If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Ars Technica)   Turns out Target and Neiman Marcus weren't the only retailers who gave up your financial information to hackers. They were just the only two that thought enough to tell you   (arstechnica.com) divider line 105
    More: Followup, Neiman Marcus, Target, hacking tool, plain text  
•       •       •

13716 clicks; posted to Main » on 14 Jan 2014 at 1:47 PM (44 weeks ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



105 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

First | « | 1 | 2 | 3 | » | Last | Show all
 
2014-01-14 02:43:23 PM  
As someone who works in the hosting industry, I'm going to say that anecdotally, I'd say over half the companies that take online payments are not PCI compliant. A lot nowhere close.

Little scary.
 
2014-01-14 02:44:42 PM  
I guess I can understand people wanting to use cash/debit cards if they don't have the self control to make sure the number on their credit card statement is smaller than the number on their bank statement, but if you use a credit card for everything this isn't a big deal.

Phone the company, they cancel all the fraudulent charges, and send you a new card, no big deal. The biggest hassle is remembering to update the card number with all my auto-pays.

I don't even know what the APR is on my cards, I'm sure it's something stupid...
 
2014-01-14 02:47:06 PM  
Here's a good question I would really love to know the answer to...

So, the hackers steal the cards, and the info to use them.  Then they sell them online.
Who are the buyers?  Like, what sort of Google search do you use to buy other people's credit info?  What sort of sites or forums actually allow that sort of information?  How can anyone, buyer or seller, do this without totally getting busted?

//ok, that's more than one question...
 
2014-01-14 02:48:41 PM  

Phony_Soldier: DarkSoulNoHope: Phony_Soldier: I just got off the phone with Wellsfargo. I've got fraudulent charges. One of them is for Christian Mingle via Paypal or some shiat:

WTF is this:

CHKCARDPAYPAL *CHRSTIANMGL 4029357733 UT

Apparently some Christian decided the Jesusy thing to do was to steal someone's credit card information in order to find the love of his fraudster life.

Or god hates me and is trying to hook me up with ANOTHER fat chick.


Hey! Fat chicks need love too!

/fat chick
//and old

probably set up an account to scam even more people

/fat chicks are gullible
 
2014-01-14 02:49:24 PM  

Clutch2013: Three Crooked Squirrels: I got an e-mail from Target saying that I might me one of the many that had their info stolen.  They are offering a year of free credit monitoring through Experian.  So I went and signed up for the coverage.  But now I have the sinking feeling that the e-mail I received was some kind of scam and I've just been duped into a whole new fraud.

It's funny, and a little scary, just how some sophisticated some of those fake e-mails are getting. My parents are continually asking me if one's real or not.

One trick my not-terribly-computer-literate ass has learned is to check the hyperlinks in all of these things. I'll search them through Google, if I need to. Generally, though, if the hyperlink has a .ru anywhere in the address, instant delete. If it's a bunch of number salad that a search doesn't return any satisfactory results, instant delete.


Probably safest to tell them to just not click any links in an e-mail. Have them type in the URL to the site themselves, or click through from Google. I'm surprised it's not common practice to never send links in emails by now, similar to how it's a bad sign if someone e-mails your password to you...

Even something seemingly innocuous could go someplace bad... http://mybank.com/
 
2014-01-14 02:54:32 PM  
DarkSoulNoHope

My friend had her info used fraudulently at Christian Mingle, too!
 
2014-01-14 02:54:35 PM  
I bought some things at Target last weekend (when we all thought it was just 40m transactions). My roommate was aghast: "You went to TARGET?! Don't you know about the identity thieves?!"

My response: "So farking what? If it wasn't Target, it'd be WalMart or Giant or Safeway or any one of a thousand other places (who likely use the same vendors to handle transactions."

He still thinks I'm crazy for shopping at the red dot. I still think he's an idiot for assuming that this is a) confined to Target (though now we know it's not), b) an ongoing problem, and c) going to negatively impact Target as a business (maybe they'll see a drop in Q1 numbers, but I doubt it'll even be that noticeable)..
 
2014-01-14 02:55:32 PM  

omgbears: Clutch2013: Three Crooked Squirrels: I got an e-mail from Target saying that I might me one of the many that had their info stolen.  They are offering a year of free credit monitoring through Experian.  So I went and signed up for the coverage.  But now I have the sinking feeling that the e-mail I received was some kind of scam and I've just been duped into a whole new fraud.

