Among the methods used by cybercriminals to get easy money, the most widely used is still the cloning of credit and debit cards. There are several techniques that allow these cybercriminals to get hold of our personal data and especially our card information, such as card number, expiration dates, security numbers and user’s PIN, and based on it extract cash or make unauthorized purchases.
For this reason, in today’s advice we want to alert you to the following techniques, related to card cloning:
- SKIMMING: The cybercriminal manipulates an ATM of a bank branch or a vending point of sale.. In addition to installing a hidden camera to obtain the PIN number or bank account information, it replaces elements of the ATM so that, when the card is inserted, the magnetic strip or the chip can be copied. Thus, the cybercriminal will only have to collect this data and copy it onto a new blank card, and they will have their cloned copy that they can use as the original.
– Recommendation: Cover the keyboard when entering the PIN and alert of anything that we consider suspicious or unusual.
- FALSE ELECTRONIC DEVICES: Be careful with payment through POS outside official or unusual establishments. Cybercriminals can grab one of these devices and use them in what appears to be a normal sale or payment. In order to clone the card, it will be necessary to insert it into the POS. Since the cybercriminal will not be able to get hold of the PIN number throughcontactless.
– Recommendation: Outside of official establishments, always pay in cash or through mobile contactless . Since in this way they will lack the necessary information to clone the card 100% and we will also be notified instantly, about any payment or charge made with it that has not been authorized by us.
- PHISHING: Also known as fraud through email, , it involves the request by an allegedly real issuer (bank, online store, video platform, etc.) of the payment information required to be able to maintain or correctly validate the profile or account on a certain website, by clicking on a link that redirects us to a false form or website.
– Recommendation: Make sure that it is really necessary to enter the information of a means of payment in order to use the website or the service. That the company does not have this information in advance (bank, online store) and if it is entered, do so through the website or official application. Never click on the link received by email.
- FALSE WEBSITE: Cybercriminals can completely copy a real page and create a secondary website, so that as users of it we believe that we are actually hiring a service, accessing content or buying a product.
– Recommendation: Enter payment information only if it is strictly necessary and, if so, make sure that the page has an SSL / TLS encryption protocol and the secure web message appears (the little lock in the URL).