Who leaked my order information?

Absrtact: Net friend Wind has no mark: recently on the net a single commodity, more than 10 minutes after the customer service calls to ask for the bank card number, ID card number, but also can accurately report what they bought, the delivery address where the details. Though I know it's

Netizen "Wind has no mark":

Recently a single item on the Internet, more than 10 minutes after the "customer service" call to ask for the bank card number, ID number, but also can accurately report what they bought, the delivery address where the details. Although I know this is fraud, but my order information is who leaked it? Is it a web shopping platform or a seller?

Internet black production observers (tracking the latest Internet security hotspots, opened the network underground industry chain of the mysterious veil.) Search for micro-credit "Internet black Production Observer" attention):

In general, the causes of order leaks can be summed up in the following ways:

1, express single information is leaking;

2. There are loopholes in the shopping platform;

3, sellers or buyers computer virus;

4, the seller used a backdoor third-party service software;

5, sellers inside.

If it is a courier leak, the liar will only know the address, name, telephone, it is impossible to say what time you bought what goods. And time is not so fast, the next single more than 10 minutes to receive the call, this time the information should not have to the logistics link. But these 2, 3, 4, 5 reasons are all possible.

Here to share a real case, to introduce the order information of the black industry chain.

Internet purchase Platform Order leakage Third party software is the culprit

Last year, we received a user feedback online purchase orders were leaked, the buyer will receive a few minutes after the fraud phone, the internet black production observers immediately contact the seller and buyer, the investigation.

After the investigation found that the seller involved in the same free order management software, the software in use, the need to login through the software vendor Management Authority, and then the software will be scanned every minute the seller's orders, and the new orders for automatic delivery, and automatically fill out the Print express list, can greatly save the seller's workload.

But the software has a backdoor, in the service at the same time the seller's account password and scanned the order information sent to the software author, so that the user's information is naturally leaked.

What will be used to do after information leaks

After the leak, most of the order information will be sold by software authors to scam gangs and marketing groups. Now the market of online purchase order data price in 2.5 yuan/bar fluctuation. After the survey found that the general software can collect 500-3000 order data per day, then the bad day's profit of about 1000-7500 yuan, such a generous return, nature can attract people to do evil.

Cheats buy the user's order information, will directly through the information on the order to the user call to "card list", "No goods", to give users the pretence of refund to win trust. Then the user to send fishing links, and guide users to fill in the Web site or directly cheat the bank card number, payment password and other information, and finally through the purchase of virtual goods, direct transfer and other means of hedging.

There is a way is directly in the phone fraud, fraud fake customer service, directly through the call for bank card number, ID card, cell phone verification code, and then binding fast payment direct transfer.

In addition to fraud, user information will be used for precision marketing. This is why people often just have a credit card, it is recommended to buy insurance, just bought a car, was sold a variety of automotive supplies reasons.

How to prevent information disclosure?

The reasons for privacy leaks may be manifold, often in the event that we do not know. Therefore, in the appeal, the promotion of the various interconnected enterprises to standardize the use and strict protection of user privacy information, but also to enhance their own security awareness.

First of all, we must enhance the privacy protection consciousness, do not randomly fill in personal information. Now there are a lot of small surveys, small relay activities, will induce users to fill out personal information, this is actually very dangerous.

Before a friend to participate in a grandpa and grandma for the activities of love, let him fill in the contact of grandparents, activities organizers will personally send gifts. The next day his grandmother received a phone call was sold "health products", was cheated more than 30,000. So you must not let yourself or your family's privacy information easily leaked out.

In addition, any problems encountered, must be resolved on the official platform, do not accept private chat. In the case mentioned above, the following orders received the "customer service" phone, regardless of whether it is to refund or what, you can login to the online purchase platform to operate directly. or contact the online customer service, telephone consultation. For this initiative door-to-door "service", we still have to keep a mind.