In my Scam of the day for July 12th I told you about the arrest in Guam of Roman Seleznev, a Russian accused of hacking into the point of sale systems of the Broadway Grill in Washington DC and retail establishments throughout the country between 2009 and 2011. Now, Seleznev has been extradited to the United States and he was arraigned in federal court in Seattle a few days ago. According to his indictment, Seleznev scanned the computers of retailers throughout the United States looking for vulnerabilities which he exploited through malware that he would inject into the computer systems of these vulnerable retailers, which would capture credit card data which Seleznev would then sell online to other criminals. The Secret Service says that he stole the data from more than 200,000 credit cards and made more than two million dollars selling this card data on black market websites. Complicating the situation is that Seleznev is the son of a prominent Russian politician. The Russian government is calling the arrest an illegal kidnapping.
What does this arrest mean to you and me? It is more of a reminder of how large the problem is. Hacking into retailers at point of sale terminals in stores has become a relatively easy task to accomplish and not only is it easy to accomplish, it does not even have to be done at the store. It can be done totally over the Internet by hackers anywhere in the world. Credit card fraud is worse in the United States than in most of the rest of the world because we still have not adopted the smart card technology by which credit cards carry a computer chip that issues a new identifying number every time it is used which makes the stealing of the number used at any particular transaction worthless. The hacking of point of sale terminals will be an exercise in futility when we finally start using smart cards in large numbers. However, it is not expected that this will be done in the United States until October of 2015 when, through a change in the rules governing credit card usage, companies, whose point of sale terminals are hacked, will be responsible for data thefts. Until that time, the best you can do is to refrain from using your debit card for retail purchases so that your bank account is not at risk in a hacking attack. You also should monitor your credit card’s use regularly to note any fraudulent use so that you can limit the damage.