SlideShare uma empresa Scribd logo

5.16.1 handling a new hoax site

Transferir como DOC, PDF
F
FrankSobotka
TecnologiaDesign
1 de 5
Tiltproof Incorporated Document No. 5.16.1 Effective Date 04/27/2007 Handling a New Hoax Site Revision Date 07/27/2007 Approval GN 1.0 Purpose: This document establishes how to handle a new hoax site. 2.0 1) Supervisors and above. Persons Affected: 3.0 1) Printable version: tpfs1nwworkflow$HANDBOOKPrint Forms, Versions5.16.1 Handling a New Hoax Site.doc Checklists, Flowchart: 4.0 Policy: 5.0 A) Reporting a New Hoax Site Procedure: 1) Alert the Hoax Team at <hoaxteam@tiltproof.ca> and CC <supervisors@tiltproof.ca> immediately if you become aware of a new hoax website. 2) A member of the Hoax Team or a Supervisor will do the following. 3) Go to <www.dnsstuff.com> and enter the web address into the “WHOIS” and “Abuse Lookup” fields. 4) Find out who is hosting the website, most likely Yahoo. Select “get results with the E-mail addresses” to find the contact email address for the hosting site. 5) Send the template email below to the contact email address/es with the appropriate CC: from the Fraudoperations@fulltiltpoker.com email address, and BCC: pmclaughlin@pocketkings.ie (You should never send email to any non-Tiltproof or non-Pocket Kings party from your personal Tiltproof.ca address.).
Tiltproof Incorporated 6) Follow the steps below while waiting for a reply (Section B). 7) Once you receive a reply from the company hosting the site saying that the website has been removed, please forward to <supsopsscsrs@tiltproof.ca>, <iimrich@ijilaw.com>, < fraudsquad@tiltproof.ca> if they weren’t CC:ed in the reply. a) CC the specific processor if the hoax site was asking for the particular processors account numbers. These are INTERNAL and not to be given to player’s.  NETELLER < Investigations@neteller.com >  MyWebATM < charles@opusfinancials.com >  ePassporte < brian.branam@epassporte.com >, and < annelies.manuel@epassporte.com >  Click2Pay < martin.osterloh@wirecard.com > B) Procedure to Follow While Waiting for a Reply 1) Alert the Supervisor to get a message out to the current shift about the site, and to suggest they review the PR document in the handbook about handling responses to hoax emails. C) Supervisor’s Procedure to Follow While Waiting for a Reply 1) Assign someone to run a chat scan for the hoax website every 5-10 minutes.  Run the ChatScan macro or manually do this by typing FTT_Followd chatscan 1 ".com" 1>chatscan.txt into the command prompt 2) Add the hoax website to the  Announcements Page  Huddle Notes  [S:FTP_Fraud_DepartmentHoaxHoax Site Log.xls]  White Boards (if needed) D) Email Template To: (If Yahoo) <reportabuse@yahoo-inc.com>, <abuse@yahoo-inc.com>, <copyright@yahoo-inc.com>, <domains-abuse@cc.yahoo-inc.com> Cc: <supsopsscsrs@tiltproof.ca>, <iimrich@ijilaw.com>, <hoaxteam@tiltproof.ca>, the processors should be CC’d when appropriate. Content: Hello, It has come to our attention that you may be hosting a site which is attempting
Tiltproof Incorporated to defraud customers of FullTiltPoker.com. Please review your hosting for: _____________________ XXXFOR SCAM SITESXXX This is a site which is attempting to "scam" users passwords for their FullTiltPoker logins, as well as many transaction processor websites (essentially online banks) such as NETELLER, ePassporte, PayPal, and Moneybookers. The site is also in breach of copyright laws. XXXFOR KEYLOGGING SITESXXX This site attempts to install malicious key-logging software onto unsuspecting player's computers and is in breach of copyright laws. We request that you remove the offending site as expeditiously as possible. Please contact us with any concerns or questions. Thank you for your prompt cooperation in this matter. ********NAME******** On behalf of Full Tilt Poker E) Finding a Back End Server Location 1) Open the suspected hoax site 2) Right click the webpage 3) Select “View” 4) Select “Source” or “View Source” to bring it up in text form. 5) Save a copy of this in [S: FTP_Fraud_DepartmentHOAXScam Website Source Code] with the same name as the web address  Scam-websitedotcom.txt 6) If it is similar to our previous scam websites, it will have a “form” that sends information to another website. It will look similar to this:  <form action="http://00642EF.NETSOLHOST.COM/login.php" method="post"> 7) Follow the steps in “Reporting a New Hoax Site” with the web address located next to form action.  <http://00642EF.NETSOLHOST.COM/login.php> F) Investigating Players Affected by the Hoax Site 1) Create a new folder in [S:FTP_Fraud_DepartmentHOAX2007] named [Hoax Site mm yy]
Tiltproof Incorporated  Investigators save their know100s and all related files in this folder. 2) Start a spreadsheet tracker for all victims of this new hoax site. G) Spreadsheet “Account Security/Limits” Section 1) Confirm that the players account is clean with no foreign logins. 2) Open their account in WAT. a) Select the “Security & Limits” tab. b) Select “No Play”, “No Mixed Games”, “No Chat”, “No Deposit” and “No Transfer” for added security. c) Select “Submit.” 3) Email the player requesting that they reset their password and contact us back immediately. 4) Once the player writes back we can reinstate their account fully, and give them back all privileges to the account. 5) In the spreadsheet, highlight the players account green once they have confirmed that the password has been changed and the playing rights have been given back. 6.0 Back End Server = is what the recent (Feb 2006) scammer used to record all Definitions: of the account particulars. Basically there is the front end website which is where they direct everyone to go (www.500free-fulltiltpoker.com). Once they enter the information, they are redirected to another website that is hosted by a different company that is invisible to the human eye. This is a form of disguise by the scammer to prolong the exposure of the website and it also will protect the information the hoaxer has received for a longer period of time. 7.0 July 27/07 Revision BCC pmclaughlin@ July 20/07 History: New Fraud Team email addresses and folders Edit to email template Added more restrictions to accounts in G) July 5/07 New Yahoo email added to template June 19/07 Send emails from the Operations addy April 24/07 Email supsopsscsrs not management. Email processors when needed. Template altered. April 12/07
Tiltproof Incorporated Template – no office ph# and added “On behalf of” to signature

