Technology: Exposed database reveals apparent ticket fraud scheme - PressFrom - US
  •   
  •   
  •   

TechnologyExposed database reveals apparent ticket fraud scheme

15:40  11 september  2019
15:40  11 september  2019 Source:   cnet.com

Parent Charged in College Bribery Scheme Pleads Guilty

Parent Charged in College Bribery Scheme Pleads Guilty A California entrepreneur accused of paying $250,000 to get his son into the University of Southern California has pleaded guilty to a federal charge. Jeffrey Bizzack entered the plea to conspiracy to commit mail fraud and honest services mail fraud in Boston's federal court Wednesday. Immigrants Avoid Reporting Crimes During Crackdown: Report Authorities say the 59-year-old who has worked in the tech and surfing industries paid $250,000 to get his son admitted as a fake volleyball recruit. His son was accepted in 2018. Bizzack's lawyers have said his son did not know about the arrangement. Prosecutors are recommending nine months in prison and a $75,000 fine.

Fraud is the most cause of disputes, though there are other reasons why customers may question a payment. An effective dispute and fraud prevention strategy uses a number of methods that are best suited for your business while keeping any customer burden—and losses—to a minimum.

In law, fraud is intentional deception to secure unfair or unlawful gain, or to deprive a victim of a legal right. Fraud can violate civil law (i.e., a fraud victim may sue the fraud perpetrator to avoid the fraud

It was a good plan, as far as frauds go: rip off fans of live performances while simultaneously fleecing some of the internet's biggest ticket vendors, such as Groupon , Ticketmaster and TickPick. The fraudsters create accounts with the ticket sellers and use stolen credit card information to make their purchases. Then, they turn around and resell the tickets to fans, who might not be able to use them if the fraudsters resell them multiple times or the original sale is voided.

Exposed database reveals apparent ticket fraud scheme© Provided by CBS Interactive Inc. Researchers found signs of a fraud ring in an exposed database, they revealed Wednesday. Graphic by Pixabay/Illustration by CNET Exposed database reveals apparent ticket fraud scheme© CNET

Researchers found signs of a fraud ring in an exposed database, they revealed Wednesday.

MoviePass exposed thousands of unencrypted customer card numbers

MoviePass exposed thousands of unencrypted customer card numbers Movie ticket subscription service MoviePass has exposed tens of thousands of customer card numbers and personal credit cards because a critical server was not protected with a password. Mossab Hussein, a security researcher at Dubai-based cybersecurity firm SpiderSilk, found an exposed database on one of the company's many subdomains. The database was massive, containing 161 million records at the time of writing and growing in real-time. Many of the records were normal computer-generated logging messages used to ensure the running of the service — but many also included sensitive user information, such as MoviePass customer card numbers.

Perpetrated in several ways, procurement fraud is hard to detect. Arm yourself with hybrid analytics that offer various approaches on data and analysis. Government agencies must switch from manual fraud defenses to hybrid analytics. By Jon Lemon, Principal Industry Consultant, SAS.

The fraud 's resurgence brings to light a painful reality for the digital advertising industry: Even after ad fraud operations are exposed , they rarely go away completely. "They keep operating because somebody keeps mailing them a check," Telemetry Exec.

The well-laid plan fell apart, however, when a simple cybersecurity mistake revealed the scam. The reason: the apparent fraudsters forgot to password protect their cloud database.

Security researchers Noam Rotem and Ran Locar found last month an unsecured database containing records of 17 million emails received by accounts made with the three ticket vendors, as well as a handful of local venues. Groupon says the records show similarities to a scam the company identified in 2016. The database is no longer online. The researchers don't know who created the database, but believe it was used for criminal activity.

MoviePass confirms breach that leaked credit card numbers

MoviePass confirms breach that leaked credit card numbers On Tuesday TechCrunch reported that security researcher Mossab Hussein, with the firm SpiderSilk, found an exposed, unencrypted MoviePass database with millions of records. Some of those included numbers for its custom debit cards that are used when subscribers purchase tickets, while others listed customer's personal information including their credit card numbers, expiration dates and billing information. Another researcher had located the vulnerable information back in July and notified the company, but neither was able to get a response, while yet another found evidence the database had been public since May of this year.

If you suspect someone may be committing fraud against Centrelink, Medicare or Child Support, you should report it. We have information in different languages use someone else's Medicare card. use an invalid concession card. forge prescriptions for Pharmaceutical Benefits Scheme (PBS) medicine.

The Fraud Investigators have been researching General Electric’s financials and accounting practices for more than one year. Discovering the GE Fraud . To make it impossible to compare GE’s numbers across multi-year time periods, GE changes its Financial Statement reporting formats every few years.

"We've worked on many similar database breaches, and certain aspects of this one didn't add up," the researchers wrote. "After contacting Groupon with our concerns, the full extent of what we'd uncovered was revealed."

In a report published Wednesday with software review site vpnMentor, Rotem and Locar outline how they found records of emails, the email addresses and names used to buy the tickets, and other details that would make it simple to identify and remove fraudsters' accounts from a ticket vendor's systems. Anyone visiting the correct IP address could see the data.

The data exposure is more evidence -- if any were needed -- that everyone, even criminals, struggles with cybersecurity. Improperly secured databases have led to the exposure of caches that include children's information, vast swathes of demographic data and health records. The problem usually starts when an organization misconfigures its cloud server, failing to select more private settings when it puts data online.

MoviePass reportedly exposed personal info, debit card numbers online

MoviePass reportedly exposed personal info, debit card numbers online The struggling movie ticket subscription app may have exposed customers' private information online, according to a report.

This important initiative is focused on fighting airline ticket fraud and enables effective cooperation between travel value chain stakeholders. GAAD is a horizontal and multidisciplinary operation to fight fraudulent online purchases of flight tickets with compromised credit card data .

Pyramid schemes - These investments offer big profits, but really aren't based on revenue from selling products. Instead, they depend on the recruitment of more Scams that use the names of the FBI or CIA - Avoid falling victim to email schemes involving unsolicited email supposedly sent by the Federal

In this case, the data appeared to be the blueprint of a crime.

At first, Rotem and Locar thought they had found information owned by a legitimate business, like a third-party mailing service used by multiple ticket companies. But soon they saw hints that something was off. First, they realized there was no website for the mailing service. Then they saw the email addresses in the database didn't appear to belong to real people.

Finally, Groupon told the researchers that the data they found was similar to what they'd seen in the 2016 fraud. Almost all of the records in the database were marketing emails from Groupon, which sends frequent emails on deals of the day to users. Groupon said there were about 20,000 email addresses in the exposed dataset, but the total number of emails that related to the purchase of tickets was at most 673.

Groupon declined to confirm whether it was taking any action based on the findings. Ticketmaster didn't respond to requests for comment.

Jack Slingland, vice president of operations at TickPick, didn't comment directly on the researchers' findings but said the company is continually on the alert for fraud activities. He said customers who purchase tickets resold through TickPick are guaranteed comparable tickets if they arrive at the venue and find they've been sold a fraudulent ticket.

However, the guarantee doesn't apply if fraudsters buy tickets from TickPick and then resell them on another ticket-selling site.

Millions of Facebook users’ phone numbers may still be exposed online.
The sensitive user data has popped back up on a new server

—   Share news in the SOC. Networks

Topical videos:

usr: 11
This is interesting!