Thursday, November 17, 2011

How Thieves Steal Your Credit Card Data?

Some tips to avoid Identity Theft and stealing of your credit card.


These days, thieves only need a minute, sometimes a second, to pilfer your credit card data.

This year criminals hacked, phished or skimmed their way into the systems of Sony, marketing firm Epsilon, Citibank and even security expert RSA, among others. In some cases, they only obtained names and emails. In the worst cases, they got credit card numbers.

Identity theft and cyber fraud cost Australia a whopping $8.5 billion every year. One in five Australians will be hit and it's getting worse every day.

The most common schemes are simpler than you think. Let's take a look at the most common ways thieves pilfer your credit card information.

Suspect 1: The Waitress At Your Local Cafe

Mode Of Operation:

When it's time to pay the waitress whisks away your credit card and swipes it through the restaurant's register. Then, she pulls out a small device, about the size of an ice cube, from her apron and swipes it through that.

While you're scraping the last of the chocolate cake from your plate, your credit card information has been stored in the device, known as a skimmer. The waitress returns your card and performs the same magic trick on dozens of credit cards in a week.

Known Whereabouts:

The data-stealing waitress has been known to moonlight as a bartender, sales assistant or at any place where she can take your credit card out of sight.

Suspect 2: The Toy Store Trio

Mode Of Operation:

Sally, Simon and Greg walk into a toy store. Sally and Simon roam the aisles, while Greg waits in line to check out. When Greg is at the register, Simon comes running up to the shop assistant, screaming that his wife has fainted.

As Sally and Simon distract the shop assistant, Greg switches the credit card reader at the register with a modified one of his own.

For the next week, the shop assistant unwittingly collects credit card data on the modified reader until the trio returns, takes back the modified reader and restores the original terminal.

Known Whereabouts:

The trio will hit other retailers and restaurants, but sometimes the threesome will instead be a duo or a solo criminal.

Suspect 3: The Petrol Prowler

Mode Of Operation:

The Petrol Prowler parks her car in front of a petrol station off the highway. It's late. There's no one around except a sleepy shop assistant at the register inside. The Petrol Prowler attaches a skimmer over the credit card reader at the pump. It's a special skimmer: It emits a Bluetooth signal to a laptop close by.

The Petrol Prowler pays, heads off to the motel next door and sets up her laptop to receive the data from the compromised pump over the next several days.

Known Whereabouts:

The Petrol Prowler installs skimmers over ATMs, parking meters, vending machines and any other places with unmanned credit card readers.

Suspect 4: Harry the Hacker and Phishing Phil

Mode Of Operation:

Harry the Hacker installs malware - a type of software that damages or infiltrates a computer or network - onto a legitimate website with low security. The malware instantly downloads onto your computer when you visit the site and allows Harry to access your information. In another scenario, Harry puts malware on public computers and gathers the information you share with that computer.

Phishing Phil uses malware to go after your laptop. He sends emails with attachments that promise dancing kittens or some other bait. When the user opens the attachment, malware instantly downloads onto the computer and leaves confidential information vulnerable.

Phil also sends emails from a familiar sender with a link to a contaminated website that installs malware onto your computer. Some malware, called spyware, allows Phil to capture every keystroke including passwords to your financial accounts.

What Happens To Your Information?

Mode Of Operation:

So what happens to these pieces of data when they're in no-good hands? They get sold.

The waitress, trio or Petrol Prowler may be able to sell each swipe for $20 to $40 a pop. Harry the Hacker and Phishing Phil could get $5 to $10 a card and often sell the information online at the eBay of credit card activity.

The person who buys the information verifies it and then sells it to a person who creates fraudulent credit cards with your account information attached to it. The card maker then sells it to other criminals who buy goods such as stereos or baby formula and sells them to regular consumers.

Identity Theft: How To Avoid It

  1. Set up mobile alerts for your phone if your financial institution provides the feature. That way, you can be aware of unusual activity as quickly as possible.

  2. Regularly monitor your accounts online, so you can identify fraudulent transactions faster.

  3. Avoid public computers. Don't log onto your email if your bank corresponds with you there. One idea is to set up an email account just for your finances and then only check it from safe locations.

  4. Avoid doing business with unfamiliar online vendors. Stick to established merchants and websites.

  5. If your information has been compromised, notify your financial institutions immediately and also inform the police what has happened.

No comments: