ALERT! Some sort of...
 
Notifications
Clear all

ALERT! Some sort of credit card electronic fraud scanning in STT.

(@the-oldtart)
Posts: 6523
Illustrious Member
 

How can you tell of your card has that type of chip?
Thx.

This link tells you:

http://www.ghacks.net/2012/08/21/how-to-protect-your-credit-card-with-rfid-chip-from-unauthorized-scans/

 
Posted : July 25, 2014 6:10 pm
(@alana33)
Posts: 12365
Illustrious Member
 

Thanks ot. Looks like my cards are all safe as none have those chips.
Good ting! What a relief not to have that worry!

 
Posted : July 25, 2014 6:23 pm
CruzanIron
(@cruzaniron)
Posts: 2534
Famed Member
 

Which Credit Cards Have RFID?
The key names to look for in RFID credit cards are Visa PayWave, MasterCard PayPass, American Express ExpressPay and Discover Zip. These programs represent different forms of tap and go technology, and they all function the same way. Some local banks will also offer RFID credit cards, provided through one of the programs mentioned above.

The specific cards that offer this technology change frequently, and many credit cards come in two different versions. You can either select the RFID model or the traditional model, depending on what you want to use. If you're looking into a specific credit card, see if it promotes something along the lines of "wave and go," "tap and pay" or "tap and go."

 
Posted : July 25, 2014 6:33 pm
CruzanIron
(@cruzaniron)
Posts: 2534
Famed Member
 

I wonder how many people ran out and bought RFID wallets and they don't even have any RFID cards?

 
Posted : July 25, 2014 6:35 pm
(@alana33)
Posts: 12365
Illustrious Member
 

Lots of tin foil in wallets after these posts?!#!!?

 
Posted : July 25, 2014 6:44 pm
CruzanIron
(@cruzaniron)
Posts: 2534
Famed Member
 

I'd worry more about the ones with the tin foil hats.

 
Posted : July 25, 2014 6:53 pm
(@noOne)
Posts: 1495
Noble Member
 

Well, can't they scan it when you take it out to use so what good does a blocking wallet or tin foil actually. I rarely use credit cards as I prefer to write checks and may carry only 1 card for emergencies or places like procedural that don't accept checks.

They can be scanned at a distance of up to three feet (From how far away can a typical RFID tag be read?). Someone with a laptop in bag could take a 15 minute walk down Main St. STT and pick up dozens if not hundreds.

Here is a Consumer Reports article detailing how to tell if your CC has RFID, and about fraud:

Newer cards can be hijacked, too

MasterCard uses “PayPass” to identify the cards. Chase bank coined the term “Blink.” Some contactless cards, which use a radio frequency identification, or RFID, chip, might simply have a symbol on the card consisting of four curved lines. An industry newsletter, The Nilson Report, says 35 million contactless chip cards are in circulation in the U.S.

The cards are touted as convenient, but they are also vulnerable to being skimmed without ever leaving your pocket. The information communicated from your card to a card reader can be enough to create a counterfeit card that can be successfully used to make an unauthorized purchase, as we observed in a recent demonstration by Recursion Ventures, a security research and consulting company in New York City.

The basic equipment needed for that form of fraud is readily available to would-be crooks. An electronic card reader available online for less than $100 can be connected to a laptop to store skimmed information. When Chris Paget, whose title at Recursion is chief hacker, used such a reader to scan a Chase debit card he’d recently received, the card’s account number, expiration date, and security data immediately appeared on the computer screen. Two credit cards still inside the mailing envelope revealed the same type of account data.

[...]

“If I put a reader next to a turnstile at Grand Central Terminal at rush hour, I could probably capture data from 5,000 cards in an evening, and what you’re getting from each one is enough to initiate a transaction,” says Mark Rasch, a former Justice Department computer-crime prosecutor who serves as director of cybersecurity and privacy consulting at CSC, a business technology firm. Moreover, repeatedly scanning a card that is lost, stolen, or intercepted in the mail produces multiple security codes, Paget says.

If you are worried or know that your CC may have a RFID chip and don't care about using it, you can just pop it in the microwave for a short duration and that will burn the chip out. You can also specifically ask your CC company for a card that does not have a RFID chip.

This is a growing problem that is still fairly new as most people do not have RFID chips in their CCs: "The Nilson Report, says 35 million contactless chip cards are in circulation in the U.S." Eventually, I am sure, all cards will come with it whether or not you want one...

 
Posted : July 25, 2014 8:19 pm
(@east-ender)
Posts: 5404
Illustrious Member
 

Are the European "Chip & PIN" cards different? They seemed to think they were superior to the non-chip cards.

 
Posted : July 25, 2014 8:50 pm
 Mio
(@Mio)
Posts: 33
Eminent Member
 

Mine was compromised as well on STX and it is not a card with RFID. I also last used it at a business frequently mentioned in the internet discussions. However, Id like to point out that I doubt that anyone was scanning the card, nor doing any sort of copying. It could be just as likely a scenario that for example the credic card processor they use is hacked. There are a number of other scenarios when either the processor, the business or some other inbetween is hacked. As for those who wonder how it can happen so fast - it takes less than seconds to transfer the data online to a database where it can be bough. These days there is no physical "coping" or "making cards" needed to transfer, sell and use credit cards.It is just data, there nothing physical or tangible needed.

 
Posted : July 31, 2014 6:30 pm
(@speee1dy)
Posts: 8871
Illustrious Member
 

it happens and it sucks when it does. unfortunately in the end, we will get stuck with the cost. not with the fraudulent charges but in the end we pay

 
Posted : July 31, 2014 7:14 pm
CruzanIron
(@cruzaniron)
Posts: 2534
Famed Member
 

it happens and it sucks when it does. unfortunately in the end, we will get stuck with the cost. not with the fraudulent charges but in the end we pay

How will we pay?

 
Posted : July 31, 2014 7:18 pm
(@vicanuck)
Posts: 2937
Famed Member
 

Gas City is another frequently mentioned business where debit card numbers seem to be cloned after use.

 
Posted : July 31, 2014 7:36 pm
(@islandjoan)
Posts: 1798
Noble Member
 

MIO what is the STX business frequently mentioned in the internet discussions? I cannot find it.

 
Posted : July 31, 2014 8:18 pm
(@noOne)
Posts: 1495
Noble Member
 

it happens and it sucks when it does. unfortunately in the end, we will get stuck with the cost. not with the fraudulent charges but in the end we pay

How will we pay?

Higher interest rates. Last CC I had I was late on one payment and they jacked my interest rate to something like 39,95% because they thought they had me trapped. I paid off and canceled that card immediately and the CS rep questioned me as to why, and offered a lower rate. I refused and told him to suck something and canceled my card...

 
Posted : July 31, 2014 9:53 pm
CruzanIron
(@cruzaniron)
Posts: 2534
Famed Member
 

Oh. OK. The high interest rate doesn't apply to me.

 
Posted : August 1, 2014 12:02 am
(@Gumbo)
Posts: 490
Reputable Member
 

Well actually my Banco Popular debit card with a Visa logo was compromised twice for a combined sum of just over 900.00. Just so you know, Banco Popular doesn't make it good, you lose it. Unless its a business account, so they tell me.(after waiting for two hours because there was only two people serving customers) But I'm quite sure that if the fraud dropped my account below the point that I am eligible to be charged another fee, it will also be deducted from my account. Before this happened I thought that it was the worst financial institution I've ever done business with, now I'm sure.

 
Posted : August 1, 2014 2:00 am
(@DonExodus)
Posts: 301
Reputable Member
 

Well, this shits really getting out of hand. A few people bring it up each day...

