How cardholders are deceived in Ukraine?
There are many methods of swindling with payment cards. Unlike developed countries, the methods of theft of card data in Ukraine are less technological and mainly based on trustfulness and carelessness of citizens. Specialists told about the most “popular” methods of swindling with cards.
Abroad card payments for goods and services are more popular and infrastructure of card payments is more developed. Due to this more technological methods of card data stealing are used there. P.e., intruding of swindlers into work of the electronic banking systems and processing companies, channels of data transmission, and even the use of fake ATMs. In Ukraine swindlers mainly use trustfulness and carelessness of citizens.
Swindling with on-line purchases is increasing lately in UKraine. Swindlers counterfeit sites of the well known Internet-shops and intercept card data when clients enter them. And while a victim expects with impatience delivery of purchase, the amount of money on his/her account swiftly decreases.
The so-called "fake" sites outwardly look absolutely identically with their originals and differ only in one or a few letter in the address line, which remain unnoticed by users.
It is possible to encounter dishonest Internet-shops, which though being real, however don’t fulfill their obligations in a proper way after conducting card payment by the user in advance. It is recommended to make purchases only on the Internet-resources, which don’t cause any suspicious.
If fraudsters succeed to get card information, they as usual use it for conducting payments for goods and of services on the Internet or simply transfer money to another account. It doesn’t matter in this case either a card is magnetic or with a chip.
To the list of on-line swindling it is possible to add interception of card data with the help of hacker attacks and viruses during settlements on the Internet.
Efforts of carders are directed, as a rule, at “picking up” confidential information from a client. Except for swindling with fake Internet-shops, there are such notions, as "skimming" and "phishing".
"Phishing" is an attempt of swindler to get in touch with a cardholder for “picking up” confidential information, as a rule, in form of electronic letter or report, allegedly directed from the known bank or service with a request to "fill a questionnaire" or with reference to the site on which it is necessary to "register".
It’s possible as well to "pick up" the personal card data making a phone call and pretending to be the employee of either large bank or shop, under some pretext (for example, participating in marketing action, renewal of database, etc.) to ask about personal card data as well as PIN for confirmation. In Ukraine this kind of phishing occurs most often.
Tricks with ATMs
Such type of card fraud as "skimming" envisages the use of the special device - skimmer, which is installed at the ATM’s card receiver, as well as additional keypad or mini-camera for fixing entered by the cardholder PIN-code.
Protection from such fraud is sufficiently simple. For this purpose it is necessary to give preference to ATMs, located in the bank branches or the well lighted places were there are a lot of people. Before the conducting transaction it is recommended to examine ATM and in case of finding out suspicious devices to inform the bank immediately.
At present for "skimming" neutralization producers of ATMs use special anti-skimming devices.
Another possibility to eliminate skimming is migration to chip-cards. To “pick up” information from such cards with implemented microchip is much more difficult, but even if fraudsters have succeeded in this, it is possible to return the stolen money.
“Trapping” and fake ATMs
Such notion as "trapping" is less widespread in Ukraine. In this case, into ATM’s card receiver is inserted a film to hold a card in certain position. Then the fraudster under the guise of bank employee or simply well-wisher, suggests to enter a PIN-code allegedly in order to extract the card from ATM. When a victim despairs to get back the card and leaves to get in touch with the bank, the fraudster extracts the card and, using the overseen PIN-code, withdraws money from it.
It is necessary to remember that visible on card information is fully sufficient for conducting some financial operations. And some swindlers under the guise of point-of-sale employees can get this information, taking a card’s picture or writing down its essential elements.
The cases of substitution of cards are known as well - when a card is taken for settlements, p.e., in a restaurant and then returned another card. After such substitution the cardholder is informed about the money withdrawal from his card account.
When ececuting payments for commodities and services, it is necessary to require in point-of-sale network, that one’s card transaction should be conducted in presence. When signing a check, it is necessarily to check up an amount, currency and operation date.
Not new, but rather seldom in Ukraine such kind of swindling, as fake ATM, occurred in the large shopping center in Kyiv in the beginning of this year.
ATM’s appearance was the same as in case of other installed nearby devices, however after entering PIN-code it refused in a few seconds to conduct a transaction and returned a card to the cardholder allegedly due to a failure in the system. Thus, personal card information (information from magnetic stripe and PIN-код) appeared to be read by the device.
Most popular ways of card fraud in Ukraine
1. Stealing card information by installing reading devices on ATMs (skimming).
2. The use of the malicious software for getting card information from customers on the Internet. Interception of information by the way of hacker attacks, computer viruses.
3. The usage of fake sites, clones of existing sites of banks, companies, popular services for “picking up” card information (phishing).
4. Getting essential card elements via phone (public-call phishing), through SMS, letters on behalf of a banks with a request to confirm the card number, date of expiration, secret word; disclosure of essential elements for getting different bonuses and other rewards, offered by swindlers.
5. Card information stealing in point-of-sale outlets (by both cashiers and collusion of cashiers with swindlers), in restaurants and hotels.
6. Reading out card information or making its copy, when it is out of cardholder’s eyeshot.
7. Blocking cards in ATMs by special devices (trapping).
8. Deployment of fake ATMs.
Translated by Valeriy Stepanenko