[ale] OT: I AM paranoid!
Bjorn Dittmer-Roche
dittmeb at mail.rockefeller.edu
Fri Oct 10 11:24:10 EDT 2003
On Thu, 9 Oct 2003, Jim Philips wrote:
> The DeKalb County cops gave me some resistance when I reported this as a
> crime, saying it had to be investigated in the jurisdiction where it
> occurred. They took this to mean the city where the servers live. Never mind
> that this is utterly stupid, I set out to call the police in Bentonville, AR
> (home of Walmart). And--wonder of wonders!--they simply turned over all of
> the information they got from Walmart. Now here is what was weird about that.
> I was already doing business with Walmart.com for their DVD rental service.
> So, they already had my debit card number. The fraudster used that same card
> number with them, but gave them the wrong e-mail address, the wrong phone
> number and also misspelled my name. So, what this tells me is that they do
> absolutely no checking on the identity of the person presenting the card. If
> they communicated with the card issuer, they could get the spelling for my
> name and my home phone number. Or, barring that, all they would have to do is
> check to see if someone else has tried to use the same card number with
> different information. But they don't do either thing. Now given the fact
> that Walmart is the biggest retail operation in the world, you would think
> they could afford this kind of diligence. But apparently, it's too much
> trouble for them. I sent them an e-mail asking about all of this and what I
> got back was their stock answer to all security questions: SSL, your
> information is encrypted and all of that crap.
>
got your credit card number, misspelled your name, and didn't know your
e-mail address... Hmmm... do you use a cordless phone?
bjorn
More information about the Ale
mailing list