WikiLeaks protest knocks credit card processors offline
Written by Curtis Arnold
Posted On: December 9, 2010
Regardless of your feelings about whether leaked government documents should be posted online, your credit card issuer's website could find itself at the heart of a conflict over freedom of expression. After American web hosting companies kicked WikiLeaks offline, the site's supporters attempted to solicit credit card donations to pay for offshore servers. Credit card processors reluctant to support the website's activities now face a backlash that could inconvenience both businesses and consumers.
Online payment service PayPal suspended WikiLeaks' donation account, citing terms of service violations. Meanwhile, officials from Visa and MasterCard told reporters that they would block any WikiLeaks donations on their own credit card processing networks. In response, anonymous protestors behind "Operation Payback" launched attacks on all three companies' websites. Concerned consumers, reacting to news reports, have contacted banks to ask whether their accounts are at risk.
Why you shouldn't worry when credit card websites crash.
The protestors used a "distributed denial of service" attack that floods websites with junk data, preventing regular visitors from even seeing a company's home page. The DDoS attack affected Visa and MasterCard's public websites, but not their secret and more heavily secured transaction networks. Although many credit card transactions take place online, most retailers use a shadow network of traditional phone lines as a backup system to transmit payment data. Even if protesters manage to compromise those connections, merchants and banks can fall back on call centers staffed by live operators to manually process crucial credit card transactions.
How you can protect yourself if your bank's website won't load.
Attacks on PayPal's server have caused their processing service to experience significant customer delays. Protestors have also posted messages suggesting that major banks--especially those whose internal documents have been featured on WikiLeaks--could also find themselves slated for new attacks. Past DDoS operations have resulted in downtime ranging from a few minutes to a few days, leaving some technology experts to speculate on the impact of a more coordinated attack on online banking websites.
Although a DDoS attack won't reveal your personal financial information to identity thieves, it can cost you money if you can't log in to your bank's website. Delayed payments can also impact your credit score, affecting everything from loan rates to insurance premiums. Take some precautions to keep your accounts from becoming collateral damage in a battle between engineers and protestors:
- Schedule bill payments in advance. If your bank's website crashes on your normal due date, you may have to choose between a late payment fee, a pay-by-phone service charge, or postage for sending in a check by overnight courier. Avoid extra fees by planning ahead. Use your online banking bill pay service or your credit card issuer's website to submit monthly minimum payments before their due date.
- Check sites from alternate connections. Most banks use complex mirroring services to maintain multiple versions of their websites. If an attack prevents you from seeing your bank's site on your home connection, try your wireless phone or your at-work network. Just like finding a back road to avoid a traffic jam, a different path to your credit card issuer's website can usually get you past a DDoS.
- Use a third-party credit card monitoring service. A DDoS attack can cramp your spending style if you track your transaction activity online. Free online services like Pageonce and Mint use secure database connections to track your spending. If you can't access your bank's website directly, these services may be able to pull transaction data from alternate routes.
Even though the WikiLeaks-inspired attacks have captured recent headlines, credit card company websites can crash for many reasons. Weather problems, server failure, and even human error can prevent you from accessing your transaction history or bill payment services. An online banking contingency plan can save you money while preventing damage to your credit score.
Curtis Arnold, a nationally recognized consumer educator and advocate, has been educating consumers about credit cards since 1998. Curtis is the author of "How You Can Profit from Credit Cards: Using Credit to Improve Your Financial Life and Bottom Line" (FT Press, 2008). He is also the co-author of the upcoming Complete Idiot's Guide to Person-to-Person Lending (Alpha Books/Pengiun Group USA, April 2009), a contribitor to The Ultimate Allowance (InnerWealth Publishing, 2008) and is extensively featured in 42 RulesTM for Driving Success With Books (Super Star Press, January 2009).