ALERT! Some sort of...
 
Notifications
Clear all

ALERT! Some sort of credit card electronic fraud scanning in STT.  

Page 3 / 6
 

OldTart
(@the-oldtart)
Expert
Joined: 9 years ago
Posts: 6523
July 25, 2014 6:10 pm  

How can you tell of your card has that type of chip?
Thx.

This link tells you:

http://www.ghacks.net/2012/08/21/how-to-protect-your-credit-card-with-rfid-chip-from-unauthorized-scans/


ReplyQuote
Alana33
(@Alana33)
Expert
Joined: 8 years ago
Posts: 12275
July 25, 2014 6:23 pm  

Thanks ot. Looks like my cards are all safe as none have those chips.
Good ting! What a relief not to have that worry!


ReplyQuote
CruzanIron
(@cruzaniron)
Trusted Member
Joined: 7 years ago
Posts: 2469
July 25, 2014 6:33 pm  

Which Credit Cards Have RFID?
The key names to look for in RFID credit cards are Visa PayWave, MasterCard PayPass, American Express ExpressPay and Discover Zip. These programs represent different forms of tap and go technology, and they all function the same way. Some local banks will also offer RFID credit cards, provided through one of the programs mentioned above.

The specific cards that offer this technology change frequently, and many credit cards come in two different versions. You can either select the RFID model or the traditional model, depending on what you want to use. If you're looking into a specific credit card, see if it promotes something along the lines of "wave and go," "tap and pay" or "tap and go."


ReplyQuote
CruzanIron
(@cruzaniron)
Trusted Member
Joined: 7 years ago
Posts: 2469
July 25, 2014 6:35 pm  

I wonder how many people ran out and bought RFID wallets and they don't even have any RFID cards?


ReplyQuote
Alana33
(@Alana33)
Expert
Joined: 8 years ago
Posts: 12275
July 25, 2014 6:44 pm  

Lots of tin foil in wallets after these posts?!#!!?


ReplyQuote
CruzanIron
(@cruzaniron)
Trusted Member
Joined: 7 years ago
Posts: 2469
July 25, 2014 6:53 pm  

I'd worry more about the ones with the tin foil hats.


ReplyQuote
noOne
(@noOne)
Trusted Member
Joined: 10 years ago
Posts: 1495
July 25, 2014 8:19 pm  

Well, can't they scan it when you take it out to use so what good does a blocking wallet or tin foil actually. I rarely use credit cards as I prefer to write checks and may carry only 1 card for emergencies or places like procedural that don't accept checks.

They can be scanned at a distance of up to three feet (From how far away can a typical RFID tag be read?). Someone with a laptop in bag could take a 15 minute walk down Main St. STT and pick up dozens if not hundreds.

Here is a Consumer Reports article detailing how to tell if your CC has RFID, and about fraud:

Newer cards can be hijacked, too

MasterCard uses “PayPass” to identify the cards. Chase bank coined the term “Blink.” Some contactless cards, which use a radio frequency identification, or RFID, chip, might simply have a symbol on the card consisting of four curved lines. An industry newsletter, The Nilson Report, says 35 million contactless chip cards are in circulation in the U.S.

The cards are touted as convenient, but they are also vulnerable to being skimmed without ever leaving your pocket. The information communicated from your card to a card reader can be enough to create a counterfeit card that can be successfully used to make an unauthorized purchase, as we observed in a recent demonstration by Recursion Ventures, a security research and consulting company in New York City.

The basic equipment needed for that form of fraud is readily available to would-be crooks. An electronic card reader available online for less than $100 can be connected to a laptop to store skimmed information. When Chris Paget, whose title at Recursion is chief hacker, used such a reader to scan a Chase debit card he’d recently received, the card’s account number, expiration date, and security data immediately appeared on the computer screen. Two credit cards still inside the mailing envelope revealed the same type of account data.

[...]

“If I put a reader next to a turnstile at Grand Central Terminal at rush hour, I could probably capture data from 5,000 cards in an evening, and what you’re getting from each one is enough to initiate a transaction,” says Mark Rasch, a former Justice Department computer-crime prosecutor who serves as director of cybersecurity and privacy consulting at CSC, a business technology firm. Moreover, repeatedly scanning a card that is lost, stolen, or intercepted in the mail produces multiple security codes, Paget says.