It's funny, and a little scary, just how some sophisticated some of those fake e-mails are getting. My parents are continually asking me if one's real or not.

One trick my not-terribly-computer-literate ass has learned is to check the hyperlinks in all of these things. I'll search them through Google, if I need to. Generally, though, if the hyperlink has a .ru anywhere in the address, instant delete. If it's a bunch of number salad that a search doesn't return any satisfactory results, instant delete.

Probably safest to tell them to just not click any links in an e-mail. Have them type in the URL to the site themselves, or click through from Google. I'm surprised it's not common practice to never send links in emails by now, similar to how it's a bad sign if someone e-mails your password to you...

Even something seemingly innocuous could go someplace bad... http://mybank.com/


Oh, they've stopped doing that - that's why they ask me so damn much.

/at some point, I was deemed the tech expert of the family
//still haven't figured out why
 
2014-01-14 02:59:06 PM  
Three Crooked Squirrels


I got an e-mail from Target saying that I might me one of the many that had their info stolen. They are offering a year of free credit monitoring through Experian. So I went and signed up for the coverage. But now I have the sinking feeling that the e-mail I received was some kind of scam and I've just been duped into a whole new fraud.


God I hope you are joking. My credit union contacted me before I even remembered using my card at Target and said they were issuing a new card.
 
2014-01-14 03:05:01 PM  

IamAwake: TV's Vinnie: Just to give people some advice, use an extra layer of protection like having a Paypal debit card instead of your own bank's debit card.

Um, your security and financial safety advice includes using paypal?  They are horrible in both areas.  Are you just...trolling or something?


No, I'm not. As I described my own personal scenario, I was able to enact Damage Control quickly and easily.
 
2014-01-14 03:05:13 PM  
I had mine compromised at some titty bar. I got a free year of pubic lice treatment.
 
2014-01-14 03:06:12 PM  

thornhill: TV's Vinnie: Just to give people some advice, use an extra layer of protection like having a Paypal debit card instead credit card instead of your own bank's debit card.

Corrected.

When your debit card number gets stolen that can jack up your bank account for a few days, which can become really problematic if you've written checks from it, auto pay bills via ACH, etc.

When it's your credit card, your bank account is never affected.


And not everyone is able to obtain a credit card (yeah, I sound poor. Whatevs.). Tried having one using Capitol One. Never, ever going to go through that bullsh*t ever again.
 
2014-01-14 03:18:07 PM  

TV's Vinnie: IamAwake: TV's Vinnie: Just to give people some advice, use an extra layer of protection like having a Paypal debit card instead of your own bank's debit card.

Um, your security and financial safety advice includes using paypal?  They are horrible in both areas.  Are you just...trolling or something?

No, I'm not. As I described my own personal scenario, I was able to enact Damage Control quickly and easily.


You're just lucky and it had nothing to do with Paypal. How you even got anyone to help is amazing.

As for going back to Target because "now they're on it"...um, no. It will take weeks to fix their infrastructure. They might have plugged the most obvious hole but no way you'd catch me there using a card anytime soon.

Why we don't use European card standards is beyond me. Oh, sorry, that'll cost job creators money. As opposed to this, where the only hurt they'll feel is if banks sue for violation of PCI rules.
 
2014-01-14 03:20:19 PM  

TV's Vinnie: was that time I bought a game from


That is funny that you mentioned Steam. I just purchased Shadowrun Returns last night and noticed the fraudulent charges this morning.  (The last time I bought a game from Steam was over a year ago.)
 
2014-01-14 03:21:24 PM  
Propaganda
How does it work?
 
2014-01-14 03:28:04 PM  
Janusdog:

You're just lucky and it had nothing to do with Paypal. How you even got anyone to help is amazing.

I know that Omaha is where the Paypal HQ is, and it's just a local phone call for me.

As for going back to Target because "now they're on it"...um, no. It will take weeks to fix their infrastructure. They might have plugged the most obvious hole but no way you'd catch me there using a card anytime soon.

I'm starting to consider either paying nothing but cash for all local stuff, or making a bank withdrawal each month and buying prepaid credit cards.

Why we don't use European card standards is beyond me. Oh, sorry, that'll cost job creators money. As opposed to this, where the only hurt they'll feel is if banks sue for violation of PCI rules.

Much like the way US food companies always let the foreigners have all the cool new types of food and we 'Merkins are stuck with the same old sh*t.
 