Recomendados

India now volume1_issue1
India now volume1_issue1India now volume1_issue1
India now volume1_issue1Ravindra Mahansaria
 
Kmcm2012 invitation
Kmcm2012 invitationKmcm2012 invitation
Kmcm2012 invitationKotra Kbc
 
Non Ibr Boiler 460 Tph
Non Ibr Boiler 460 TphNon Ibr Boiler 460 Tph
Non Ibr Boiler 460 Tphandy appan
 
FICCI Knowledge Series (Part 3)
FICCI Knowledge Series (Part 3)FICCI Knowledge Series (Part 3)
FICCI Knowledge Series (Part 3)Federation of Indian Chambers of Commerce & Industry (FICCI)
 
India : IT & ITes Sector Report_August 2013
India : IT & ITes Sector Report_August 2013India : IT & ITes Sector Report_August 2013
India : IT & ITes Sector Report_August 2013India Brand Equity Foundation
 
5.16.4 initial response for hoax related emails
5.16.4 initial response for hoax related emails5.16.4 initial response for hoax related emails
5.16.4 initial response for hoax related emailsFrankSobotka
 
Top Ten Web Hacking Techniques (2010)
Top Ten Web Hacking Techniques (2010)Top Ten Web Hacking Techniques (2010)
Top Ten Web Hacking Techniques (2010)Jeremiah Grossman
 
Lab-3 Cyber Threat Analysis In Lab-3, you will do some c.docx
Lab-3 Cyber Threat Analysis In Lab-3, you will do some c.docxLab-3 Cyber Threat Analysis In Lab-3, you will do some c.docx
Lab-3 Cyber Threat Analysis In Lab-3, you will do some c.docxLaticiaGrissomzz
 