If you are worried or know that your CC may have a RFID chip and don't care about using it, you can just pop it in the microwave for a short duration and that will burn the chip out. You can also specifically ask your CC company for a card that does not have a RFID chip.

This is a growing problem that is still fairly new as most people do not have RFID chips in their CCs: "The Nilson Report, says 35 million contactless chip cards are in circulation in the U.S." Eventually, I am sure, all cards will come with it whether or not you want one...


ReplyQuote
East Ender
(@east-ender)
Expert
Joined: 15 years ago
Posts: 5376
July 25, 2014 8:50 pm  

Are the European "Chip & PIN" cards different? They seemed to think they were superior to the non-chip cards.


ReplyQuote
Mio
 Mio
(@Mio)
Advanced Member
Joined: 12 years ago
Posts: 33
July 31, 2014 6:30 pm  

Mine was compromised as well on STX and it is not a card with RFID. I also last used it at a business frequently mentioned in the internet discussions. However, Id like to point out that I doubt that anyone was scanning the card, nor doing any sort of copying. It could be just as likely a scenario that for example the credic card processor they use is hacked. There are a number of other scenarios when either the processor, the business or some other inbetween is hacked. As for those who wonder how it can happen so fast - it takes less than seconds to transfer the data online to a database where it can be bough. These days there is no physical "coping" or "making cards" needed to transfer, sell and use credit cards.It is just data, there nothing physical or tangible needed.


ReplyQuote
speee1dy
(@speee1dy)
Expert
Joined: 12 years ago
Posts: 8775
July 31, 2014 7:14 pm  

it happens and it sucks when it does. unfortunately in the end, we will get stuck with the cost. not with the fraudulent charges but in the end we pay


ReplyQuote
CruzanIron
(@cruzaniron)
Trusted Member
Joined: 7 years ago
Posts: 2469
July 31, 2014 7:18 pm  

it happens and it sucks when it does. unfortunately in the end, we will get stuck with the cost. not with the fraudulent charges but in the end we pay

How will we pay?


ReplyQuote
vicanuck
(@vicanuck)
Expert
Joined: 10 years ago
Posts: 2520
July 31, 2014 7:36 pm  

Gas City is another frequently mentioned business where debit card numbers seem to be cloned after use.


ReplyQuote
islandjoan
(@islandjoan)
Trusted Member
Joined: 13 years ago
Posts: 1755
July 31, 2014 8:18 pm  

MIO what is the STX business frequently mentioned in the internet discussions? I cannot find it.


ReplyQuote
noOne
(@noOne)
Trusted Member
Joined: 10 years ago
Posts: 1495
July 31, 2014 9:53 pm  

it happens and it sucks when it does. unfortunately in the end, we will get stuck with the cost. not with the fraudulent charges but in the end we pay

How will we pay?

Higher interest rates. Last CC I had I was late on one payment and they jacked my interest rate to something like 39,95% because they thought they had me trapped. I paid off and canceled that card immediately and the CS rep questioned me as to why, and offered a lower rate. I refused and told him to suck something and canceled my card...


ReplyQuote
CruzanIron
(@cruzaniron)
Trusted Member
Joined: 7 years ago
Posts: 2469
August 1, 2014 12:02 am  

Oh. OK. The high interest rate doesn't apply to me.


ReplyQuote
Gumbo
(@Gumbo)
Advanced Member
Joined: 6 years ago
Posts: 490
August 1, 2014 2:00 am  

Well actually my Banco Popular debit card with a Visa logo was compromised twice for a combined sum of just over 900.00. Just so you know, Banco Popular doesn't make it good, you lose it. Unless its a business account, so they tell me.(after waiting for two hours because there was only two people serving customers) But I'm quite sure that if the fraud dropped my account below the point that I am eligible to be charged another fee, it will also be deducted from my account. Before this happened I thought that it was the worst financial institution I've ever done business with, now I'm sure.


ReplyQuote
DonExodus
(@DonExodus)
Advanced Member
Joined: 9 years ago
Posts: 301
August 1, 2014 2:11 am  

Well, this shits really getting out of hand. A few people bring it up each day...


