Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Security Government The Almighty Buck The Courts News

Reporting Stolen Credit Card Lists? 78

Posted by Cliff from the contacting-the-proper-authorities dept.
harlows_monkeys asks: "I just received a spam, at both home and work, both sent through trojaned Windows machines, offering to sell me a credit card database stolen from camcontacts.net. Included was a link to a sample of the database (no, I'm not providing a link!). I downloaded the sample, and it appears legit. There are 13000 numbers. I picked one of the Visa numbers, went to Visa's web site, and entered it in a form to sign up for fraud protection, and it accepted it, and identified the issuing bank. It was accepted. All indications are that this stuff is real. So, the question arises--what is the correct way to deal with this?
"I called Visa, and after they spent a while figuring out what department was responsible, all they could suggest was call local law enforcement, and if I wanted to talk to Visa's security people, call back at 9am when they get in.

American Express didn't even suggest calling local law enforcement. They just suggested calling back when their security people got in in the morning.

I then called the FBI. They said to call the Secret Service and gave the number.

At the Secret Service, I ran into an answering machine that gave their office hours.

It seems to me that there should be -someone- who would be interested in a widely-sent spam that links to 13000 credit card numbers, with expiration date and customer name and zip code, so as to stop these from being fraudulently used, but it escapes me who that would be--I struck out with all my candidates.

Is it just me, or does the indifference of Visa and Amex to this shock anyone else?"
This discussion has been archived. No new comments can be posted.

Reporting Stolen Credit Card Lists? More

Reporting Stolen Credit Card Lists?

Comments Filter:

  • call the local news media (Score:5, Insightful)

    by ceejayoz ( 567949 ) <cj@ceejayoz.com> on Friday May 21, 2004 @01:17AM (#9212120) Homepage Journal
    That should do the trick.
    • No no, call Outpost.com and start ordering computers. That's going to be even faster.

    • Re:call the local news media (Score:5, Insightful)

      by jerde ( 23294 ) on Friday May 21, 2004 @05:01AM (#9213074) Journal
      call the local news media

      Yeah, and they'll answer their phones in the middle of the night, too...

      Good grief! The poster is calling companies in the middle of the night expecting them to have crack 24-hour teams ready to deal with the information he has? Surprise! The vast majority of people work during business hours.

      SO CALL THEM DURING BUSINESS HOURS! Both credit card companies offered to have you talk to their security people, so give 'em a call.

      Even talking to the police, nobody is going to want to take a statement from you or have any detectives talk to you, except during the work day.

      (I'm posting at 4am local time -- I know what insomnia is; that doesn't mean I expect to be able to conduct normal business right now)

      - Peter
  • I believe the correct way to handle this would resemble the instalation of a 50 inch plasma screen in my living room..

    But seriously, either the secret service, the credit card companies OR the Unites States Postal Service (I believe it's a crime to "mail" stolen items).

    • Re:Shopping spree? (Score:4, Funny)

      by Suhas ( 232056 ) on Friday May 21, 2004 @01:34AM (#9212243)
      No No No...You need to shop in smaller quatities. It is a pr0n site. NoBody would report a $20-30 transaction because the number was stolen from a pr0n site.
    • Thats why when I ship my "goods', I always use FedEx.

      Fast, reliable, friendly.

      1 sheet 4in*24in toilet paper. Lightly soiled, stolen from public bathroom. Starting bid $0.99. $20.00 shipping fee (biohazard)

      1 used condom, stolen from slut next door. Bid Now(she's really cute!) Staring big $13.95 + $10.00 ship (keep it frozen, dry ice costs money too!)

      "Uncontrolled yogurt" aka: rotten milk. Stolen from my roomate's side of the fridge. Starting bid $0.01 + free ship. (I want to get rid of it).

      Female
      • I just received a package from FedEx. It was delivered to my house when I wasn't home, but they didn't leave it at my doorstep, they left a note. My called me and told me they left a note and that I could pick it up at the local Fedex location after 5pm. I went by and got my box. All I had to do is give and address and name (no ID requested), and initial some sheet, and I got the package. Anybody could have tracked the item online and then just showed up at Fedex and grabbed the package. It's incredibly ins

  • no surprise (Score:5, Insightful)

    by evilkarl ( 567641 ) on Friday May 21, 2004 @01:18AM (#9212133)
    If you were calling them outside business hours its no surprise they were unresponsive. I'm not saying that I condone their handling of it they should jump on it in an instant however if their security people are not available chances are there is no one there with the knowledge to help.

