In the letter, allegedly from a client’s bank, they warn, for example, about writing off funds or problems with the card, offering to go to a link to the website of the financial institution. It, certainly, feykovyj and at once demands to enter the data of a card and its PIN-code.
In 2017, five billion rubles were stolen from Russian ATMs – twice as much as in 2016. The activity of cybercriminals is intensifying: ahead of the World Cup and a record influx of tourists. To get into the pockets of foreign visitors, and at the same time, and local residents, intruders are even willing to place fake ATMs. They also use social engineering. On the methods of stealing money from cards in the arsenal of scammers and how not to become their victim – in the material of RIA Novosti.
On the eve of global sporting events, such as the Olympics or the World Cup, phishing comes to the fore. These are email-mailings that entice your personal data.
Mailings on behalf of banks phishers do not limit themselves. “In such periods, there is a lot of thematic email and SMS spam, where they offer free tickets for a match, win a trip or an autograph session with the team.The goal is the same – to force a link to a fake site and enter card data,” – said Vladimir Ulyanov, head of the analytical center Zecurion.
Avito and divorce in social networks
At popular buying and selling sites like Avito, the number of frauds associated with the sale and resale of tickets will increase.
“Scammers will entice card data or take people’s prepayment, motivating that it is needed as collateral or” guaranteed buy-out of tickets, “confirms Mikhail Saveliev, director of development at Informzaschita.
Turnovers will pick up and virus wiring in social networks: links with malicious software aimed at the theft of personal data or bank accounts and requisites.
A more advanced type of phishing is farming. Personal data of users “farmers” are obtained through a website that looks like an exact copy of the bank’s page. Farming – automatic redirection of site visitors from one resource to another by changing DNS addresses.
The global attack of the extortion virus has hit the IT systems of companies in several countries around the world
To achieve this, the farmer pre-fertilizes the soil: the Trojan program is installed on the user’s computer. It captures part of the navigational infrastructure of the browser, causing it to function improperly.
Malware enters the computer again from the mailing list. How to defend yourself? The most important thing is to critically treat incoming messages.
“It is worthwhile if the” bank “asks for confirmation of its data by the introduction of a CVV code or PIN code.The bank never requires a CCV or a PIN code – they are needed by shops for online purchases,” Ulyanov explains.
According to the most conservative estimates, about a million foreign tourists will come to the World Cup in Russia. All of them will take with them not suitcases of cash, but plastic cards. It is possible that fake ATMs will appear in the cities where matches will be held.
Experts point out: the cost of purchasing an ATM is low, and they pay off very quickly. The main condition – to put the device in a through passage and so that it is not quickly removed.
This device, of course, does not issue any money, but simply accepts the cards and reads all the data from them, sending them to the scammers. Those either use the plastic card data for purchases in online stores, or produce duplicates – the so-called white plastic. And already on them they withdraw money in these ATMs.
In order not to fall for the bait, experts recommend always using ATMs that are located directly in the offices of credit institutions or next to them. If this is not possible, look for a bright place where there is security and video cameras, for example, in a shopping center.
The first and most important rule: if the ATM “ate” the card, you do not need to listen to “well-wishers”, who advise where to go and what to do. This can be a banal trapping (the ATM is equipped with a device for capturing the card, it will be taken out immediately when the client leaves). Without leaving the ATM, you need to call the bank and lock the card.
Vending machines and POS-terminals
The good old skimming, experts say, is no longer in vogue: the banks have developed a fight against it and even give out bonuses to employees for each detected skimming device. The new purpose of skimmers – vending machines for the sale of coffee, water and snacks, where you can increasingly pay with a card.
Another way, taken by fraudsters into armament: fake POS-terminals with the function of copying. This is a terminal for payment by a card, which, for example, brings a waiter in a cafe.
Experts say: it is impossible to distinguish a fake terminal from an ordinary terminal.
“They will bring the most ordinary terminal, only it was untwisted and inserted there a sensor reading the chip of the card or just intercepting the data exchange between the terminal and the card,” Savelyev explains.
In order not to fall into the trap, for small operational payments, experts recommend starting a so-called risk card and keeping only a small amount on it.
Money mules are “nuggets”
Scammers who copied data from someone else’s cards and produced a “white plastic”, a fake, usually do not go to ATMs. They propose to do this to outsiders – “naked”.
The “blacksmith” is given a white card without a picture and a name with which he must withdraw money and transfer it to the “customer”.
As a rule, “nalchikov” is searched through the Internet, students often call it and in general those who found themselves in a difficult financial situation. Lure high commission: newcomers offer 30-40% for the exposure, verified – up to 50%.
It would seem that the complicated – came up, 30 seconds withdrew money and received a tangible commission. But the “nudgers” – or, as they are also called, money mules – commit an offense, so they are quickly caught.
The “gunman” faces criminal liability as an accomplice in the crime. The evidence is usually a record from the ATM machine where he withdraws money from the white card.