09-29-2006, 09:36 AM
Quote:While public attention has remain fixed on a series of high-profile data losses or database breaches at federal government agencies, large corporations and universities, experts who study financial fraud say hackers increasingly are targeting small, commercial Web sites. In some cases, criminals are able to gain real-time access to the sites' transaction information, allowing them to steal valid credit card numbers and quickly charge large numbers of fraudulent purchases.
Small e-businesses offer fewer total victims, but they often present a softer target, either due to flaws in the software merchants use to process online orders or an over reliance on outsourced Web site security...
Clements said many smaller online merchants use generic shopping cart software that they fail to maintain with the latest software security patches...
full article: http://www.washingtonpost.com/wp-dyn/con...00333.html
Quote:Anyway, several chilling and common threads were clear from the interviews with victims.
First, the initial credit-card theft is only the first step in a larger identity theft scam.
Second, far too many sites are compromised each month by hackers and scammers while their owners remain completely oblivious or in denial.
Finally, many of the victims of credit-card theft interviewed for this piece said they decided to shop at the sites that lost their data because they were the least-expensive vendor found through bargain shopping sites...
full article: http://blog.washingtonpost.com/securityf....html#more