Click Here for our Site Map

(1) Stealing credit card number via home Wifi network

The Hong Kong district court heard a computer crime case on (2) 18 June 2007. An African visitor (3) rented a flat and stole (4) credit card number from his neighbor using wireless sniffing, (5) then he used the credit card information to do online shopping. The charge was brought (6) against HK Crime Ordinance Chapter 200 s116. More detail (7) information will be available when the judgment is posted online.

The (8) 23 years old defendant was caught since he (9) used his home address for online shopping and (10) police were able to trace the delivery records. His ignorance of fraud detection system (11) and the tracking of online shopping transactions seems to suggest that he is not a professional criminal. There are lots of ways in which to use stolen credit card numbers, buying cash coupon (12) and (13) deliver to (14) unoccupied house's mail box are common.

According to statistics, credit card fraud (15) are increasing and cost 3 billion USD in 2006 (16) up from 2.7 billion in 2005. Different measures (like adding chips or using (17) online password) are introduced to protect credit card transactions. However, these new measures are not effective if the network layer is circumvented. When a malicious user (18) installed hacker tools on a network, the protection mechanism on the online application layer may not work at all. Man-in-the-middle attacks using (19) fake server to intercept Internet traffic were the most dangerous.

Traditionally, to (20) setup a (21) Man-in-the-middle attack or eavesdropping network traffic, the hacker needs to have access to the victim's physical network. However, with the availability of wireless (22) network, this physical constraint is no longer (23) being an obstacle. If the victim uses (24) non-encrypted wireless network (which (25) was 45% in 2006, according to PISA wireless survey, it is relatively easy to obtain (26) your neighbor's Internet traffic and the personal information transmitted (credit card information being (27) one of them).

Hong Kong will become a Wifi enabled-city in 2008 and this will create new challenges for the police and the banking industry. If the wireless network is not encrypted and users (28) uses it to carry out online transactions or (29) sends credit card number via (30) emails, there is a high risk of stolen credit card information just like the criminal cases described above.

If 45% of individually (31) setup access (32) point in Hong Kong (33) is not encrypted, what are the percentages of users having wireless security knowledge or awareness? Could we rely on the users? I support the good intention to (34) setup a public wireless network in HK but if it is not properly and securely done, this network will be (35) the business (36) center for cyber criminals. (37) Policeman, banking fraud prevention staff and (38) Visa/Mastercard staff will have more cases to investigate when an unsecured network is installed using public money.


(1) In "Stealing credit card number via home Wifi network" insert "a" after "stealing" or add an "s: to "number." Similarly, add "s" to "network" or precede Wifi by "a."
(2) Use "the 18th of June, 2007" or "June 18, 2007."
(3) It would be better to use "had rented" than "rented" since the event was in the past on June 18th.
(4) Instead of "credit card number" use "a credit card number" or "credit card numbers."
(5) Begin a new sentence with "then."
(6) Use "under" rather than "against."
(7) In "more detail information," change "detail" to "detailed."
(8) "23 years old defendant: should be "23-year old defendant."
(9) As in (3), it is better to use "had" in "used his home address" (i.e., had used).
(10) Use "the" before "police."
(11) Add "s" to "system" in "fraud detection system" for the plural form.
(12) Similarly, add "s: to "coupon" in "cash coupon" for the plural form.
(13) Use "delivering" rather than "deliver" here.
(14) Change "unoccupied house's mail box" to "an unoccupied house's mail box" or "unoccupied houses' mail boxes."
(15) Change "are increasing" to "is increasing" because "credit card fraud" is singular.
(16) Insert a comma here in order to separate the phrase, "up from 2.7 billion in 2005" from the main thought.
(17) Use "an" before "online password."
(18) Instead if "installed," I would use "has installed" or "installs."
(19) Use the plural (i.e., fake servers) instead of "fake server."
(20) You want the verb, "set up," rather than the noun, "setup."
(21) You do not need to capitalize "man-in-the-middle."
(22) An "a" is needed before "wireless network."
(23) The word, "being," is not needed and should be deleted.
(24) Insert "a" before "non-encrypted wireless network."
(25) The meaning is not clear. I assume that the meaning is " which describes 45% of networks in 2006"
(26) Use "his," instead of "your neighbor's" since "the victim" has been already established as the subject.
(27) I would replace "one of them" with "included."
(28) Change "uses" (singular form of the verb) to "use" (plural form).
(29) Similarly, change "sends" to "send."
(30) Change "emails" to "email" (the mechanism).
(31) Use "established" rather than "setup," a noun. This avoids the problem.
(32) Change "point" (singular) to "points" (plural).
(33) Change "is not encrypted" to "are not encrypted."
(34) Again, use "establish" instead of "setup" and avoid a problem.
(35) Use "a" (implies "one of:) instead of "the" (implies "the only").
(36) Use "center" rather than "center."
(37) Use the plural form, "policemen."
(38) Visa/Mastercard should be Visa/MasterCard.

english writing practice

English Proofreading Main Page
English Proofreading Site Map