Recomendados

India now volume1_issue1
India now volume1_issue1India now volume1_issue1
India now volume1_issue1Ravindra Mahansaria
 
Kmcm2012 invitation
Kmcm2012 invitationKmcm2012 invitation
Kmcm2012 invitationKotra Kbc
 
Non Ibr Boiler 460 Tph
Non Ibr Boiler 460 TphNon Ibr Boiler 460 Tph
Non Ibr Boiler 460 Tphandy appan
 
FICCI Knowledge Series (Part 3)
FICCI Knowledge Series (Part 3)FICCI Knowledge Series (Part 3)
FICCI Knowledge Series (Part 3)Federation of Indian Chambers of Commerce & Industry (FICCI)
 
India : IT & ITes Sector Report_August 2013
India : IT & ITes Sector Report_August 2013India : IT & ITes Sector Report_August 2013
India : IT & ITes Sector Report_August 2013India Brand Equity Foundation
 
5.16.4 initial response for hoax related emails
5.16.4 initial response for hoax related emails5.16.4 initial response for hoax related emails
5.16.4 initial response for hoax related emailsFrankSobotka
 
Top Ten Web Hacking Techniques (2010)
Top Ten Web Hacking Techniques (2010)Top Ten Web Hacking Techniques (2010)
Top Ten Web Hacking Techniques (2010)Jeremiah Grossman
 
Lab-3 Cyber Threat Analysis In Lab-3, you will do some c.docx
Lab-3 Cyber Threat Analysis In Lab-3, you will do some c.docxLab-3 Cyber Threat Analysis In Lab-3, you will do some c.docx
Lab-3 Cyber Threat Analysis In Lab-3, you will do some c.docxLaticiaGrissomzz
 
Rich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safeRich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safeJeremiah Grossman
 
Evolving Threat Landscapes Web-Based Botnet Through Exploit Kits and Scripts ...
Evolving Threat Landscapes Web-Based Botnet Through Exploit Kits and Scripts ...Evolving Threat Landscapes Web-Based Botnet Through Exploit Kits and Scripts ...
Evolving Threat Landscapes Web-Based Botnet Through Exploit Kits and Scripts ...Julia Yu-Chin Cheng
 
CSRF_RSA_2008_Jeremiah_Grossman
CSRF_RSA_2008_Jeremiah_GrossmanCSRF_RSA_2008_Jeremiah_Grossman
CSRF_RSA_2008_Jeremiah_Grossmanguestdb261a
 
2010: A Web Hacking Odyssey - Top Ten Hacks of the Year
2010: A Web Hacking Odyssey - Top Ten Hacks of the Year2010: A Web Hacking Odyssey - Top Ten Hacks of the Year
2010: A Web Hacking Odyssey - Top Ten Hacks of the YearJeremiah Grossman
 
Continuing in your role as a human service provider for your local.docx
Continuing in your role as a human service provider for your local.docxContinuing in your role as a human service provider for your local.docx
Continuing in your role as a human service provider for your local.docxrichardnorman90310
 
What is Cryptojacking and How Can I Protect Myself?
What is Cryptojacking and How Can I Protect Myself?What is Cryptojacking and How Can I Protect Myself?
What is Cryptojacking and How Can I Protect Myself?Global Knowledge Training
 
2023-May.pptx
2023-May.pptx2023-May.pptx
2023-May.pptxmnaeemuetcs
 
Watch How the Giants Fall
Watch How the Giants FallWatch How the Giants Fall
Watch How the Giants Falljtmelton
 
Protect your website
Protect your websiteProtect your website
Protect your websiteMuthu Natarajan
 
Cybercrime presentation
Cybercrime presentationCybercrime presentation
Cybercrime presentationRajat Jain
 
Browser Internals-Same Origin Policy
Browser Internals-Same Origin PolicyBrowser Internals-Same Origin Policy
Browser Internals-Same Origin PolicyKrishna T
 