    • Re:no surprise (Score:4, Insightful)

      by ceejayoz ( 567949 ) <cj@ceejayoz.com> on Friday May 21, 2004 @01:25AM (#9212184) Homepage Journal
      You honestly believe Visa, MasterCard and American Express don't have security folks working around the clock?

      The telephone reps probably just don't have the authority to override business hours.
      • If the first point of contact can not override business hours then the security people are Unavailable even if they are physically there working they are still Unavailable . The CSR should have recorded details to forward into the security people and let the caller know they were doing it. Then the security people could have done their thing
    • If you were calling them outside business hours its no surprise they were unresponsive

      I'm certain the all my bank/credit cards have a 24/7 stolen card phone line you can call up to have your card cancelled.

      If they dont have 24 hour staff that can handle larger scale fraud, they should damn well get some.

  • Call Me. (Score:3, Funny)

    by Ieshan ( 409693 ) <ieshan@g[ ]l.com ['mai' in gap]> on Friday May 21, 2004 @01:22AM (#9212163) Homepage Journal
    I'm extremely trustworthy and will NOT do anything wrong with the numbers. I'll be a witness to this horrible theft, and I'll send out mass mailings with sections of the database to ensure that such deeds are not gone unnoticed by the general public.

    Er... wait...

  • Report them. (Score:2, Informative)

    by dan.hunt ( 613949 )
    Bust them by following this link, Reporting Economic Crime On Line [recol.ca] YMMV
    • uh, I don't think the Royal Canadian Mounted Police would do too much, considering he is "south of the border".

      -Grump
      • uh, at the top of the web site it says: "Reporting Economic Crime Online (RECOL) is an initiative that involves an integrated partnership between International, Federal and Provincial Law Enforcement agencies," YMMV
        • The mileage difference between a Mountie horse and a traditional patrol cruiser is often less than it is thought to be -in certain instances, the horse may even be better. However, the communication between a horse and a manufactured machine is still at infant stages, often including the horse, being the more intelligent of the two, nudging the patrol car to get a response.

  • Perhaps you need to find out who your local FBI contact is. If the FBI doesn't handle this (as in counterfeiting going to the Secret Service) then you need to find out who else to contact (maybe your gool ol' local sherriff could send you in the right direction).

  • Oh, use your fucking head. (Score:3, Insightful)

    by devphil ( 51341 ) on Friday May 21, 2004 @01:39AM (#9212259) Homepage
    It seems to me that there should be -someone- who would be interested in a widely-sent spam that links to 13000 credit card numbers,

    Yes, and they've already told you who they are: the various security departments, who will be reporting to work at 9 in the morning.

    What, you thought investigative agents hang around 24 hours a day? No, they value sleep.

  • FBI (Score:3, Informative)

    by El Micko ( 118401 ) * on Friday May 21, 2004 @01:50AM (#9212314)
    What you've got is stolen credit card numbers being transported across state lines. That makes it a federal matter. You call the FBI.
    • "What you've got is stolen credit card numbers being transported across state lines. That makes it a federal matter. You call the FBI."

      Definitely. Even if your particular access to the sample is local, as long as the access is not obviously restricted to local, it is assumed to be available interstate. That's FBI jurisdiction.

      Depending on circumstances, sometimes the FBI requests you contact local law enforcement and have them file a report first, providing evidence that the FBI should be involved. Not su

  • Details! (Score:3, Funny)

    by DiSKiLLeR ( 17651 ) on Friday May 21, 2004 @01:53AM (#9212331) Homepage Journal
    Who was the email from?? (the forged email address, name, whatever)

    What was the subject of the email???

    I recieve 100+ spams a day, that email may still be in my spam folder now!! ;)
    • I am not for sure on this but I would guess that it would contain the misspellings of 5 popular perscription drugs and asking if you like s)e*ck_s) or want to add 32" to your kok

  • about stolen cards (Score:5, Informative)

    by alonsoac ( 180192 ) * on Friday May 21, 2004 @02:12AM (#9212425) Homepage Journal
    Nowadays stolen card numbers are not a problem for the customers because you can always call your bank and have a fraudulent charge removed. The banks always remove the charge first and the the business has to prove the charge is not fraudulent.

