2023-04-24 01:20:46
The Bank information, specifically credit cards, is among the most interesting targets for cybercrime. Recently, the Internet User Security Office (OSI) has made a publication that warns about the type of scam known as ‘carding‘, in which criminals take advantage of information from stolen cards.
Cybercriminals use different techniques to obtain data from victims’ cards. One of the most widespread is ‘phishing’ or ‘smishing’. In this case, as we have explained on so many other occasions, the criminal takes advantage of an email or SMS -even, in some cases, telephone calls- in which he impersonates a third party, normally a company or a public institution. , so that the user delivers the information without realizing it.
There are also cases in which they resort to malicious code capable of stealing the information from the affected devices and even getting hold of the data by capturing the user’s keystrokes.
In addition, criminals can take advantage of databases with some security flaw, fraudulent websites or readers with RFID or NFC wireless communication capable of obtaining card data. In the latter case, “they bring the victim’s card closer to a distance of less than 15 centimeters and in a matter of seconds, the data is saved,” they explain from OSI.
Once the card details are obtained, cybercriminals try to make purchases online in order to verify that the information on the card is correct: “Generally, they start making purchases of products or services that have a low amount and they will increase them in order to try to determine the available balance of the card.”
As OSI points out, carding generally increases in periods of the main commercial campaignstaking advantage of the overload of transactions due to purchases, so special attention must be paid on these dates to avoid that they are not making economic charges that we have not consciously made.
Also, at times of the year like Christmas, Black Friday or sales, it is easier to trick users into giving up their information. For example, impersonating a business and offering products at a demolition price through email messages.
Tips to avoid falling into the trap
1.- Do not pay attention to spam messages or emails with unknown senders.
2.- Periodically control your bank operations and transactions. Put special emphasis on dates in which you make more online purchases.
3.- Deactivate the NFC system of your mobile device while you are not using it or use an anti-theft card protector to keep them in your pocket.
4.- When making purchases online, make sure that the store is trustworthy, and that it uses a payment gateway or accepts secure payment methods.
5.- Make use of the wallet or virtual cards offered by the bank for online payments.
6.- Disable the NFC and RFID option in your bank’s application, if you do not use this payment method.
7.- Under no circumstances provide bank details over the phone.
8.- Do not use public computers to make purchases.
9.- Update the programs and applications that you use frequently.
10.- Activate the double authentication factor for card payments and be wary of any email that asks you for card details or credentials.
#tricks #fleece