5.10.8 my webatm
5.10.8 my webatm5.10.8 my webatm
5.10.8 my webatmFrankSobotka
 
5.17 requesting a seizure or deposit
5.17 requesting a seizure or deposit5.17 requesting a seizure or deposit
5.17 requesting a seizure or depositFrankSobotka
 
darkode_02.05.17
darkode_02.05.17darkode_02.05.17
darkode_02.05.17James Tan
 
Drive By Downloads: How To Avoid Getting a Cap Popped in Your App
Drive By Downloads: How To Avoid Getting a Cap Popped in Your App Drive By Downloads: How To Avoid Getting a Cap Popped in Your App
Drive By Downloads: How To Avoid Getting a Cap Popped in Your App Cenzic
 
Lab3code.c#include stdio.h#include stdlib.h#include.docx
Lab3code.c#include stdio.h#include stdlib.h#include.docxLab3code.c#include stdio.h#include stdlib.h#include.docx
Lab3code.c#include stdio.h#include stdlib.h#include.docxsmile790243
 
How to use_000webhost
How to use_000webhostHow to use_000webhost
How to use_000webhostIIUM
 
Web application security
Web application securityWeb application security
Web application securityJin Castor
 
5.10.5 click2 pay
5.10.5 click2 pay5.10.5 click2 pay
5.10.5 click2 payFrankSobotka
 
Webhooks
WebhooksWebhooks
WebhooksPriyank Thada
 
Security team training
Security team trainingSecurity team training
Security team trainingFrankSobotka
 
Abc of hoax site investigation
Abc of hoax site investigationAbc of hoax site investigation
Abc of hoax site investigationFrankSobotka
 

Mais conteúdo relacionado

Semelhante a 5.16.1 handling a new hoax site

Rich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safeRich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safeJeremiah Grossman
 
Evolving Threat Landscapes Web-Based Botnet Through Exploit Kits and Scripts ...
Evolving Threat Landscapes Web-Based Botnet Through Exploit Kits and Scripts ...Evolving Threat Landscapes Web-Based Botnet Through Exploit Kits and Scripts ...
Evolving Threat Landscapes Web-Based Botnet Through Exploit Kits and Scripts ...Julia Yu-Chin Cheng
 
CSRF_RSA_2008_Jeremiah_Grossman
CSRF_RSA_2008_Jeremiah_GrossmanCSRF_RSA_2008_Jeremiah_Grossman
CSRF_RSA_2008_Jeremiah_Grossmanguestdb261a
 
2010: A Web Hacking Odyssey - Top Ten Hacks of the Year
2010: A Web Hacking Odyssey - Top Ten Hacks of the Year2010: A Web Hacking Odyssey - Top Ten Hacks of the Year
2010: A Web Hacking Odyssey - Top Ten Hacks of the YearJeremiah Grossman
 
Continuing in your role as a human service provider for your local.docx
Continuing in your role as a human service provider for your local.docxContinuing in your role as a human service provider for your local.docx
Continuing in your role as a human service provider for your local.docxrichardnorman90310
 
What is Cryptojacking and How Can I Protect Myself?
What is Cryptojacking and How Can I Protect Myself?What is Cryptojacking and How Can I Protect Myself?
What is Cryptojacking and How Can I Protect Myself?Global Knowledge Training
 
Watch How the Giants Fall
Watch How the Giants FallWatch How the Giants Fall
Watch How the Giants Falljtmelton
 
Cybercrime presentation
Cybercrime presentationCybercrime presentation
Cybercrime presentationRajat Jain
 
Browser Internals-Same Origin Policy
Browser Internals-Same Origin PolicyBrowser Internals-Same Origin Policy
Browser Internals-Same Origin PolicyKrishna T
 
5.17 requesting a seizure or deposit
5.17 requesting a seizure or deposit5.17 requesting a seizure or deposit
5.17 requesting a seizure or depositFrankSobotka
 
darkode_02.05.17
darkode_02.05.17darkode_02.05.17
darkode_02.05.17James Tan
 
Drive By Downloads: How To Avoid Getting a Cap Popped in Your App
Drive By Downloads: How To Avoid Getting a Cap Popped in Your App Drive By Downloads: How To Avoid Getting a Cap Popped in Your App
Drive By Downloads: How To Avoid Getting a Cap Popped in Your App Cenzic
 