    So the ones that get hurt are the businesses that accept stolen cards. But any decently run business should be able to verify the authenticity of the sale by checking the billing address and security numbers on the card.

    BTW, calling the card companies and police in the middle of the night and then being shocked by the unresponsivenes is unfair or pain dumb.

    • Re:about stolen cards (Score:5, Informative)

      by Andy Smith ( 55346 ) on Friday May 21, 2004 @06:43AM (#9213355)
      But any decently run business should be able to verify the authenticity of the sale by checking the billing address and security numbers on the card.
      Wrong. In its simplest terms, the system works like this:

      1. Customer fills out a form with name, address, card number, etc.

      2. Details are transmitted to banking network.

      3. Banking network either gives the go-ahead or declines the charge.

      4. Retailer proceeds based on banking network's response.

      This system is flawed in several ways:

      1. The retailer doesn't have access to the banking network's records, so there is no way for the retailer to perform his own checks. The banking network must be trusted without question. Try this: Pay for something on a web site, giving your legitimate credit card details but a made-up name and address. The charge will probably be accepted. Why? Because the name/address comparison is done loosely to allow for people typing stuff differently from how it is recorded, ie: "14a Halifax Street" is typed as "14 A HALIFAX ST". Bear in mind that credit card companies PROFIT from fraud, you can imagine how loose this comparison is. Some people would allege that there is no comparison done at all.

      2. Sometimes the banking network will enter a "default positive" state, during which time ALL charge attempts will be approved. Fraudulent charges accepted during this time, which may only last for a few minutes, will often not be cancelled for several days. The merchant may or may not be fined for these charges.

      3. The banking network's block list is based on factors such as reports of stolen cards, police information, etc. As far as I know there is no system in place to allow merchants to report fraudulent charges. A merchant is able to cancel a suspicious charge (and, as a slap in the face for running his business ethically, be fined for doing so) but that's all it is, a cancellation, the banking network will still allow the same fraudster to make another charge on the same card elsewhere.

      Believe me, if other retailers are anything like me, they are ultra-paranoid in trying to prevent fraud. But ultimately we don't have access to the data we need, our on-the-ground feedback isn't wanted, and when the banking network lets us down we lose money on the sale and we are automatically fined with no appeals process and no way of knowing who fined us.

      • 1. The retailer doesn't have access to the banking network's records, so there is no way for the retailer to perform his own checks. The banking network must be trusted without question. Try this: Pay for something on a web site, giving your legitimate credit card details but a made-up name and address. The charge will probably be accepted. Why? Because the name/address comparison is done loosely to allow for people typing stuff differently from how it is recorded, ie: "14a Halifax Street" is typed as "14 A

    • Comment removed based on user account deletion
      • Try offering a discount to customer who "verify" their account. Verification could involve faxing a photo id and a signed document where they agree to pay for the services or goods. Whatever works best with your kind of business. Then you can double check somehow only the ones that don't want to "verify".

  • You've discovered a dirty little secret... (Score:5, Informative)

    by HotNeedleOfInquiry ( 598897 ) on Friday May 21, 2004 @02:18AM (#9212456)
    Of the credit card companies. They don't give a rat's ass about credit card fraud. Why? Because they don't loose money on it. They chargeback the merchant that accepts the stolen card.

    That's the way the system works. I know firsthand. Every merchant that does non face-to-face transactions will eventually get bit and when it happens, all the credit card company cares about is getting their money back from the merchant. They are not interested in fraud investigation. Why should they? That costs money. It's much easier to make the merchant cover the costs. He has to in order to keep his account.

    It's a terribly broke system, but the people with the gold make the rules. Sorry I sound so bitter, but I learned a $1700 lesson on this one...
    • I learned a $1700 lesson on this one...

      You're very right, it works like that. I learned it the +/- $30,000 lesson here.
    • This article is already down at the bottom of the main page, so maybe nobody will see this, but I work for a major credit card processor. (We're an "acquirer" -- we provide services to merchants who want to accept payment from credit cards.)

