CARD SCAMS

TYPES OF CARD SCAMS

(Information collected from news paper Times of India)

AT THE A T M:

Skimming:

This involves attaching a data slimming device in the card reader slot to copy information from the magnetic strip or steal the card itself, when one swipes the card. If the slot feels slightly bulky or misaligned, in all probability an additional card reader slot has been placed on top of the actual one.  If the slot is wobbly or loose it indicates the presence of a ‘Lebanese loop’, which is a small plastic device with a barb that holds your card back in the machine. You may think that the machine has swallowed your card or it has been stuck.

Hidden camera:

Tiny pinhole cameras may be placed on the machine or even on the roof at strategic positions to capture your pin.

Card trapping:

This is a barb that retains the card when you insert it in the machine and the card is retrieved later.

Shoulder surfing:

If you find friendly bystanders in the room or outside who try to help you if your card gets stuck or peer over your shoulder, beware. They are there to get you to reveal your pin.

Leaving card/pin:

If you write your pin on the card and forget it in the A T M kiosk, it is a virtual invite to be scammed.

Fake keypad :

This is placed on the top of the actual keypad. If the keypad feels spongy in touch or loose, don’t enter your pin.

False front:

It may be a little difficult to detect as the fake front completely covers the original machine because it is installed on top of it. This allows the fraudsters to take your pin as well as your money.

ONLINE TRANSACTIOINS:

Pharming:

In this technique fraudsters reroute you to a fake website that seems similar to the original. Even as you conduct transactions and make payment via credit or debit card, the card details can be stolen.

Keystroke logging:

Here you unintentionally download software, which allows the fraudster to trace your key strokes and steal passwords of credit card and net banking details.

Public Wi-Fi:

If you are used to carrying out transactions on your smart phone, public Wi-Fi makes for a good hacking opportunity for thieves to steal your card details.

Malware:

This is malicious software that can damage computer systems at ATMs or bank servers and allows fraudsters to access confidential card data.

Merchant or point-of-sale theft:

This is perhaps the most effective form of stealth, wherein your card is taken by the salesperson for swiping and the information from the magnetic strip is copied to be illegally used later.

Phishing and vishing:  

While phishing involves identity theft through spam mails which seems to be from a genuine source, vishing is essentially the same through a mobile phone using messages or SMS. These trick you into revealing your password, PIN or account number.

SIM swipe fraud:

Here the fraudster contacts your mobile operator with fake identity proof and gets a duplicate SIM card. The operator deactivates your original SIM and the thief generates one-time password (OTP) on the phone to conduct online transactions.

Unsafe apps:

Mobile apps other than those from established stores can gain access to information on your phone and use it for unauthorized transactions.

Lost or stolen cards, interception:

Transactions are carried out using stolen cards, those intercepted from mail before they reach the owner from the issuer; or by fishing out information like PINs or passwords from trash bins.

Cards using other documents:

New cards are made by the fraudsters using personal information stolen from application forms, lost or discarded documents.

Your card can be hacked in 6 seconds:

By automatically and systematically generating different variations of cards’ security data and firing it on multiple websites, hackers are, within seconds, able to get a ‘hit’ and verify all the necessary security data. The unlimited guesses, when combined with variations in the payment data fields, make it frighteningly easy for attackers to generate all the card details, one field at a time. Each generated card field can be used in succession to generate the next field and so on. So even starting with no details at all other than the first six digits – which tell you the bank and card type and so are the same for every card from a single provider  - a hacker can obtain the three essential pieces of information to make an online purchase within as little as six seconds. This information is as per Mr. Mohammed Ali, a PhD student at Newcastle University.