Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Bookstore sales stolen by hacker

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Bookstore sales stolen by hacker
Date: Tue, 27 Jun 2006 00:26:19 -0500 (CDT) 
http://www.northernadvocate.co.nz/localnews/storydisplay.cfm?storyid=3690082

By Craig Borley  
26.06.2006 

Internet fraud has hit a Whangarei bookshop owner, leaving his web
site suspended and his business' future in the balance.

Dennis Scoles, of Oceania Books, said his business earned a third of
its income from on-line sales.

But a computer hacker has targeted Mr Scoles' site, meaning customers
trying to pay for books via his PayPal link were actually paying the
hacker.

Mr Scoles' PayPal page was replaced by a fake, with a link to a
different bank account.

All this came as a shock to Mr Scoles, who said the incident was hard
to understand.

"We didn't have them (computers) at school in my day, so I had nothing
to do with them. I know nothing about IT, I was just a book collector.  
I just feel sick, like I've been involved in a crime."

He has now invested in a firewall program intended to block hackers
but Quentin Donald, owner of Mr Scoles' Internet service provider
Acute Systems, said no blame lay with Mr Scoles.

"It has nothing to do with his computer at all, as I understand."

He said Mr Scoles' website used an osCommerce system for online
payments - one of the world's most common forms of on-line shopping.

He said it appeared someone had figured out a way to "get in the back
door" of that system.

Mr Donald believed there were some 30,000 websites using osCommerce,
most of which were too small to be attractive to hackers.

Because hackers tend to go for the big fish, he said, "the general guy
in the corner shop doesn't have to worry".

But Mr Scoles may have attracted the hacker's attention because of the
sheer size of his site. It included information and photographs of
some 1000 books.

"I'd been staying up nights, loading it all on, and it was only just
starting to pick up."

But as investigations continue Mr Scoles' website has been suspended,
causing him concern that future shoppers will be put off.

He had planned moving his business to Internet-only by the time he
retired but now he's not so sure.

"I have to seriously think about whether I want to continue on-line.  
It's a lesson that should be passed on to all businesses thinking
about doing this."

Mr Donald said this lesson was a cruel one, due to its rarity and
people's inability to protect themselves against it.

© APN News & Media Ltd 2006.
 


_________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.
www.blackhat.com
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Bookstore sales stolen by hacker, InfoSec News <=
Previous by Date:  [ISN] Forensics Expert Attempts To Link UBS Attack And Defendant, InfoSec News
Next by Date:  [ISN] REVIEW: "How to Break Web Software", Mike Andrews/James A. Whittaker, InfoSec News
Previous by Thread:  [ISN] Forensics Expert Attempts To Link UBS Attack And Defendant, InfoSec News
Next by Thread:  [ISN] REVIEW: "How to Break Web Software", Mike Andrews/James A. Whittaker, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]