      We try VERY HARD to educate our non-face-to-face merchants (MOTO, or Mail Order / Telephone Order) on fraud protection. There's an Address Verification Service available for MOTO merchants: for more fraud protection, you check the street address and zip code of where

  • I am not a lawyer. (Score:5, Informative)

    by rjh ( 40933 ) <rjh@sixdemonbag.org> on Friday May 21, 2004 @03:23AM (#9212751)
    I'm not a lawyer. On the other hand, I have enough relatives who are judges, prosecutors and ex-cops to have a decent idea of how the system works.

    First off: find your state Attorney General's office and email them. Almost every state AG office has an email address, and many of them give timely responses. Don't wait until morning: do this tonight.

    Second off: tomorrow look up the Federal District Attorney's phone number. Call first thing in the morning (9:00am sharp!) and ask to speak to the Financial Crimes Division. Someone in that office is tasked with financial crimes, believe you me, and that's the person you want to talk to. Get that person's name and phone number. Make an appointment as soon as possible--this is the entire reason for calling early in the morning, since their schedules are more open then. Make sure to tell them that you've received a solicitation to purchase stolen credit card numbers, and the numbers appear real.

    Third: call the Secret Service during regular business hours. Again, ask for Financial Crimes. They may not have an office in your area. If they don't, they'll pass the buck back, perhaps to the FBI, perhaps to some other Treasury department. If they do this, ask the Secret Service agent for a particular agent to call, and ask the Secret Service agent to let this particular agent know you'll be calling. Federal law-enforcement tends to pay more attention to you if you're directly referred by another law-enforcement type than if you say "yeah, the Secret Service told me I needed to call you guys..."

    Fourth: contact your local bank. As in, the bank you do business with. Calling the credit-card companies will be a fool's errand; there are tons of them and you have no clue how many of these numbers are Visa, how many are Mastercard, how many are Discover/Novus, etc. Your bank most probably has business relationships with all of them. Call your bank and ask for an appointment with whoever's responsible for fraud control.

    At this point, you've covered your bases pretty well. Banks, prosecutors, FBI/Secret Service, state attorney general's office. Take a breather. You've done good. Wait for them to get back in touch with you.

    Tomorrow, call the news media. Make sure to tell them which agencies got back in touch with you and which agencies didn't, which agencies took it seriously and which agencies couldn't be bothered to give a damn.

    • Re:I am not a lawyer. (Score:3, Informative)

      by dougmc ( 70836 )
      Calling the credit-card companies will be a fool's errand; there are tons of them and you have no clue how many of these numbers are Visa, how many are Mastercard, how many are Discover/Novus, etc.
      Actually, you can tell from the number itself which type of card it is. Visa cards start with a 4, Mastercard starts with 5, and I don't know about the rest, but I'm sure somebody else does.
  • try calling at some time other than 2 am?

  • Credit card fraud is good for card issuers (Score:5, Interesting)

    by Andy Smith ( 55346 ) on Friday May 21, 2004 @03:55AM (#9212879)
    This comment [slashdot.org] sums everything up nicely.

    To offer some personal experience, I've reported credit card fraud to the police and been told by the investigating officer: "I have a pile of drugs cases that will take a year to investigate. This report will go to the bottom of that pile."

    Credit card fraud isn't taken seriously. The reason is that credit card companies *profit* from fraud, so they don't make a fuss. If someone uses a stolen credit card number to make a $100 purchase then all the credit card company does is take the $100 back from the retailer and charge them $15+ for the privilege.

    If the retailer doesn't like it then they have two options, either (1) shut up or (2) stop accepting credit cards and close their business.

    It beggars belief that the mainstream media hasn't covered this, but I guess it all boils down to it being "business vs business" (credit card companies vs retailers) so as long as consumers aren't getting hurt, the media doesn't have an audience to tell the story to.

    Last year, Visa introduced a $375 annual charge for Internet merchants that want to accept Visa payments. They even had the cheek to charge double the first year. The stated reason was to cover the costs of fraud. Following the introduction of the annual charge, the fines imposed upon merchants went UP. Internet merchants cannot prevent fraudulent charges because that is the responsibility of the credit card companies, but merchants are now paying an annual charge to cover any fines, as well as still paying the fines which are higher than ever. Credit card companies continue to do practically nothing to prevent fraud. Again, every time someone commits credit card fraud, the card company gets richer.

