{"id":13440,"date":"2013-02-21T12:10:17","date_gmt":"2013-02-21T17:10:17","guid":{"rendered":"http:\/\/ssgreenberg.name\/PoliticsBlog\/?p=13440"},"modified":"2013-02-21T12:26:21","modified_gmt":"2013-02-21T17:26:21","slug":"is-everything-we-know-about-password-stealing-wrong","status":"publish","type":"post","link":"https:\/\/ssgreenberg.name\/PoliticsBlog\/2013\/02\/21\/is-everything-we-know-about-password-stealing-wrong\/","title":{"rendered":"Is Everything We Know about Password Stealing Wrong?"},"content":{"rendered":"<p>The IEEE online magazine <em>Computing Now<\/em> has the interesting article <a title=\"Computing Now article\" href=\"http:\/\/www.computer.org\/portal\/web\/computingnow\/content?g=53319&amp;type=article&amp;urlTitle=is-everything-we-know-about-password-stealing-wrong-&amp;lf1=976402418f728216021546d6415983\" target=\"_blank\"><strong>Is Everything We Know about Password Stealing Wrong?<\/strong><\/a><\/p>\n<blockquote><p>The money mule&#8217;s role is to turn a traceable, reversible transaction into an untraceable, irreversible one.\u00a0 Using a stolen password, the thief transfers money (traceably and reversibly) to the mule&#8217;s account using, for example, online bill pay. On receipt, the mule sends this money (untraceably and irreversibly), minus a &#8220;commission,&#8221; to the thief. By using, for instance, Western Union for this transfer, the mule has made it irreversible and untraceable. By authorizing the withdrawal with a signature, the mule gives up any ability to repudiate. The mule has thus given up any consumer legal protections that he or she might have enjoyed. The mule accepts a bad transfer and initiates a good one.<\/p>\n<p>Consider a fraudulent transfer of $9,000 from a compromised account. Using online bill pay, the thief sends $9,000 from the victim&#8217;s account to the mule. The mule sends $8,100 to the thief and keeps a $900 commission. Once fraud is discovered, the victim is reimbursed, and reversal is attempted from the mule account. Thus, before discovery, the <span style=\"color: #339966;\"><strong>victim<\/strong><\/span>, <span style=\"color: #339966;\"><strong>mule<\/strong><\/span>, and <span style=\"color: #339966;\"><strong>thief<\/strong> <\/span>have gains of \u2013$9,000, $900, and $8,100, respectively. After discovery and reimbursement, they have $0, \u2013$8,100, and $8,100, respectively.<\/p><\/blockquote>\n<p>The moral of the story is that you are less in danger from having your password stolen at an ATM than you are of being talked into becoming a mule. Still, you&#8217;ll avoid hassle if not loss of money if you protect your password from theft.<\/p>\n<p>As Kermit might say, &#8220;It is not easy being a mule.&#8221; Maybe it&#8217;s Eddie Murphy that would make that remark.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The IEEE online magazine Computing Now has the interesting article Is Everything We Know about Password Stealing Wrong? The money mule&#8217;s role is to turn a traceable, reversible transaction into an untraceable, irreversible one.\u00a0 Using a stolen password, the thief transfers money (traceably and reversibly) to the mule&#8217;s account using, for example, online bill pay. [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[166],"tags":[],"class_list":{"0":"post-13440","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-stevegsposts","7":"czr-hentry"},"_links":{"self":[{"href":"https:\/\/ssgreenberg.name\/PoliticsBlog\/wp-json\/wp\/v2\/posts\/13440","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ssgreenberg.name\/PoliticsBlog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ssgreenberg.name\/PoliticsBlog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ssgreenberg.name\/PoliticsBlog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ssgreenberg.name\/PoliticsBlog\/wp-json\/wp\/v2\/comments?post=13440"}],"version-history":[{"count":5,"href":"https:\/\/ssgreenberg.name\/PoliticsBlog\/wp-json\/wp\/v2\/posts\/13440\/revisions"}],"predecessor-version":[{"id":13445,"href":"https:\/\/ssgreenberg.name\/PoliticsBlog\/wp-json\/wp\/v2\/posts\/13440\/revisions\/13445"}],"wp:attachment":[{"href":"https:\/\/ssgreenberg.name\/PoliticsBlog\/wp-json\/wp\/v2\/media?parent=13440"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ssgreenberg.name\/PoliticsBlog\/wp-json\/wp\/v2\/categories?post=13440"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ssgreenberg.name\/PoliticsBlog\/wp-json\/wp\/v2\/tags?post=13440"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}