2014-01-14 03:29:28 PM  

CruJones: As someone who works in the hosting industry, I'm going to say that anecdotally, I'd say over half the companies that take online payments are not PCI compliant. A lot nowhere close.

Little scary.


I work in the IT security industry, and we do PCI audits. I can confirm that many many companies are so far off the mark it's scary. When you can pick credit card numbers direct off the wire with a simple tcpdump then you know that you probably shouldn't ever buy anything off this company.

Companies buying in IDP/IPS solutions, purely to tick the box that says "yes we have intrusion detection", they never want them setup properly.

Credit card details sitting in unencrypted form on servers sat in the same LAN as your normal servers accessible by anyone on the corporate LAN.

Databases on the same server as the web front end, again sat on the internal network.

/don't even get me started on storage of private keys.
//even had a bank, we farked up and didn't wipe a PoC box properly and leaked their actual live private keys for their online banking to another 3rd party
///they honestly didn't care, we were ready for them to bend us over and fark us with no lube, they basically shrugged, asked if we'd deleted them and carried on as if nothing had happened
 
2014-01-14 03:29:41 PM  
I got that Target email mentioned above. Thing is, I haven't shopped at Target in over a year, and they could only have gotten my email address from the one Internet order I made back in 2011.
 
2014-01-14 03:41:12 PM  
Speaking of scary, stupid, lack of CC security...

I used to work for an online retailer.  That is to say, their only storefront is web based.
When I first got there, I was astonished to see that all the CC information for all their transactions (about $150k per day), were saved in tables on the web DB.  No encryption, no attempt to mask them.  Granted, direct access to the database was difficult without VPN, but any web-based interface could read the records with no problem at all.

We redid the entire system.  For starters, we started encrypting the card numbers.  Then we set it up to delete all the data in that table every day, just to be safe.  The final step was to move the CC authorization and so on, to a completely outside vendor.  I can only assume that was nothing more than a tactic to place the responsibility on someone else.

Is this how most online retailers are doing this sort of thing nowadays?
See, I really wouldn't know, because I very, very, rarely do any sort of online shopping.  Don't trust it.
 
2014-01-14 03:46:30 PM  
a solution.

use a savings acct that has no card or check ability attached.
x-fer online to a debit card that has overdraft protection disabled.
keep a very small amt in there [few pennies], x-fer just before a purchase and get cash back for any excess.
if anyone tries to tap in, the transaction will be rejected.
sour grapes are sour
 
2014-01-14 03:49:47 PM  

MutantMotherMouse: Phony_Soldier: DarkSoulNoHope: Phony_Soldier: I just got off the phone with Wellsfargo. I've got fraudulent charges. One of them is for Christian Mingle via Paypal or some shiat:

WTF is this:

CHKCARDPAYPAL *CHRSTIANMGL 4029357733 UT

Apparently some Christian decided the Jesusy thing to do was to steal someone's credit card information in order to find the love of his fraudster life.

Or god hates me and is trying to hook me up with ANOTHER fat chick.

Hey! Fat chicks need love too!

/fat chick
//and old

probably set up an account to scam even more people

/fat chicks are gullible


asset-3.soup.io
 
2014-01-14 03:51:16 PM  

Three Crooked Squirrels: I got an e-mail from Target saying that I might me one of the many that had their info stolen.  They are offering a year of free credit monitoring through Experian.  So I went and signed up for the coverage.  But now I have the sinking feeling that the e-mail I received was some kind of scam and I've just been duped into a whole new fraud.


yup. have fun.
 
2014-01-14 03:53:29 PM  

fireclown: Huck And Molly Ziegler: Cash for groceries, cash for gasoline, cash for purchases under $500 (or whatever you feel safe carrying from the bank teller to the point of sale), cash in restaurants

It did a ton of good for me when I had to buckle down and get my financial shiat together.  Actually HANDING a merchant something physical make you less likely to spend the cash.


when i get a fist fulls of dollars, i'm like...dat's mine, you can't have none.. i would rather have the cash than anything else. fark food and gas. ok, i buy alot of booze. but it's booze.
 
