Jim Stevenson – business marketing technology


A Scottish Variation on the Nigerian 419 scam
April 29, 2009, 5:40 pm
Filed under: Business, Security | Tags: , , ,

I received this email from Mr Atkins. Obviously it’s a scam a variation on the Nigerian 419 scam. The original email came from Hong Kong email address with the reply email address to Portugal.

Worryingly does this put Scotland in the same category as Nigeria now?

~~~~

Dear Sir/Madam,

My name is Alfred Atkins, an executive staff of a bank in Scotland, UK. I wish to make a transfer involving a huge amount to a designated bank account of your choice. For your support (morally, financially etc.), you will have 45% share of the total amount after concluding the transfer. Kindly reply me at alatkinz@megamail.pt, and call at +447045738816 stating your interest, and I shall send you the details and necessary procedure with which to make the transfer. I anxiously await your response.

Regards,
Mr. Atkins

Leave a Comment


London Tube Smartcard (Oyster) Cracked
March 18, 2008, 9:27 pm
Filed under: Business, Hacks, Security, Technology | Tags: , , , , , , ,

The RFID System used by the London Tube Smartcard, the Oyster card, has been cracked.  The system Mifare Classic is used on the Dutch Transit system and possibly in Milan also.

To those who know, it looks like this is just down to a bad design, and potentially there are more serious security vulnerabilities waiting to be discovered.

Details of the hack are here.

The System uses its own cryptography and one of the recommendations to fix this is to use publicly scrutinised cryptography, which by implication is more robust and secure against attack.

There are a number of questions that arise from this:

  •  How many of the organisations affected have Contingency Plans in place for this or similar occurrences;
  • One of the signs of a good customer care organisation is how they deal with issues when they arise.  I wonder what Mifare’s response will be, and if they have any plans, which would mean all their customers can implement the same solution globally;
  • How will Transit Organisations react, I fear by imposing more manual checks which will inconvenience there customers, causing delays;
  • How quickly will hackers and organised crime get involved to start cashing in, and producing hacked cards for sale;
  • In the UK Barclaycard have produced a credit card with an integral Oyster, this will no doubt have an effect on the consumer confidence of this card and Barclaycards developments to a truly contactless credit card, although Barclaycard have pointed out that the credit card system is built on different technology provided by Visa.
Leave a Comment