    If you think you've ever had a raw deal as a consumer, you should try working with credit card companies. They -- especially Visa -- are the personification of corporate evil. They operate with practically no accountability and no appeals procedure, imposing new rules and charges whenever they choose and merchants have little choice but to agree to them. Some merchants do not even have any way of knowing which company they have been fined by! Think of credit card companies as PayPal at their worst, multiplied by a thousand.

    One idea I've had, inspired largely by the "full disclosure" ethos of the software security community, is to write a text file explaining the very simple way to make credit card payments for services over the Internet without (1) ever having to pay for the service, or (b) breaking the law in a way that can be prosecuted. I'd then post the document on a server in a country with a zero censorship policy and distribute the link. The hope, perhaps foolish, would be that *widely* disclosing a known loophole would cause credit card fraud to go through the roof and, amid a flood of bad publicity, force the card companies to change their policies.

    The only reason I haven't done this yet is because -- and I know it's selfish -- my business accepts credit cards over the Internet so I'd be committing financial suicide.

    Someone's going to do it, though, sooner or later.
    • To offer some personal experience, I've reported credit card fraud to the police and been told by the investigating officer: "I have a pile of drugs cases that will take a year to investigate. This report will go to the bottom of that pile.",

      One online store I've done work for got stung several times by fraudulent credit card transactions. As several have already pointed out, it's the merchant that gets screwed.

      Anyway, we reported it to the police here in the UK. They weren't interested and said "it migh

      • Re:Credit card fraud is good for card issuers (Score:4, Interesting)

        by Andy Smith ( 55346 ) on Friday May 21, 2004 @06:09AM (#9213272)
        The person I reported for fraud (I'm in the UK too, btw) was a repeat offender who was targeting me specifically.

        After I'd done everything I could to prevent him from using his credit card on my site, which basically came down to wildcard blocking, he started trying to pay by cheque and even sent me two cheques, both of which were made out incorrectly. I assumed they would bounce so I didn't even try to pay them into my bank, I just gave the police the details.

        The info I gave to the police was:

        1. The guy's e-mail address from a major ISP that charges a monthly fee, which should mean they have his correct name and address on file, a valid card number, or at the very least a record of his phone number.

        2. Several aliases and alternative e-mail addresses that he used.

        3. His bank account number and branch address.

        4. And I offered to supply copies of all e-mails he had sent me, including headers, but these weren't wanted.

        So far, nearly 18 months later, the result has been precisely nothing.

        The situation with credit card fraud on the Internet gets me so mad. I have seriously considered committing fraud against a bank or a major retailer and then reporting myself to the police, just to create a 'newsworthy' story for the media to cover, to raise awareness of the larger issue.

        I couldn't really give a damn about the money. I get by from day to day, not rich, not poor, and that's fine for me. But the principle makes my blood boil. I believe in FAIRNESS and credit card companies are NOT fair. They treat merchants like their own personal piggybanks, taking money whenever they feel like it because of their own slack security, and then they tell the public that they're committed to preventing fraud. They aren't preventing fraud at all, at least not from where I'm sitting -- they're just reaping the rewards by allowing merchants to be ripped off and then fining them.
    • I find your ideas intriguing and would like to subscribe to your newsletter.
    • One idea I've had, inspired largely by the "full disclosure" ethos of the software security community, is to write a text file explaining the very simple way to make credit card payments for services over the Internet without (1) ever having to pay for the service, or (b) breaking the law in a way that can be prosecuted.

      So, how about only telling us here at Slashdot? Oh, and which is your business? 8-)

    • One idea I've had, inspired largely by the "full disclosure" ethos of the software security community, is to write a text file explaining the very simple way to make credit card payments for services over the Internet without (1) ever having to pay for the service, or (b) breaking the law in a way that can be prosecuted. This claim sounds highly suspect. If such a loophole exists, I find it incredibly hard to believe that it has not long since been abused enough to warrant a fix. If your business is mid-s
      • This claim sounds highly suspect. If such a loophole exists, I find it incredibly hard to believe that it has not long since been abused enough to warrant a fix.

        What the original poster was talking about is essentially identity theft (yes, taking someone's credit card and making charges, pretending that you are them, is ID theft.) As you can see in the US, identity theft, despite now being one of the top financial crimes in the country, with thousands of innocent citizens affected, is not a serious prio

        • What the original poster was talking about is essentially identity theft

          I'm not trying to sound like "the guy with the secret" but it isn't identity theft. It is based on knowing how credit card companies' internal policies differ from their publicly stated policies.