2014-01-14 03:58:11 PM  

JSTACAT: a solution.

use a savings acct that has no card or check ability attached.
x-fer online to a debit card that has overdraft protection disabled.
keep a very small amt in there [few pennies], x-fer just before a purchase and get cash back for any excess.
if anyone tries to tap in, the transaction will be rejected.
sour grapes are sour


Although ridiculously inconvenient that might work if the bank didn't charge a huge overdraft fee when that happens. Disabling overdraft protection wouldn't do anything.

I believe there are some credit cards that let you issue temporary "cards" with limited balances.
 
2014-01-14 04:04:28 PM  
It wasn't until about a year that I started to heavily use cash and a hell of a lot of credit. Since health insurance companies started mining credit card data to see where the next health crisis will come, I started purchasing booze and other things cash only. I dropped my credit card purchases by around 75% over time.

fark em.
 
d3
2014-01-14 04:11:52 PM  
My understanding is that Target didn't even know or notice they'd been hacked. One of the big banks regularly scouts underground sites for stolen cards of their customers. When they found a batch the common denominator was they had all been used at Target. Then the bank contacted Target.
 
2014-01-14 04:15:23 PM  

stratagos: Jokes on you, hackers! I have no money for you to steal! In your FACE!


So much this!
 
2014-01-14 04:16:22 PM  

jonny_q: Three Crooked Squirrels: I got an e-mail from Target saying that I might me one of the many that had their info stolen.  They are offering a year of free credit monitoring through Experian.  So I went and signed up for the coverage.  But now I have the sinking feeling that the e-mail I received was some kind of scam and I've just been duped into a whole new fraud.

you might be ok:
https://corporate.target.com/discover/article/free-credit-monitor ing -a nd-identity-theft-protecti


Yep.  Always verify the domain.  That's the shiat in bold up thar.  If it instead had said "target.com.12.158.13.6" (or similar), then you'd have been in big doo-doo.
 
2014-01-14 04:18:58 PM  

Three Crooked Squirrels: jonny_q: Three Crooked Squirrels: I got an e-mail from Target saying that I might me one of the many that had their info stolen. They are offering a year of free credit monitoring through Experian. So I went and signed up for the coverage. But now I have the sinking feeling that the e-mail I received was some kind of scam and I've just been duped into a whole new fraud.

you might be ok:
https://corporate.target.com/discover/article/free-credit-monitoring -a nd-identity-theft-protecti

I actually didn't use the link in the e-mail. I backed out and accessed the offer directly from Target's website, so I was pretty sure I was OK. But when I originally got the e-mail, I was thinking that it would be a pretty good way to dupe people into giving up more sensitive information if any nefarious individuals wanted to do so.


You get a gold star for that.  It's amazing how many people Click The F*%#ing Link (tm)... :/
 
2014-01-14 04:20:18 PM  

omgbears: Even something seemingly innocuous could go someplace bad... http://mybank.com/


Reported!!
 
2014-01-14 04:23:35 PM  

durbnpoisn: The final step was to move the CC authorization and so on, to a completely outside vendor. I can only assume that was nothing more than a tactic to place the responsibility on someone else.


Accept, mitigate, or transfer risk.  Pretty much SOP.
 
2014-01-14 04:25:17 PM  

JSTACAT: a solution.

use a savings acct that has no card or check ability attached.
x-fer online to a debit card that has overdraft protection disabled.
keep a very small amt in there [few pennies], x-fer just before a purchase and get cash back for any excess.
if anyone tries to tap in, the transaction will be rejected.
sour grapes are sour


You can also do like I do:  credit card with a low limit ($500 or so).  I just pay it off when I know I need to.  If there's anything fraudulent on there, at least they can't do TONS of damage.  And, the bank I have the card through is really good when it comes to stuff like this.  Like, unusually-paranoid good.

/so far
 
2014-01-14 04:26:53 PM  

durbnpoisn: Speaking of scary, stupid, lack of CC security...

I used to work for an online retailer.  That is to say, their only storefront is web based.
When I first got there, I was astonished to see that all the CC information for all their transactions (about $150k per day), were saved in tables on the web DB.  No encryption, no attempt to mask them.  Granted, direct access to the database was difficult without VPN, but any web-based interface could read the records with no problem at all.

We redid the entire system.  For starters, we started encrypting the card numbers.  Then we set it up to delete all the data in that table every day, just to be safe.  The final step was to move the CC authorization and so on, to a completely outside vendor.  I can only assume that was nothing more than a tactic to place the responsibility on someone else.

Is this how most online retailers are doing this sort of thing nowadays?
See, I really wouldn't know, because I very, very, rarely do any sort of online shopping.  Don't trust it.


