Alexa
  • Directory of Taiwan

Public urged to change passwords frequently

Bureau says recent spate of Web site hacking puts online shoppers' personal data at risk

Public urged to change passwords frequently

The Criminal Investigation Bureau yesterday urged the public to frequently change their Web site membership passwords in order to avoid being conned in the wake of a recent rash of fraud cases involving hacking of major local shopping Web sites.
According to a statement released by the National Police Agency's "165 Anti-fraud hotline" yesterday, leaks of members' transaction information were found on eight major local shopping Web sites, including books.com.tw, Digital Kingstone Co., Yahoo, MOMO, and ET Mall, and fraud cases have resulted from such leaks in the period of December 1 to 15. As for how the information was leaked, the NPA said the police were still investigating.
After getting hold of shopping Web site members' transaction information, con artists, who claimed themselves to be Web sites' customer service officers, would call shoppers and check with them the details of their recent transactions on the Web sites, and would then tell them that some mistakes had occurred during the delivery process that would result in a payment change to "installment" and erroneous deductions from their bank accounts, according to the CIB statement.
The con artists would then ask the shoppers to look at their ATM cards and give the 24-hour customer service numbers on the back of the cards, and would also tell the shoppers that officers at their banks would call them later to correct the "installment" mistake, the CIB statement said. The con artists would remind the shoppers to check the callers' ID from the caller display, which had been tampered to show the right numbers in order to win the shoppers' trust, the CIB statement says.
The callers would instruct the shoppers to operate ATM machines in English mode and increase gains through multiple transfers by telling the shoppers to repeat the process because they had wrongly operated the machines, the statement says.
The CIB suspected that the swindlers had used the so-called "information puzzle" to hack into the shopping Web sites to steal their members' data. The CIB pointed out that PayEasy shopping Web site found irregular logins in the company's database and intercepted some 39,000 account numbers and passwords from several information points on December 9, which indicated the fraud operatives were using the account numbers and passwords they had collected and manually applied them at random combinations to hack into the Web site to steal its members' transaction information. The CIB compared the "information puzzle" method to trying tens of thousands of "keys" to open the door to the Web site.
The CIB urged the public to frequently change their "locks," which means their passwords, to reduce the risk of being conned.
The CIB also reminded the public not to listen to instructions from others to operate ATM machines because the machines have become the tool most frequently used by con artists to swindle money.


Updated : 2021-07-25 11:55 GMT+08:00