Lab3code.c#include stdio.h#include stdlib.h#include.docx
Lab3code.c#include stdio.h#include stdlib.h#include.docxLab3code.c#include stdio.h#include stdlib.h#include.docx
Lab3code.c#include stdio.h#include stdlib.h#include.docxsmile790243
 
How to use_000webhost
How to use_000webhostHow to use_000webhost
How to use_000webhostIIUM
 
Web application security
Web application securityWeb application security
Web application securityJin Castor
 

Semelhante a 5.16.1 handling a new hoax site (20)

Rich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safeRich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safe
 
Evolving Threat Landscapes Web-Based Botnet Through Exploit Kits and Scripts ...
Evolving Threat Landscapes Web-Based Botnet Through Exploit Kits and Scripts ...Evolving Threat Landscapes Web-Based Botnet Through Exploit Kits and Scripts ...
Evolving Threat Landscapes Web-Based Botnet Through Exploit Kits and Scripts ...
 
CSRF_RSA_2008_Jeremiah_Grossman
CSRF_RSA_2008_Jeremiah_GrossmanCSRF_RSA_2008_Jeremiah_Grossman
CSRF_RSA_2008_Jeremiah_Grossman
 
2010: A Web Hacking Odyssey - Top Ten Hacks of the Year
2010: A Web Hacking Odyssey - Top Ten Hacks of the Year2010: A Web Hacking Odyssey - Top Ten Hacks of the Year
2010: A Web Hacking Odyssey - Top Ten Hacks of the Year
 
Continuing in your role as a human service provider for your local.docx
Continuing in your role as a human service provider for your local.docxContinuing in your role as a human service provider for your local.docx
Continuing in your role as a human service provider for your local.docx
 
What is Cryptojacking and How Can I Protect Myself?
What is Cryptojacking and How Can I Protect Myself?What is Cryptojacking and How Can I Protect Myself?
What is Cryptojacking and How Can I Protect Myself?
 
2023-May.pptx
2023-May.pptx2023-May.pptx
2023-May.pptx
 
Watch How the Giants Fall
Watch How the Giants FallWatch How the Giants Fall
Watch How the Giants Fall
 
Protect your website
Protect your websiteProtect your website
Protect your website
 
Cybercrime presentation
Cybercrime presentationCybercrime presentation
Cybercrime presentation
 
Browser Internals-Same Origin Policy
Browser Internals-Same Origin PolicyBrowser Internals-Same Origin Policy
Browser Internals-Same Origin Policy
 
5.10.8 my webatm
5.10.8 my webatm5.10.8 my webatm
5.10.8 my webatm
 
5.17 requesting a seizure or deposit
5.17 requesting a seizure or deposit5.17 requesting a seizure or deposit
5.17 requesting a seizure or deposit
 
darkode_02.05.17
darkode_02.05.17darkode_02.05.17
darkode_02.05.17
 
Drive By Downloads: How To Avoid Getting a Cap Popped in Your App
Drive By Downloads: How To Avoid Getting a Cap Popped in Your App Drive By Downloads: How To Avoid Getting a Cap Popped in Your App
Drive By Downloads: How To Avoid Getting a Cap Popped in Your App
 
Lab3code.c#include stdio.h#include stdlib.h#include.docx
Lab3code.c#include stdio.h#include stdlib.h#include.docxLab3code.c#include stdio.h#include stdlib.h#include.docx
Lab3code.c#include stdio.h#include stdlib.h#include.docx
 
How to use_000webhost
How to use_000webhostHow to use_000webhost
How to use_000webhost
 
Web application security
Web application securityWeb application security
Web application security
 
5.10.5 click2 pay
5.10.5 click2 pay5.10.5 click2 pay
5.10.5 click2 pay
 
Webhooks
WebhooksWebhooks
Webhooks
 

Mais de FrankSobotka

Security team training
Security team trainingSecurity team training
Security team trainingFrankSobotka
 
Abc of hoax site investigation
Abc of hoax site investigationAbc of hoax site investigation
Abc of hoax site investigationFrankSobotka
 
