Fraud involving debit cards and personal-identification numbers is on the rise as criminals go where the cash is-even targeting banks' own automated teller machines.
Techniques such as "skimming," in which criminals capture card information and personal-identification numbers, have existed for years, often on a small scale. Though the dollar losses still are relatively modest, organized gangs now are pulling off more-sophisticated attacks.
They also are targeting bigger players: Whereas most of the fraud in previous years took place at independent ATMs or at retail points of sale, fraud at bank-owned ATMs made up more than 80% of the breaches in the first six months of this year, says Fair Isaac, which provides fraud-detection software.
Europe, which has faced a bigger problem than the U.S., saw card-skimming ATM attacks jump 24% in the first six months of this year, to 5,743, the largest six-month number since data-gathering began in 2004, according to the European ATM Security Team, a nonprofit group. (Losses from skimming fell 8%, to ?144 million, or $197 million.)
Attacks on retailers continue to climb as well. Last month, supermarket chain Aldi said it had discovered that payment terminals in major U.S. cities in 11 states had been altered to allow the skimming of card numbers, cardholder names and PINs between June 1 and Aug. 31 this year.
Avivah Litan, fraud analyst at Gartner, a research firm, estimates that fraud involving debit cards, PINs and point-of-sale equipment has surged 400% over the past five years. One tactic, she says, has been "flash attacks": Using the stolen information, gangs create thousands of counterfeit debit cards and then dispatch cronies to at least 100 ATM machines in several cities at once. Each withdraws a small dollar amount from several accounts to avoid fraud-detection software, adding up to tens of thousands of dollars in losses.
Until recently, skimming equipment was relatively crude and clunky, attached to card-readers with double-stick foam tape and relying on small cameras to record hands punching in PINs. Newer devices include equipment that fits inside card readers, pinhead-sized cameras and well-crafted attachments that sit snugly on top of ATM card readers and PIN pads, looking just like the real equipment. Bluetooth technology allows the fake card reader and PIN pad to talk to each other, and data drives or wireless technology can make downloading of stolen information quick and easy.
Given such clever engineering, consumers may not be able to tell that a machine has been compromised. Banks may not know either: Fair Isaac says that perpetrators of such fraud often place skimmers on outdoor ATMs on Saturday mornings and remove them before the bank opens Monday. The data is typically passed to crooks in another country within hours.
Better technologies are available: Canada and several European countries, among others, have adopted so-called chip-and-PIN debit cards, with chips built into the card, adding a layer of protection. But American banks and retailers have resisted adopting the technology because it is expensive to replace cards, ATMs and point-of-sale machines.
The chip-and-PIN technology isn't foolproof, and experts say U.S. banks and retailers may instead leapfrog that technology, possibly by using the capabilities of smartphones to verify transactions or to actually make the transactions instead of using a card.
Given scammers' growing sophistication, consumers are at a disadvantage. But there are some steps you can take-beyond becoming an expert in equipment design and appearance-to avoid the traps or lessen the impact if your information is stolen:
. The simplest protection, says the American Bankers Association, is to get in the habit of covering up your hand when you enter your PIN so that a camera can't record what you are typing.
. Use an indoor ATM. Because they are less isolated, indoor ATMs are less likely to be tampered with than outdoor machines.
. Use your PIN sparingly at retailers, and choose the signature option-or a credit card-instead, Ms. Litan says.
. If you don't have time to check your bank account regularly, set up email or text alerts to send you balances weekly or, if you are particularly paranoid, daily, so that you will know sooner if something is amiss. Most banks will refund your losses promptly, but you need to report the violation quickly, preferably within two days and no later than 60 days after receiving a statement showing the fraud.
. You should add your bank's and credit card's customer-service numbers to your contacts so you can access them from both your email and cellphone. Having the numbers at hand will eliminate the frustration of trying to find them when you are traveling or at a public computer.
. If your bank suspects fraud, it needs to be able to reach you quickly. Make sure it has your cellphone number as well as your email address and that your other information is up to date. Taking my own advice, I discovered that my bank had home and work phone numbers that were more than a decade out of date.
Tariq Khattak, Islamabad, Pakistan.
GSM = 0300-9599007 and 0333-9599007
Email: Tariqgulkhattak@gmail.com
Thanks for participating.
Kindly suggest improvements.
Please let us know:
I. If you want to receive individual emails
II. Receive one mail with all activity in it
III. Do not want to receive any mail at all
REQUESTS:
1) Please directly contact sender for personal/individual correspondence.
2) Try to discuss issues that will catch attention of many readers.
3) Please avoid sending messages in any language other than English
4) Avoid sending messages addressed to many recipients.
5) Do not send messages aimed at personal publicity.
6) Please do not send personal/other links unless necessary.
7) The Group is not obliged to publish printed news,
very short/long comments and objectionable material.
8) Every mail cannot be published; it will overload Mailboxes
of our valued members.
9) Try to Disagree Without Being Disagreeable, Unsympathetic and/or Unpleasant.
x==x==x==x==x==x
Please note that,
It is a common platform for journalists and all others who are interested in knowing about the issues that are sometimes not reported. This group favours philosophy of progress, reform and the protection of civil liberties. Please share and educate others. The owners and managers of this site do not necessarily agree with any of the information. It is an open forum; everyone is allowed to share anything. Mails sent by members and non-members are subject to approval. However, we are not responsible in any way for the contents of mails / opinion sent by members. We do not guarantee that the information will be completely accurate. (Nor can print and electronic media). If you find content on this site which you feel is inappropriate or inaccurate, incomplete, or useless you are most welcome to report it or contradict it.
Thanks a lot.
0 comments:
Post a Comment
Gujranwalafun@Aol.com
Gujranwala@windiowslive.com