How Cyber Criminals Are Exploiting Our Swipe-n-Go Society

January 29, 2013 | By | Reply More

Chris Dougherty, Contributing Writer
Waking Times

Curtis Abernathy, a small business owner in Arizona, never expected to be caught up as the victim of an international ring of cyber criminals stealing identities online. But that’s exactly what happened last week when he received a call from Bank of America’s security office.

The bank’s security team took notice after Abernathy used his debit/credit card at a local convenience store in Arizona, then an hour or so later there were two charges on the same card at retail stores in California. According to the bank staff, the thieves walked in to Nordstrom Fashion Island (Store #333) at 901 Newport Center Drive in Newport Beach, California, and used a physical credit card bearing the same name and account number as Abernathy’s. The Nordstrom store is located right across the street from the Newport Country Club; it appears our thieves have expensive taste.

The cyber criminals had stolen Abernathy’s identity, printed credit cards bearing his name and account number, and then went on to purchase medium value items so as not to raise the suspicion of store clerks. It was as easy as walking up to the cashier, swiping the credit/debit card pad, signing and walking away. The items they purchased with the stolen credit card will most likely end up on sites like Craig’s List or Ebay, where the thieves can wash the money and cash out.

In total the thieves took Abernathy for $360.00 before the bank noticed. He was one of the lucky ones, chances are hundreds or even thousands of people have been victims of similar fraud campaigns. As is the case with most banks these days, Bank of America has a zero-liability policy with regard to fraudulent credit card charges, so Abernathy will immediately get the money deposited back into his account. For him this was both a learning experience and a major inconvenience.

Unfortunately, all of the players are somewhat complacent in this type of crime. The attackers are aware of this vulnerability and they will exploit it to its fullest potential in order to plunder our bank accounts.

We, as customers, love all that is quick and convenient. We use online and mobile banking apps, even though the media tells us about stolen accounts all the time. We download screen savers and cool games that might be infected with malware, and we open links and attachments in emails that appear to come from our friends, family and coworkers.

The majority of stores these days have installed customer-facing debit and credit card PIN pads, so that we can swipe our cards and go along our merry way as quickly as possible. Everyone hates a long line, from the clerks to the pissed off customer at the end of the line. Some stores have self-service checkout lanes to hurry the process along even more.

The problem with all of this is, while it may be quicker and more convenient, there are many serious flaws in the process.

Think about how often you get asked for an ID when making a purchase using your credit or debit card through a customer-facing PIN pad these days. I’d bet it’s not nearly as often as you’d think. Beyond the obvious, what if an attacker has found a way to rig the point-of-sale (POS) system itself, or maybe they’ve hacked your ATM? How many of us feel safer because our virus protection software tells us that our computer is clean? What about the malware that they haven’t discovered yet or what if they infect your smartphone instead?

In December, VirtualThreat.com ran a story about Facebook assisting the U.S. Federal authorities in order to arrest hackers responsible for stealing over $850 million over a period of two years. There have also been recent reports of hackers in Iran and Russia attacking U.S. bank accounts through advanced botnets.

The thing is, these aren’t street fraudsters that are perpetrating these crimes. The majority of the heists can be traced to large organized criminal networks, terrorists, and sometimes even governments. And all the while the banks are under reporting cyber crimes in order to protect their reputations.

Cyber criminals typically have three primary techniques that they use in order to steal your credit card information or identity”

  1. Phishing
    Wikipedia – “Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing emails may contain links to websites that are infected with malware. Phishing is typically carried out by e-mail spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies.”
  2. Malware
    Wikipedia – “Malware, short for malicious (or malevolent) software, is software used or created by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. ‘Malware’ is a general term used to refer to a variety of forms of hostile or intrusive software. Malware includes computer viruses, ransomware, worms, trojan horses, rootkits, keyloggers, spyware, adware, and other malicious programs; the majority of active malware threats are usually worms or trojans rather than viruses.”
  3. Credit Card Skimmers
    Wikipedia – “Skimming is the theft of credit card information used in an otherwise legitimate transaction. The thief can procure a victim’s credit card number using basic methods such as photocopying receipts or more advanced methods such as using a small electronic device (skimmer) to swipe and store hundreds of victims’ credit card numbers. Common scenarios for skimming are restaurants or bars where the skimmer has possession of the victim’s credit card out of their immediate view. The thief may also use a small keypad to unobtrusively transcribe the 3 or 4 digit Card Security Code which is not present on the magnetic strip. Call centers are another area where skimming can easily occur. Skimming can also occur at merchants such as gas stations when a third-party card-reading device is installed either out­side or inside a fuel dispenser or other card-swiping terminal. This device allows a thief to capture a customer’s cred­it and debit card information, including their PIN, with each card swipe. Instances of skimming have been reported where the perpetrator has put a device over the card slot of an ATM (automated teller machine), which reads the magnetic strip as the user unknowingly passes their card through it. These devices are often used in conjunction with a miniature camera (inconspicuously attached to the ATM) to read the user’s PIN at the same time. This method is being used very frequently in many parts of the world, including South America, Argentina, and Europe. Another technique used is a keypad overlay that matches up with the buttons of the legitimate keypad below it and presses them when operated, but records or transmits the keylog of the PIN entered by wireless. The device or group of devices illicitly installed on an ATM are also colloquially known as a “skimmer”. Recently-made ATMs now often run a picture of what the slot and keypad are supposed to look like as a background, so that consumers can identify foreign devices attached.”