Fraud email routing
Fraud email routingFraud email routing
Fraud email routingFrankSobotka
 
Communicating with third party security teams
Communicating with third party security teamsCommunicating with third party security teams
Communicating with third party security teamsFrankSobotka
 
Credit card chargeback reversals
Credit card chargeback reversalsCredit card chargeback reversals
Credit card chargeback reversalsFrankSobotka
 
Credit card and payment processor descriptors
Credit card and payment processor descriptorsCredit card and payment processor descriptors
Credit card and payment processor descriptorsFrankSobotka
 
Chargeback repayment
Chargeback repaymentChargeback repayment
Chargeback repaymentFrankSobotka
 
5.17.1 fraud batch processing tool (fbt)
5.17.1 fraud batch processing tool (fbt)5.17.1 fraud batch processing tool (fbt)
5.17.1 fraud batch processing tool (fbt)FrankSobotka
 
5.16.5 hoax fund transfers
5.16.5 hoax fund transfers5.16.5 hoax fund transfers
5.16.5 hoax fund transfersFrankSobotka
 
5.15.3.6 collusion tournament cases
5.15.3.6 collusion tournament cases5.15.3.6 collusion tournament cases
5.15.3.6 collusion tournament casesFrankSobotka
 
5.15.3.4 collusion live cash game cases
5.15.3.4 collusion live cash game cases5.15.3.4 collusion live cash game cases
5.15.3.4 collusion live cash game casesFrankSobotka
 
5.15.3.2 chat cheating claims in ring games
5.15.3.2 chat cheating claims in ring games5.15.3.2 chat cheating claims in ring games
5.15.3.2 chat cheating claims in ring gamesFrankSobotka
 
5.15.3.1 chat cheaters in live cash games
5.15.3.1 chat cheaters in live cash games5.15.3.1 chat cheaters in live cash games
5.15.3.1 chat cheaters in live cash gamesFrankSobotka
 
5.2.13 fire pay deactivations reactivations
5.2.13 fire pay deactivations reactivations5.2.13 fire pay deactivations reactivations
5.2.13 fire pay deactivations reactivationsFrankSobotka
 
5.2.5 sending fraud templates
5.2.5 sending fraud templates5.2.5 sending fraud templates
5.2.5 sending fraud templatesFrankSobotka
 
5.2.3.1 non fraudulent chip dumping
5.2.3.1 non fraudulent chip dumping5.2.3.1 non fraudulent chip dumping
5.2.3.1 non fraudulent chip dumpingFrankSobotka
 
Disputed credit card charges
Disputed credit card chargesDisputed credit card charges
Disputed credit card chargesFrankSobotka
 
Toc fraud policy and procedure manual
Toc fraud policy and procedure manualToc fraud policy and procedure manual
Toc fraud policy and procedure manualFrankSobotka
 
Templates for kana
Templates for kanaTemplates for kana
Templates for kanaFrankSobotka
 

Mais de FrankSobotka (20)

Security team training
Security team trainingSecurity team training
Security team training
 
Abc of hoax site investigation
Abc of hoax site investigationAbc of hoax site investigation
Abc of hoax site investigation
 
Fraud email routing
Fraud email routingFraud email routing
Fraud email routing
 
Communicating with third party security teams
Communicating with third party security teamsCommunicating with third party security teams
Communicating with third party security teams
 
Credit card chargeback reversals
Credit card chargeback reversalsCredit card chargeback reversals
Credit card chargeback reversals
 
Credit card and payment processor descriptors
Credit card and payment processor descriptorsCredit card and payment processor descriptors
Credit card and payment processor descriptors
 
Chargeback repayment
Chargeback repaymentChargeback repayment
Chargeback repayment
 
5.17.1 fraud batch processing tool (fbt)
5.17.1 fraud batch processing tool (fbt)5.17.1 fraud batch processing tool (fbt)
5.17.1 fraud batch processing tool (fbt)
 
5.16.5 hoax fund transfers
5.16.5 hoax fund transfers5.16.5 hoax fund transfers
5.16.5 hoax fund transfers
 
