A caution to all B&M credit card users

[arcas]

Most of us are aware of the issues surrounding using credit cards online and lots of us have even signed up for credit cards that offer single-use numbers like AMEX's PrivatePayments. How many folks would send their CC info over a non-SSL connection? Probably not many, eh?

But what about brick and mortar stores? What if you found out that the B&M store where you shop frequently has connected its cash registers to the backroom computer using an unencrypted WLAN...meaning that someone with a laptop computer and a wireless NIC can sniff CC numbers by simply sitting in the parking lot and capturing WLAN traffic?

Check out this thread In this case, the culprit is apparently Best Buy but other major retailers are also implicated further into the thread.

Think I'll start paying with cash instead of plastic more often.

Edited: link fixed

 

[wnied]

Linky No Worky


~wnied~

 

[thawolfman]

i fixy linky

 

[dakata24]

dont all cc companies have protections against unauthorized charges..

but if you get jacked by someone while carrying alot of $$$? you wont get anything back unless the cops catch the culprit..

 

[arcas]

Wow you guys are fast. By the time I managed to login to edit the fixed link you guys already fixed it

Not sure how the "." was omitted as this was a cut-and-paste directly from the browser window. I could maybe understand if the first or last character was omitted...but a "." from the middle of the URL!?

 

[killface]

<< By the time I managed to login to edit the fixed link... >>


Umm, no you didn't. Still missing a "."

 

[arcas]

True. CC companies have those sorts of protections in place, some won't hold you accountable for anything, others up to $50. Not sure what the rules are about debit cards though since I don't have one.

Depending on what data gets transmitted over the WLAN, though, it seems that identity theft also becomes a possibility.

 

[dakata24]

<< Depending on what data gets transmitted over the WLAN, though, it seems that identity theft also becomes a possibility. >>



oh. didnt think of that (and too lazy to read the article)... now that would be a definate concern of mine then.. ugh, and i just bought a dvd from bestbuy.. i have a friend that works there.. if he knew any of this going on, id hope he tell me..

 

[amdskip]

Walmart is definately not wireless. The only wireless thing info sent out is via satelite dish to Bentonville. You should see how much CAT 5 they have run in that place, just crazy amounts. Every register has it's own direct back to the dell servers in the server room. This building is almost 2 years old and walmart is too cheap to mess with wireless being a new technology and all.

 

[Mill]

<< True. CC companies have those sorts of protections in place, some won't hold you accountable for anything, others up to $50. Not sure what the rules are about debit cards though since I don't have one.

Depending on what data gets transmitted over the WLAN, though, it seems that identity theft also becomes a possibility. >>



I thought that you were liable up to 50 dollars AFTER you reported a card stolen or fraud. So wouldn't you be held accountable for any activity before you nofified the CC company?

 

[amdskip]

I think it is $50 no matter when you report as in like the same day.

 

[MoMeanMugs]

<< Walmart is definately not wireless. The only wireless thing info sent out is via satelite dish to Bentonville. You should see how much CAT 5 they have run in that place, just crazy amounts. Every register has it's own direct back to the dell servers in the server room. This building is almost 2 years old and walmart is too cheap to mess with wireless being a new technology and all. >>



Once again, amdskip proves he doesn't know everything about Wal-Mart. I am not going to point out where he is wrong as I don't reveal company info, but he is indeed WRONG.

 

[bugsysiegel]

That's kinda messed up.

 

[yakko]

I always use stolen credit cards anyway so I don't worry about it.