 
Posted : August 1, 2014 2:11 am
(@STXBob)
Posts: 2138
Noble Member
 

Credit card breaches and data breaches are a frequent subject at the blog krebsonsecurity.com. Here's a series of posts on that: http://krebsonsecurity.com/category/data-breaches/

Credit card skimmers are another frequent subject. Skimmers are devices that thieves insert in front of, or inside of, legit card readers to read your card at ATMs and at point of sale terminals. Sometimes they are "used in tandem with a tiny spy camera to record each customer’s PIN." Here's a series of posts on that: http://krebsonsecurity.com/category/all-about-skimmers/

From yesterday's post "Sandwich Chain Jimmy John’s Investigating Breach Claims": "Beyond ATM skimmers, the most prevalent sources of card-present fraud are payment terminals in retail stores that have been compromised by malicious software. This was the case with mass compromises at previous nationwide retailers including Target, Neiman Marcus, Michaels, White Lodging, P.F. Chang’s, Sally Beauty and Goodwill Industries (all breaches first reported on this blog)."

 
Posted : August 1, 2014 11:40 am
(@speee1dy)
Posts: 8871
Illustrious Member
 

i guess cruzaniron does not have a bank account either and so is not affected at all with new and higher fees.

 
Posted : August 1, 2014 12:05 pm
CruzanIron
(@cruzaniron)
Posts: 2534
Famed Member
 

No, I pay my bills on time. I've never paid interest on a credit card before.
My bank charges $2.50 a month fess on my checking, which I think is reasonable.
The 1% cash back on the card and the interest on my savings more than cover my banking costs.

I don't use debit cards since as was pointed out, you may not be insured from fraud like my credit cards are. I also sign up for (free) fraud alerts so anytime there is a charge over an amount that I pre-set I get a notice in seconds.

I also check my accounts every other day,if not daily, just to be sure.

 
Posted : August 1, 2014 12:28 pm
(@AandA2VI)
Posts: 2294
Noble Member
Topic starter
 

Three more friends have had their cards compromised. I've called all my banks which are stateside to let them know there's something going on here.

Up until two weeks ago I had never heard of anyone having this problem here on islands.

Even worse, one of my tours had their cards compromised when they were here on vacation. Bad PR for us for sure.

 
Posted : August 1, 2014 1:35 pm
(@AandA2VI)
Posts: 2294
Noble Member
Topic starter
 

Cruzaniron: FWIW because you seem to be ALL about adding several times that your cards can't be stolen, I just confirmed 100% that one of my friends card WAS on that list and "supposedly" does NOT have a chip in it. Still somehow scanned day before yesterday here in STT and used in NY for $600. This card had not been used in the last 8 months.

If you believe it of not just go get a $7 wallet blocker. Why risk it for $7???? No brainer.

 
Posted : August 1, 2014 2:00 pm
CruzanIron
(@cruzaniron)
Posts: 2534
Famed Member
 

I said that my cards can't be SCANNED since they do not have an RFID chip.

There is no way that you can scan a card without an RFID chip.

If anyone can show me the science to prove otherwise, I would be as interested in seeing it as would everyone else.

Thanks.

 
Posted : August 1, 2014 2:12 pm
(@alana33)
Posts: 12365
Illustrious Member
 

Think I'll just take the 1 card I walk with out of my wallet, put it in
file folder with all the other cards (that do not have the chips) and continue to write checks. Of course that leaves out price smart and gas stations where you can't use checks so then you have an added burden of having to walk with cash/go to bank. What a pain!!!

I don't understand why the bank/credit card companies would charge you if your card was fraudulently used without your knowledge. I have been called when I have made large purchases or used the card off island.

I don't see how a wallet blocker will help if you have it out in your hand swiping it when making a purchase.

 
Posted : August 1, 2014 2:30 pm
CruzanIron
(@cruzaniron)
Posts: 2534
Famed Member
 

The range of a scanner is usually a few inches. Some claim to have a 3' range.
Here is an article that offers some explanation.

http://www.bishopfox.com/resources/tools/rfid-hacking/attack-tools/

Unless someone with a scanner is within that range of you, you should be OK.

 
Posted : August 1, 2014 2:40 pm
Page 3 / 6
Search this website Type then hit enter to search
Close Menu