5.15.3.6 collusion tournament cases
5.15.3.6 collusion tournament cases5.15.3.6 collusion tournament cases
5.15.3.6 collusion tournament cases
 
5.15.3.4 collusion live cash game cases
5.15.3.4 collusion live cash game cases5.15.3.4 collusion live cash game cases
5.15.3.4 collusion live cash game cases
 
5.15.3.2 chat cheating claims in ring games
5.15.3.2 chat cheating claims in ring games5.15.3.2 chat cheating claims in ring games
5.15.3.2 chat cheating claims in ring games
 
5.15.3.1 chat cheaters in live cash games
5.15.3.1 chat cheaters in live cash games5.15.3.1 chat cheaters in live cash games
5.15.3.1 chat cheaters in live cash games
 
5.2.13 fire pay deactivations reactivations
5.2.13 fire pay deactivations reactivations5.2.13 fire pay deactivations reactivations
5.2.13 fire pay deactivations reactivations
 
5.2.5 sending fraud templates
5.2.5 sending fraud templates5.2.5 sending fraud templates
5.2.5 sending fraud templates
 
5.2.3.1 non fraudulent chip dumping
5.2.3.1 non fraudulent chip dumping5.2.3.1 non fraudulent chip dumping
5.2.3.1 non fraudulent chip dumping
 
Disputed credit card charges
Disputed credit card chargesDisputed credit card charges
Disputed credit card charges
 
5.2.1 red alerts
5.2.1 red alerts5.2.1 red alerts
5.2.1 red alerts
 
Toc fraud policy and procedure manual
Toc fraud policy and procedure manualToc fraud policy and procedure manual
Toc fraud policy and procedure manual
 
Templates for kana
Templates for kanaTemplates for kana
Templates for kana
 

Último

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Último (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