See it all the time :-(

All it takes is a SQL injection attack. It still amazes me that SQL injection is still the most common vector for CC number breaches.
 
2014-01-14 04:30:12 PM  
TFA: "According to a Reuters report based on "sources familiar with attacks on other merchants," Neiman Marcus and Target weren't the only high-profile, US retailers to be hacked during the 2013 holiday season. The news agency did not identify what specific retailers have also been affected, but it reports at least three other US retailers ("with outlets in malls") suffered breaches that have yet to be publicly disclosed."


Well, I for one am sure glad that news outlets are doing their job and reporting what's important.
 
2014-01-14 04:30:20 PM  

xanadian: durbnpoisn: The final step was to move the CC authorization and so on, to a completely outside vendor. I can only assume that was nothing more than a tactic to place the responsibility on someone else.

Accept, mitigate, or transfer risk.  Pretty much SOP.


It's also because if you don't process the numbers, you don't need to be PCI compliant.

Fail PCI once and you'll pay more for your processing and be given time to get your systems up to scratch. Fail it a second time, and good luck processing any CC info. They don't usually give you. 3rd bite of the apple.
 
2014-01-14 04:33:04 PM  

spmkk: TFA: "According to a Reuters report based on "sources familiar with attacks on other merchants," Neiman Marcus and Target weren't the only high-profile, US retailers to be hacked during the 2013 holiday season. The news agency did not identify what specific retailers have also been affected, but it reports at least three other US retailers ("with outlets in malls") suffered breaches that have yet to be publicly disclosed."


Well, I for one am sure glad that news outlets are doing their job and reporting what's important.


I can guess what the sources might be.

/it rhymes with Imperva
//I have it on pretty good authority that Walmart have just spent a metric fark load with them.
 
2014-01-14 04:42:19 PM  
JSTACAT: a solution.

use a savings acct that has no card or check ability attached.
x-fer online to a debit card that has overdraft protection disabled.
keep a very small amt in there [few pennies], x-fer just before a purchase and get cash back for any excess.
if anyone tries to tap in, the transaction will be rejected.
sour grapes are sour

Can't, Federal limits on transfers between Savings and Checking, 6 per month. Because terrorists. I'm not kidding.

/could work with 2 checking accounts, one to hold the funds and the other to service transactions
 
2014-01-14 04:47:21 PM  

Pinko_Commie: xanadian: durbnpoisn: The final step was to move the CC authorization and so on, to a completely outside vendor. I can only assume that was nothing more than a tactic to place the responsibility on someone else.

Accept, mitigate, or transfer risk.  Pretty much SOP.

It's also because if you don't process the numbers, you don't need to be PCI compliant.

Fail PCI once and you'll pay more for your processing and be given time to get your systems up to scratch. Fail it a second time, and good luck processing any CC info. They don't usually give you. 3rd bite of the apple.


I think that's what really happened.  We were bending over backwards trying to meet the restrictions that are PCI compliance.  Every time we thought we were in the clear, there was something else that needed to be done.
In the end they said, "fark it", and passed it off to someone else.
 
2014-01-14 04:47:59 PM  
Honest question: is it safer to use your debit card at small, local businesses (as opposed to a large retail chain)?
 
2014-01-14 04:51:45 PM  

Phony_Soldier: DarkSoulNoHope: Phony_Soldier: I just got off the phone with Wellsfargo. I've got fraudulent charges. One of them is for Christian Mingle via Paypal or some shiat:

WTF is this:

CHKCARDPAYPAL *CHRSTIANMGL 4029357733 UT

Apparently some Christian decided the Jesusy thing to do was to steal someone's credit card information in order to find the love of his fraudster life.

Or god hates me and is trying to hook me up with ANOTHER fat chick.


Or, as my one friend says, "best place to find a girl is in church or on a Christian website." Knowing most of the church girls I know, he's not actually wrong. Not only can you take them home to the 'rents. but they are seriously wild children.
 
2014-01-14 04:53:54 PM  

KyngNothing: dletter: Isn't there a certain number of persons data lost that it is required by law to notify the public, or is that only with compromised health information?

I think it's actually your bank's responsibility to notify you, Target is required to notify the banks (since they wouldn't necessarily have your contact info).

When I got the notification from my bank, it didn't say WHERE my information was compromised, just that it was, so you could just assume it was lost at Target, when it was really somewhere else.