ReplyQuote
STXBob
(@STXBob)
Trusted Member
Joined: 14 years ago
Posts: 2138
August 1, 2014 11:40 am  

Credit card breaches and data breaches are a frequent subject at the blog krebsonsecurity.com. Here's a series of posts on that: http://krebsonsecurity.com/category/data-breaches/

Credit card skimmers are another frequent subject. Skimmers are devices that thieves insert in front of, or inside of, legit card readers to read your card at ATMs and at point of sale terminals. Sometimes they are "used in tandem with a tiny spy camera to record each customer’s PIN." Here's a series of posts on that: http://krebsonsecurity.com/category/all-about-skimmers/

From yesterday's post "Sandwich Chain Jimmy John’s Investigating Breach Claims": "Beyond ATM skimmers, the most prevalent sources of card-present fraud are payment terminals in retail stores that have been compromised by malicious software. This was the case with mass compromises at previous nationwide retailers including Target, Neiman Marcus, Michaels, White Lodging, P.F. Chang’s, Sally Beauty and Goodwill Industries (all breaches first reported on this blog)."


ReplyQuote
speee1dy
(@speee1dy)
Expert
Joined: 12 years ago
Posts: 8775
August 1, 2014 12:05 pm  

i guess cruzaniron does not have a bank account either and so is not affected at all with new and higher fees.


ReplyQuote
CruzanIron
(@cruzaniron)
Trusted Member
Joined: 7 years ago
Posts: 2469
August 1, 2014 12:28 pm  

No, I pay my bills on time. I've never paid interest on a credit card before.
My bank charges $2.50 a month fess on my checking, which I think is reasonable.
The 1% cash back on the card and the interest on my savings more than cover my banking costs.

I don't use debit cards since as was pointed out, you may not be insured from fraud like my credit cards are. I also sign up for (free) fraud alerts so anytime there is a charge over an amount that I pre-set I get a notice in seconds.

I also check my accounts every other day,if not daily, just to be sure.


ReplyQuote
AandA2VI
(@AandA2VI)
Trusted Member
Joined: 8 years ago
Posts: 2290
August 1, 2014 1:35 pm  

Three more friends have had their cards compromised. I've called all my banks which are stateside to let them know there's something going on here.

Up until two weeks ago I had never heard of anyone having this problem here on islands.

Even worse, one of my tours had their cards compromised when they were here on vacation. Bad PR for us for sure.


ReplyQuote
AandA2VI
(@AandA2VI)
Trusted Member
Joined: 8 years ago
Posts: 2290
August 1, 2014 2:00 pm  

Cruzaniron: FWIW because you seem to be ALL about adding several times that your cards can't be stolen, I just confirmed 100% that one of my friends card WAS on that list and "supposedly" does NOT have a chip in it. Still somehow scanned day before yesterday here in STT and used in NY for $600. This card had not been used in the last 8 months.

If you believe it of not just go get a $7 wallet blocker. Why risk it for $7???? No brainer.


ReplyQuote
CruzanIron
(@cruzaniron)
Trusted Member
Joined: 7 years ago
Posts: 2469
August 1, 2014 2:12 pm  

I said that my cards can't be SCANNED since they do not have an RFID chip.

There is no way that you can scan a card without an RFID chip.

If anyone can show me the science to prove otherwise, I would be as interested in seeing it as would everyone else.

Thanks.


ReplyQuote
Alana33
(@Alana33)
Expert
Joined: 8 years ago
Posts: 12275
August 1, 2014 2:30 pm  

Think I'll just take the 1 card I walk with out of my wallet, put it in
file folder with all the other cards (that do not have the chips) and continue to write checks. Of course that leaves out price smart and gas stations where you can't use checks so then you have an added burden of having to walk with cash/go to bank. What a pain!!!

I don't understand why the bank/credit card companies would charge you if your card was fraudulently used without your knowledge. I have been called when I have made large purchases or used the card off island.

I don't see how a wallet blocker will help if you have it out in your hand swiping it when making a purchase.


ReplyQuote
CruzanIron
(@cruzaniron)
Trusted Member
Joined: 7 years ago
Posts: 2469
August 1, 2014 2:40 pm  

The range of a scanner is usually a few inches. Some claim to have a 3' range.
Here is an article that offers some explanation.

http://www.bishopfox.com/resources/tools/rfid-hacking/attack-tools/

Unless someone with a scanner is within that range of you, you should be OK.


ReplyQuote
Page 3 / 6
Settlers Handbook

Thinking about moving to the Virgin Islands?

The Settler's Handbook is a Indispensable Guide

The current 19th Edition, will help you explore your dream of island living. A solid reference book, it was first published in 1975. That's 40+ years of helping people move to the Virgin Islands.

Order Today $19.95
Close Menu