A Cautionary Christmas Tale

present-1893643_960_720

‘Twas the night before Christmas, and all through the house,

Not an iPad was stirring, nor PC or Mouse;

 

The shopping had been done on the internet with care,

In hope that the presents soon would be there;

 

The payments were processed, at least in their heads,

Until they found out their account was in shreds;

 

What should have resulted in toys in gift wrap;

Had led them into an elaborate trap,

 

The fraudsters had found an outdated website;

And changed the checkout so it wasn’t quite right,

 

Away to the next site, Dad went like a flash;

Not knowing his card was in the fraudsters stash

 

The website looked fine but ‘twas misdirection;

He’d fallen foul of Sequel Injection,

 

The site wasn’t bad, that should be made clear;

But the standards ignored, no PCI here.

 

With hackers so many, so lively and quick;

The change was so easy, it was done in a click,

 

So please spare a thought, when you next do your shopping,

And check that the site that you found while you’re hopping,

 

Is up to the standard to which we’re reliant;

And make sure it’s one that is PCI compliant.

 

Information Security Consultant, SRM's Principal PCI DSS QSA and Payment Card Industry expert, Paul B is a regular contributor to the SRM blog.

Posted 1 year ago on · Permalink