Источник актуальной информации – для профессионалов

Cards, Electronic, Internet and Mobile Payments. ID, NFC, FRID Technologies. IT, CRM, ERP Solutions. Innovations. Experience. Business. Social Projects.

Monday, 17 December 2018

NBU currency exchange rates

EUR 0
USD 0
RUR 0
e-Publication

14 June 2011

How cardholders are deceived in Ukraine?

There are many  methods of  swindling  with payment cards. Unlike developed countries, the methods of theft of card  data in Ukraine are less technological and mainly based on trustfulness and carelessness of citizens. Specialists told about  the most “popular” methods of swindling  with cards.  

Abroad card payments for goods and services  are more  popular and  infrastructure  of card payments is more developed. Due to this  more technological methods of  card data stealing are used there. P.e.,  intruding of swindlers into work of the electronic banking systems and processing companies, channels  of  data transmission, and even the use of  fake ATMs. In Ukraine swindlers   mainly use  trustfulness and carelessness of citizens.

On-line swindling

Swindling  with on-line purchases is  increasing lately in UKraine. Swindlers  counterfeit  sites of  the well  known Internet-shops and  intercept  card data  when clients enter them. And while a victim expects with impatience delivery of purchase, the amount of money  on his/her account  swiftly decreases.

The so-called "fake" sites outwardly look absolutely identically with their originals and differ only in one or a few letter in the address line, which   remain unnoticed by users.

It is possible to  encounter dishonest Internet-shops,  which  though being real, however don’t fulfill their obligations  in a proper way after conducting card payment by the user in advance. It is recommended to make purchases only on the Internet-resources, which don’t cause any suspicious. 

If  fraudsters  succeed to  get card information,  they  as  usual  use it for  conducting  payments for goods and of services  on the Internet or simply transfer  money  to another account. It doesn’t matter  in this case either  a card  is  magnetic or  with a chip.

To the list of on-line swindling it is possible to add   interception of  card data  with the help of hacker attacks and viruses during settlements on  the Internet.

Phishing

Efforts of carders are directed, as a rule,  at  “picking up” confidential information from a client. Except for swindling with fake Internet-shops, there are such notions, as "skimming" and "phishing".

"Phishing" is  an  attempt of swindler to get in touch  with a cardholder for  “picking up” confidential information, as a rule, in form of  electronic letter or report, allegedly directed from the known bank or  service  with a request to "fill a questionnaire" or with reference to the site on which it is necessary  to "register".

It’s possible as well to "pick up" the personal card data making  a phone call and  pretending to be the  employee of  either large  bank or  shop, under some pretext (for example, participating in marketing action, renewal of database, etc.) to ask  about  personal card data as well as  PIN for confirmation.  In Ukraine  this kind of phishing occurs most often.

Tricks with ATMs

Such type of  card fraud as  "skimming"  envisages the use of the special device - skimmer, which is  installed at  the ATM’s card receiver,  as well as additional keypad or mini-camera for fixing entered by the  cardholder PIN-code.

Protection  from such  fraud is  sufficiently simple. For this purpose it is necessary to give preference to ATMs, located in the  bank branches or  the well lighted  places were there are a lot of people. Before the conducting transaction  it is recommended to  examine ATM and in case of  finding out suspicious devices to inform the bank immediately.

At present for "skimming" neutralization  producers of ATMs  use  special anti-skimming devices.

Another  possibility  to  eliminate skimming is  migration  to  chip-cards. To “pick up” information from such cards  with  implemented microchip is much  more difficult, but even if fraudsters have succeeded  in this, it is possible to return  the stolen money.

  “Trapping” and fake ATMs

Such notion as "trapping"  is less widespread in Ukraine. In this case,   into  ATM’s card receiver  is inserted  a film  to hold  a card  in certain position. Then the fraudster  under the guise of  bank employee or simply well-wisher, suggests to enter a PIN-code  allegedly in order to extract the card from ATM. When a victim despairs to get back the  card and  leaves to get in touch with the bank, the   fraudster  extracts  the card and,  using  the overseen PIN-code, withdraws money  from it.

It is necessary to remember that  visible  on card information is  fully sufficient for  conducting  some financial operations. And some swindlers under the guise of   point-of-sale employees   can get this information, taking  a card’s picture or writing down  its essential elements.

The cases of  substitution of cards are known  as well - when  a card  is taken for  settlements, p.e., in a restaurant   and  then returned another card. After such substitution the cardholder is informed  about the  money  withdrawal from  his card account.

When ececuting payments  for commodities and services,  it is necessary to require in point-of-sale network, that one’s  card transaction  should be   conducted in presence. When signing a check, it is  necessarily to check up an amount,  currency and operation date.

Not new, but  rather seldom in  Ukraine such kind of  swindling, as  fake ATM,   occurred  in the large  shopping center  in Kyiv in the beginning of  this year.

ATM’s appearance  was the same as  in case of other installed nearby devices, however  after entering PIN-code  it refused  in a few seconds  to  conduct  a transaction   and returned a  card to  the cardholder allegedly due to  a   failure in the system. Thus, personal  card information (information from magnetic stripe and  PIN-код) appeared  to be read  by the device.

Most popular ways of  card fraud  in Ukraine

1. Stealing  card information by installing reading devices on ATMs (skimming).

2. The use of the malicious  software  for getting  card information from customers  on the Internet. Interception of  information by the way of  hacker attacks, computer viruses.

3. The usage of  fake sites, clones of existing  sites of  banks, companies, popular services for “picking up” card information (phishing).

4. Getting essential card elements  via phone (public-call phishing), through SMS, letters on behalf of  a  banks with a request to confirm the  card number, date of  expiration,  secret word; disclosure of  essential elements for  getting different bonuses  and other rewards, offered  by swindlers.

5. Card  information stealing  in  point-of-sale  outlets (by both cashiers and   collusion  of cashiers with swindlers), in restaurants and hotels.

6. Reading out  card  information or making its copy, when it is out of  cardholder’s eyeshot.

7. Blocking cards in ATMs by special devices (trapping).

8. Deployment  of fake  ATMs.

http://finpravda.com.ua

Translated by Valeriy Stepanenko



Contactles and ID Technology
16 July 2014
16 July 2014
Payment Cards
06 November 2013
07 August 2013
Legislation
05 November 2015
08 August 2013