          You do something specific when you pay. Then you tell your credit card company something specific in writing. You get your money back. You will be breaking the law but in a way that would not realistically be possible to prove, so there is litt

          • ps -- the scam only works for services, ie: subscriptions to web sites, downloads, game credits, etc. You can't order a TV set and get it for free.
            • Order a TV set delivered to the vacant house in the next neighborhood over. (Can even do it on your own card!) Put a little notecard saying it's OK for UPS to leave the package without a signature. Pick up the set when delivered, and (if using your card) do a chargeback.

              How do I know this? Well, after being repeatedly defrauded by one person to the tune of $2000 (he was/is using a list of stolen cards, bouncing off a different unsecured proxy each order), I called our merchant bank, exasperated, and said "
  • just send them to me and I will tell you :-)

  • So, the question arises--what is the correct way to deal with this?

    No doubt, prepare to go to jail now. The theft of the numbers causes VISA no ill effect. At worst, if they are used to purchase things, the stores themselves will have to eat the cost. VISA, on the other hand, has MUCH to lose if you let the world know how shoddy thier security is. You did sign up for fraud protection with a valid number, something that will probably add some small annual fee to the guy's card, so you are probably now
    • You did sign up for fraud protection with a valid number, something that will probably add some small annual fee to the guy's card, so you are probably now guilty of credit card fraud

      No, I went through the first step of signing up, which was to enter a Visa number. I didn't complete the sign-up.

  • Same run around (Score:5, Interesting)

    by Halvard ( 102061 ) on Friday May 21, 2004 @07:47AM (#9213570)

    About a month ago, I received a similar email from a trojaned Earthlink account. I contacted Earthink abuse first and they basically said not our problem, not our customer doing it. They maintained that since someone else was controlling the account, not the customer, they weren't interested. I responded saying that it was their IP address and they should alert their customer but got no response. Likely, it was a low level support person answering the email but you'd think that they'd forward it on to someone in authority.

    I got no response from the credit card companies that I contacted or a nice remark about "if _your_ card is affected...". I didn't even bother with the feds since in the past they've only been interested in large dollar amounts affecting large companies. And local cops are not the answer to an internations credit card number theft ring.

    I'm usually too busy to deal with this sort of crap and I let it drop since I'd too much to do (yea, yea, I know). Didn't remember until this came up.

    A card of mine was one of the million plus stolen from the old onsale.com database breakin several years ago. I noticed a $10 charge by a "Moscow Telecom" and notified my bank. They responded that their had been a theft and they were immediately replacing cards (via ground mail) that showed activity like this and that my card was one of the affected cards. They actually said that they had a list of all of their cards that were affected but were only replacing cards showing suspicious activity! I was floored. They also said that small transactions were being posted against the cards because most people failed to check their statements or if the did figured that since it was small, it must be right and they didn't remember. $10 times 1 million plus cards is a lot of scratch every month.

    "World's Largest Credit Union" indeed. Acted more like a big bank not wanting to get stuck with a big expense.

    Maybe next time, I'll forward it to Interpol first but they are also a bureacracy too.

    • Once, I received a notice in the mail from my credit union stating a company with which I had used my credit card had had their credit card information compromised. I was not told the name of the company or even if my number was one of those stolen. I was send a new card immediately, and was very grateful for my credit union's full disclosure.

      If your bank does not protect your money, then why do they have it? It's their job to protect it!

      As noted in this story, when something does happen, bank officials a
  • Call the FBI as soon as possible.
  • For the Secret Service - call the Dept. of Homeland Security Office of Inspector General Hotline [mailto] (800) 323-8603.

    For the FBI - call the Dept. of Justice Office of Inspector General Hotline [usdoj.gov] (800) 869-4499.

    When you call, remind both of them that active stolen credit cards can be used by terrorists to purchase things like AIRPLANE TICKETS, and that you do not find it acceptable that these agencies responses were not prompt and definitive.

    These Hotlines must come to some final resolution for every reported al
  • It seems to me that there should be -someone- who would be interested in a widely-sent spam that links to 13000 credit card numbers....
    But NOT after business hours!

Slashdot Top Deals

"Protozoa are small, and bacteria are small, but viruses are smaller than the both put together."

Close