A Look at How Credit Card Details Get Stolen and How to Keep Yours Safe.
Each time a major credit card fraud strikes a business, our response is to ignore the episode as long as it doesn’t affect us personally. Not all breaches make the news cycle, though; there are several smaller incidents that are occurring on a more regular basis.
While many of us, by now, would have wised up to social engineering attacks, the crooks have found newer modes of credit card theft. Here is a rundown of the most common ways you can have your credit card numbers stolen in 2019.
1. Card Cloning
Creating a cloned credit card is the easiest way for a thief to spend someone else’s money. All they have to do is access your credit card temporarily (often a fraction of a minute) and program them on another prepaid card. The cloned cards can then be sold on the dark web, usually through cryptocurrency. Many of these stolen cards resemble actual cards, and the attention to detail is mind-boggling.
Warning: buying cloned credit cards online is a serious cyber-crime. These screenshots are for informational purpose only. The onion addresses and names have been hidden.
Card cloning is mostly the domain of organized criminals, as it doesn’t make logistical sense to go through the paces for just one person’s credit card. The cloning operation only acquires scale when a sufficient number of victims are available, and the card details can be sold for a steep discount. Most thieves amass a number of cards from such “stores” so that they don’t have to bother if some get blocked.
How to Prevent? To prevent credit card cloning, try not to hand over your credit card to another person unless it’s an emergency. Many restaurants, clubs and bars nowadays have tabletop payment terminals. Change your pin number frequently, and keep a tab on small, unaccounted expenses on your credit card through alerts on your phone. Many thieves would first make a small expenditure on a cloned credit card to ensure that a big purchase is honored later. This gives you, at least, a brief window to address the problem.
2. Card Skimming
Close on the heels of credit card cloning, ATM skimming is one of the most common ways to acquire credit and debit card details. It generally involves swipe cards rather than chip and pin cards, but as this story suggests, thieves can also install a mini camera on the skimmer to capture the pin number.
Skimmers can also be placed in a shady point-of-sale terminal and are undetectable to the naked eye. The law enforcement usually keeps a tab on thieves using this method, but still, skimming remains a fairly popular way to lift someone’s credit card data. You’re more vulnerable if you travel to a country where the police turns a blind eye to such crimes.
How to Prevent? To prevent card skimming, you can try to detect the fraudulent devices with a mobile app. But no prevention is better than keeping track of unauthorized transactions and changing the pin number frequently.
3. Formjacking
The digital equivalent of ATM skimming, “formjacking” is a term by Symantec which refers to hackers stealing credit card information from the checkout pages of websites. They usually install a malicious software, usually a JavaScript code, to lift the credit card numbers. Cryptojacking is another similar term that refers to lifting crypto-currency details.
Formjacking has become a menace in 2019, with leading websites – such as British Airways, Ticketmaster, Home Depot, Target and Feedify – reporting breach incidents.
How to Prevent? Since most formjacking attacks use a malicious script, you must arrest them during checkout using script blockers. On Firefox, use NoScript, and on Chrome, you can use an extension called Script Blocker.
In Summary
How many of us think twice before exposing our credit card numbers to random apps and websites? If you thought that bank encryption software and one-time passwords are protecting your financial information, you are partially correct. Indeed, it is safer to use a credit card online today than it was earlier, such as 2004. But, the threats haven’t entirely disappeared.
