump and dump is highly profitable,” he said.
“In a good stock market you can make seven figure sums by gaming the market correctly.”
He gave the examples of United Airlines, which lost 75 per cent of its stock price temporarily after an outdated and inaccurate Bloomberg report about the airline jumped into the Google News rankings.
While he said this wasn't the activity of pump and dump scammers as far as anyone knew it showed how the savvy scammer could make huge sums by manipulating online information.
-----------------------------
BY Iain Thomson in San Francisco
Source:vnunet.com
© Incisive Media Ltd. 2009 Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in England and Wales with company registration number 04038503.
Subscribe to:
Post Comments (Atom)
Posts
0 comments:
Post a Comment