Oh no, my bank flat-out told me it was Target that notified them. All for less than $5.

/joke's on the hackers cause I ain't got no money
 
2014-01-14 05:00:01 PM  

Three Crooked Squirrels: I got an e-mail from Target saying that I might me one of the many that had their info stolen.  They are offering a year of free credit monitoring through Experian.  So I went and signed up for the coverage.  But now I have the sinking feeling that the e-mail I received was some kind of scam and I've just been duped into a whole new fraud.


My mother did the same thing for my grandfather's account. As far as I can tell it is legit, but keep in mind that you are legally able to obtain a copy of all three reporting agency's reports for free annually. The website for that is www.annualcreditreport.com. Note that they don't require you to enter a credit card to access the information (cuz it's a government-sponsored website). If you are worried, next month go to the site and check to see if anything has changed. It won't cost you a penny and you will also be able to see Equifax and TransUnion reports, too.
 
2014-01-14 05:08:28 PM  

schatz: Honest question: is it safer to use your debit card at small, local businesses (as opposed to a large retail chain)?


A large retail chain would be a more likely target for "hackers" because they play the numbers game. A local business has pretty much the same security protocols with a lot less targets so they are less likely for them to go after.
 
2014-01-14 05:22:13 PM  

TV's Vinnie: IamAwake: TV's Vinnie: Just to give people some advice, use an extra layer of protection like having a Paypal debit card instead of your own bank's debit card.

Um, your security and financial safety advice includes using paypal?  They are horrible in both areas.  Are you just...trolling or something?

No, I'm not. As I described my own personal scenario, I was able to enact Damage Control quickly and easily.


You're Steve Ballmer, aren't you?!
 
2014-01-14 05:48:19 PM  

Phony_Soldier: I just got off the phone with Wellsfargo. I've got fraudulent charges. One of them is for Christian Mingle via Paypal or some shiat:

WTF is this:

CHKCARDPAYPAL *CHRSTIANMGL 4029357733 UT


1) Could be verification.  They used to do iTunes for verification.
2) Alternatively, it could be as simple as utilizing a paid account to enable spamming of other profiles in further phishing/malicious attacks.
 
2014-01-14 05:51:29 PM  

pippi longstocking: Magnetic cards are a huge joke, it's not 1980 anymore. If the general public, banks, and retailers were really concerned about individual transaction security they would use encrypted hash and salt algorithms at the point of sale.


I could go for some hash and salt encrypted into some sort of edible.
 
2014-01-14 05:52:03 PM  

DeathByGeekSquad: Phony_Soldier: I just got off the phone with Wellsfargo. I've got fraudulent charges. One of them is for Christian Mingle via Paypal or some shiat:

WTF is this:

CHKCARDPAYPAL *CHRSTIANMGL 4029357733 UT

1) Could be verification.  They used to do iTunes for verification.
2) Alternatively, it could be as simple as utilizing a paid account to enable spamming of other profiles in further phishing/malicious attacks.


Interesting.
/I just got back from going to Wells Fargo and getting a new "instant" card.
 
2014-01-14 06:04:47 PM  

durbnpoisn: Here's a good question I would really love to know the answer to...

So, the hackers steal the cards, and the info to use them.  Then they sell them online.
Who are the buyers?  Like, what sort of Google search do you use to buy other people's credit info?  What sort of sites or forums actually allow that sort of information?  How can anyone, buyer or seller, do this without totally getting busted?

//ok, that's more than one question...


Here's a good break down that should answer some of your questions:  http://krebsonsecurity.com/2013/12/whos-selling-credit-cards-from-tar g et/
 
2014-01-14 07:38:04 PM  
Not surprising. There is no authentication. No security. Credit cards are basically like holding up a sign that says "Hey, I'm Joe" printed in Comic Sans.
 
2014-01-14 09:17:15 PM  

Clutch2013: One trick my not-terribly-computer-literate ass has learned is to check the hyperlinks in all of these things.[...] Generally, though, if the hyperlink has a .ru anywhere in the address, instant delete.


Oh Lard, I have Russian co-workers who send me .ru links All. The. Time.
 
Displayed 50 of 105 comments

First | « | 1 | 2 | 3 | » | Last | Show all

View Voting Results: Smartest and Funniest


This thread is closed to new comments.

Continue Farking
Submit a Link »






Report