Upload
pindrop-security
View
883
Download
0
Embed Size (px)
DESCRIPTION
In 2014, Home Depot suffered a massive security breach, with Fraudsters stealing card data from millions of customers. Here, Pindrop Security researchers break down exactly how fraudsters are using that information to steal identities and takeover accounts - in just 5 easy steps. Read more details on our blog at: http://www.pindropsecurity.com/home-depot-attack-leads-to-phone-channel-exploits/
Citation preview
2014 Pindrop Security™ Confidential
INSIDE PHONE FRAUDThe Home Depot Breach
2014 Pindrop Security™ Confidential
HOW THE HOME DEPOT BREACH LED TO PHONE FRAUD
2014 Pindrop Security™ Confidential
(IN 5 EASY STEPS)
2014 Pindrop Security™ Confidential
BUY STOLEN DATA1
2014 Pindrop Security™ Confidential
CARD DATA FROMHOME DEPOT CUSTOMERS
IS NOW FOR SALE ONLINE
2014 Pindrop Security™ Confidential
SHOPPING LIST: CARD NUMBER
FULL NAME
STORE ADDRESS
2014 Pindrop Security™ Confidential
USE THAT INFO TO FIND: LAST 4 DIGITS OF SS#
DATE OF BIRTH
CARD EXPIRATION DATE
2014 Pindrop Security™ Confidential
CALL THE BANK2
2014 Pindrop Security™ Confidential
(EXTRA CREDIT)SPOOF THE CUSTOMER’S
PHONE NUMBER
2014 Pindrop Security™ Confidential
ANSWER 3 OUT OF 5 QUESTIONS3
2014 Pindrop Security™ Confidential
MOST US BANKS LET CUSTOMERS MAKE
ACCOUNT CHANGES IF
THEY PASS 3 OF 5 SECURITY CHECKS
2014 Pindrop Security™ Confidential
(TIME TO PULL OUT THAT DATA YOU BOUGHT)
2014 Pindrop Security™ Confidential
CHANGE THE PIN NUMBER4
2014 Pindrop Security™ Confidential
GO SHOPPING5
2014 Pindrop Security™ Confidential
LEARN MORE
READ MORE ON THE PINDROP SECURITY BLOG
DOWNLOAD THE STATE OF PHONE FRAUD REPORT
BEST PRACTICES FOR HOW TO PREVENT PHONE FRAUD
Incidents like the Home Depot breach demonstrate how intertwined phone and online fraud are for enterprises. Click here.
Pindrop security reviewed phone fraud activity during the first six months of 2013 to understand the frequency of attacks and the methods and motives of fraudsters.Click here.
This whitepaper explains the risks in phone call fraud and caller ID spoofing. It discusses the technologies available for Caller ID verification and device authentication.Click here.