I hope that you are not the next victim of credit card fraud or identity theft. However, the odds are that you, or someone that you know, will unwittingly become a target at some point in the future. Hackers are generally indiscriminate about their targets and hit huge groups of accounts in a single campaign, often netting the criminals 10′s of millions of dollars. With the increasingly rapid growth of technology, we, as consumers, need to stay informed about the threats that await us.

If you have been the victim of cyber crime please contact the FBI through their Cyber Crimes website right away.

About the author

Chris Dougherty is a grey hat hacker and online security expert.  Please visit his blog, www.VirtualThreat.com, for more excellent news and information about protecting yourself in cyberspace.

This article is offered under Creative Commons license. It’s okay to republish it anywhere as long as attribution bio is included and all links remain intact.

~~ Help Waking Times to raise the vibration by sharing this article with the buttons below…

Tags: , , ,

Category: All Original Articles, Business, Chris Dougherty, Community, Contributors, Law & Punishment, Money, Resources, Society

Leave a Reply

Must Watch Videos

People are Proving That ALS, Lou Gehrig’s Disease is Reversible  – No Need to Waste Ice Water

People are Proving That ALS, Lou Gehrig’s Disease is Reversible – No Need to Waste Ice Water













Heather Callaghan, Contributor
Waking Times

I mentioned the ALS Ice Bucket Challenge in a recent article highlighting the social guiding that came with all the “disease awareness” we’ve been involuntarily immersed in via the media in the last few weeks. ALS meaning Amyotrophic lateral sclerosis (ALS), often referred to as … More

August 26, 2014 | By | 1 Reply More
Back-to-School Vaccines: Know the Risks and Failures

Back-to-School Vaccines: Know the Risks and Failures













Barbara Loe Fisher, Mercola
Waking Times

As summer comes to an end, the drumbeat promoting back-to-school vaccinations grows louder and louder in America. Unlike children in Canada and the European Union,12 our children must get dozens of doses of vaccines or they can’t get a public school … More

August 26, 2014 | By | 1 Reply More
New Anti Police State App Helps You “See Something, Say Something” in Real-Time

New Anti Police State App Helps You “See Something, Say Something” in Real-Time













Waking Times

Recent studies have shown that police are held almost completely unaccountable by the current systems of governmental oversight. Perhaps this is the reason why you are 9 times more likely to be killed by a law enforcement officer than a terrorist. Rather than wait for bloated bureaucracy … More

August 25, 2014 | By | 1 Reply More
Vitamin D for Depression, Dementia, and Diabetes

Vitamin D for Depression, Dementia, and Diabetes













Dr. Mercola
Waking Times

Vitamin D research has repeatedly shown that vitamin D can improve a number of brain disorders, including depression and dementia—the most devastating form of which is Alzheimer’s disease.

Vitamin D receptors appear in a wide variety of brain tissue early in the fetal development, and activated … More

August 21, 2014 | By | 1 Reply More
Mass Produced Security Robots Introduced in U.S.

Mass Produced Security Robots Introduced in U.S.













Waking Times

While debate continues to rage about the threat of autonomous “killer robots,” the mechanized replacement of humans continues across the workforce. In fact, the robotics industry notched record sales in the first half of 2014 in North America, and there appears to be no indications of a slowdown.… More

August 19, 2014 | By | 1 Reply More

Activism Works

Food as Medicine: How One Hospital Is Using Organic Produce to Help Heal Patients

Food as Medicine: How One Hospital Is Using Organic Produce to Help Heal Patients













Coach Mark Smallwood, EcoWatch
Waking Times

In 431 B.C. Hippocrates said, “Let food be thy medicine and medicine be thy food”

More than 2500 years later, we are inundated with advertisements boasting the latest, greatest cure-all super drug. From a young age, we learn that it doesn’t matter how or … More

August 23, 2014 | By | 3 Replies More
As Keystone XL Dominoes Fall, Time to Arrest Tar Sands Industry

As Keystone XL Dominoes Fall, Time to Arrest Tar Sands Industry













, EcoWatch
Waking Times

We’ve got this.

Thanks to the courageous and indefatigable efforts of pipeline fighters everywhere, the tide has finally turned on Keystone XL. As it becomes increasingly clear that Keystone XL’s northern leg is not going through, it is time to set our sights … More

August 4, 2014 | By | 2 Replies More
Seizing Control of Our Destinies

Seizing Control of Our Destinies













Julian Rose, Contributor
Waking Times

In 1381, at a time of great repression for the British agricultural work force, an extraordinary people’s revolutionary named Wat Tyler sprang to his feet and announced, “England should be a nation of self governing communities,” to which he added, “ No lord shall exercise … More

July 28, 2014 | By | 5 Replies More
Triumph For Citizens in Florida As Hughes Oil Company Drops Fracking Project

Triumph For Citizens in Florida As Hughes Oil Company Drops Fracking Project













Julie Dermansky, DeSmogBlog
Waking Times

On Friday morning, Dan A. Hughes Oil Company and the Collier Resources Company agreed to terminate their lease agreement, with the exception of the Collier Hogan 20-3H well, next to the Corkscrew Swamp Sanctuary in Naples, Florida.

Hughes Oil dropped its plans to drill … More

July 14, 2014 | By | 1 Reply More
A Forgotten Community in New Orleans: Life on a Superfund Site

A Forgotten Community in New Orleans: Life on a Superfund Site













Julie Dermansky, DeSmogBlog
Waking Times

Shannon Rainey lives in a house that was built on top of a Superfund site in the Upper Ninth Ward of New Orleans.

“I bought my house when I was 25, and thirty years later, I still can’t get out,” she told DeSmogBlog.

Rainey’s … More

June 23, 2014 | By | 2 Replies More