RealTime IT News

Anti-Fraud Site Swamped

An anti-fraud Internet site that just launched a service allowing consumers to find out if their credit card numbers have been stolen proved so popular in its first several days of operation that its server went down.

The CardCops site compiled a database of stolen credit card numbers and made it available to consumers after first notifying law enforcement officials.

The company operates an online fraud museum and says its mission is "to reduce credit card fraud for all worldwide Internet Merchants."

The card-check service went live Tuesday and today this notice appeared on the site:

"We sincerely apologize for having to take the Data Base offline...we did not expect consumers to embrace this service in such vast numbers. (our server has melted!) We are moving the Data Base to another server late today. Please check back then."

"We had one request per second to the database before it went down," CardCops founder and CEO Dan Clements told internetnews.com in an e-mail exchange. "We had no idea that our little beta server would get hammered....not an excuse...we just underestimated the public's thirst for their own information."

Interestingly, the company also operates a bulletin board, and as with anything involving the Internet and credit card security, caveat emptor. This was the top post this morning:

"Do not use this site it is not secure it has been compromised...I think that this site is an embarrassment to security ... it (was) hacked and all the 100,000 numbers plus all the individuals that entered their account numbers today are now in the hands of hackers...."

CardCops said it collected the information from Internet chat rooms where thieves have been checking whether stolen card numbers are still good to use.

The site told consumers: "These are cards gathered from public places on the Internet, where the credit card validity may have been checked. You can see if your card shows up in the data base. Check one at a time and 'only' use the card number."

That way the expiration date, a part of the data, is kept private. Consumers with a stolen number were advised to contact their financial institutions.

CardCops said the database contained about 100,000 credit card numbers.

"We're creating a situation where Joe Consumer can check his card on the Internet to see if it's been possibly abused," Clements was quoted as saying.

Secret Service Special Agent Donald Masters of the Los Angeles High Tech Crimes Task Force told the Associated Press his team is investigating the most active Internet card thieves discovered in the database provided by CardCops.

Los Angeles-based CardCops, which also has run "sting" operations to nail e-commerce fraudsters, offers information and tools to protect e-commerce companies from credit card fraud. It has more than 1,000 paying members, mostly small and medium-size merchants. The fraud museum displays "the tools hackers, crackers and carders use to defraud merchants."

Critics have complained that it could serve as a tutorial for those seeking to break into the online-fraud game, but Clements has said that the subscription price actually screens out criminals, many of whom are reluctant to pay for anything online. Membership costs $29.95 for the first month and then it's $9.95 a month.