top | item 47143096

(no title)

hibikir | 6 days ago

Stripe was already a big target for basically anyone and anything 10 years ago. Fake merchants, card testers, the works. People were selling guides to defraud Stripe. And we are not even counting just losees due to nonsense like the Fyre festival.

You really don't have to be that big a payment processor for dozens of malicious geniuses to decide that they want to fleece you. If anything, the ROI is better in less sophisticated companies. Most ways to trick a payment company are, if anything, standardized. The smaller company can often be attacked by just changing the API calls, but otherwise taking basically the same actions you would to try to defraud a bigger fish.

discuss

MichaelZuo|6 days ago

I meant geniuses in the real sense, not colloquial sense.

If someone could reasonably expect a cushy 40 hour/week seven figure job, even a malicious personality wouldn’t risk criminal fraud without a much much bigger payout.

And to have dozens focusing on one company…

So anyone handling under a few hundred million per day are safe from that kind of coordinated attack.