5.16.1 handling a new hoax site

  • 1. Tiltproof Incorporated Document No. 5.16.1 Effective Date 04/27/2007 Handling a New Hoax Site Revision Date 07/27/2007 Approval GN 1.0 Purpose: This document establishes how to handle a new hoax site. 2.0 1) Supervisors and above. Persons Affected: 3.0 1) Printable version: tpfs1nwworkflow$HANDBOOKPrint Forms, Versions5.16.1 Handling a New Hoax Site.doc Checklists, Flowchart: 4.0 Policy: 5.0 A) Reporting a New Hoax Site Procedure: 1) Alert the Hoax Team at <hoaxteam@tiltproof.ca> and CC <supervisors@tiltproof.ca> immediately if you become aware of a new hoax website. 2) A member of the Hoax Team or a Supervisor will do the following. 3) Go to <www.dnsstuff.com> and enter the web address into the “WHOIS” and “Abuse Lookup” fields. 4) Find out who is hosting the website, most likely Yahoo. Select “get results with the E-mail addresses” to find the contact email address for the hosting site. 5) Send the template email below to the contact email address/es with the appropriate CC: from the Fraudoperations@fulltiltpoker.com email address, and BCC: pmclaughlin@pocketkings.ie (You should never send email to any non-Tiltproof or non-Pocket Kings party from your personal Tiltproof.ca address.).
  • 2. Tiltproof Incorporated 6) Follow the steps below while waiting for a reply (Section B). 7) Once you receive a reply from the company hosting the site saying that the website has been removed, please forward to <supsopsscsrs@tiltproof.ca>, <iimrich@ijilaw.com>, < fraudsquad@tiltproof.ca> if they weren’t CC:ed in the reply. a) CC the specific processor if the hoax site was asking for the particular processors account numbers. These are INTERNAL and not to be given to player’s.  NETELLER < Investigations@neteller.com >  MyWebATM < charles@opusfinancials.com >  ePassporte < brian.branam@epassporte.com >, and < annelies.manuel@epassporte.com >  Click2Pay < martin.osterloh@wirecard.com > B) Procedure to Follow While Waiting for a Reply 1) Alert the Supervisor to get a message out to the current shift about the site, and to suggest they review the PR document in the handbook about handling responses to hoax emails. C) Supervisor’s Procedure to Follow While Waiting for a Reply 1) Assign someone to run a chat scan for the hoax website every 5-10 minutes.  Run the ChatScan macro or manually do this by typing FTT_Followd chatscan 1 ".com" 1>chatscan.txt into the command prompt 2) Add the hoax website to the  Announcements Page  Huddle Notes  [S:FTP_Fraud_DepartmentHoaxHoax Site Log.xls]  White Boards (if needed) D) Email Template To: (If Yahoo) <reportabuse@yahoo-inc.com>, <abuse@yahoo-inc.com>, <copyright@yahoo-inc.com>, <domains-abuse@cc.yahoo-inc.com> Cc: <supsopsscsrs@tiltproof.ca>, <iimrich@ijilaw.com>, <hoaxteam@tiltproof.ca>, the processors should be CC’d when appropriate. Content: Hello, It has come to our attention that you may be hosting a site which is attempting
  • 3. Tiltproof Incorporated to defraud customers of FullTiltPoker.com. Please review your hosting for: _____________________ XXXFOR SCAM SITESXXX This is a site which is attempting to "scam" users passwords for their FullTiltPoker logins, as well as many transaction processor websites (essentially online banks) such as NETELLER, ePassporte, PayPal, and Moneybookers. The site is also in breach of copyright laws. XXXFOR KEYLOGGING SITESXXX This site attempts to install malicious key-logging software onto unsuspecting player's computers and is in breach of copyright laws. We request that you remove the offending site as expeditiously as possible. Please contact us with any concerns or questions. Thank you for your prompt cooperation in this matter. ********NAME******** On behalf of Full Tilt Poker E) Finding a Back End Server Location 1) Open the suspected hoax site 2) Right click the webpage 3) Select “View” 4) Select “Source” or “View Source” to bring it up in text form. 5) Save a copy of this in [S: FTP_Fraud_DepartmentHOAXScam Website Source Code] with the same name as the web address  Scam-websitedotcom.txt 6) If it is similar to our previous scam websites, it will have a “form” that sends information to another website. It will look similar to this:  <form action="http://00642EF.NETSOLHOST.COM/login.php" method="post"> 7) Follow the steps in “Reporting a New Hoax Site” with the web address located next to form action.  <http://00642EF.NETSOLHOST.COM/login.php> F) Investigating Players Affected by the Hoax Site 1) Create a new folder in [S:FTP_Fraud_DepartmentHOAX2007] named [Hoax Site mm yy]
  • 4. Tiltproof Incorporated  Investigators save their know100s and all related files in this folder. 2) Start a spreadsheet tracker for all victims of this new hoax site. G) Spreadsheet “Account Security/Limits” Section 1) Confirm that the players account is clean with no foreign logins. 2) Open their account in WAT. a) Select the “Security & Limits” tab. b) Select “No Play”, “No Mixed Games”, “No Chat”, “No Deposit” and “No Transfer” for added security. c) Select “Submit.” 3) Email the player requesting that they reset their password and contact us back immediately. 4) Once the player writes back we can reinstate their account fully, and give them back all privileges to the account. 5) In the spreadsheet, highlight the players account green once they have confirmed that the password has been changed and the playing rights have been given back. 6.0 Back End Server = is what the recent (Feb 2006) scammer used to record all Definitions: of the account particulars. Basically there is the front end website which is where they direct everyone to go (www.500free-fulltiltpoker.com). Once they enter the information, they are redirected to another website that is hosted by a different company that is invisible to the human eye. This is a form of disguise by the scammer to prolong the exposure of the website and it also will protect the information the hoaxer has received for a longer period of time. 7.0 July 27/07 Revision BCC pmclaughlin@ July 20/07 History: New Fraud Team email addresses and folders Edit to email template Added more restrictions to accounts in G) July 5/07 New Yahoo email added to template June 19/07 Send emails from the Operations addy April 24/07 Email supsopsscsrs not management. Email processors when needed. Template altered. April 12/07
  • 5. Tiltproof Incorporated Template – no office ph# and added “On behalf of” to signature