Lord777
Professional
- Messages
- 2,577
- Reaction score
- 1,563
- Points
- 113
To get into the area of interest of carders, just use a bank card. What is this type of fraud, how to protect yourself from it, and whether it is possible to return the stolen money, we will deal with these issues together.
What is carding?
Carding is a type of fraud in which attackers fraudulently obtain your confidential data and withdraw money from your accounts without your knowledge.
One of the methods used by fraudsters to gain access to card data is hacking the servers of an online store, payment and settlement systems. With the help of remote access programs and various malicious software (software), hackers can get hold of important personal information about you and your payment card data.
According to the Committee on Legal Statistics and Special Records of the Prosecutor General's Office of the Republic of Kazakhstan, over 16.6 thousand cases of Internet fraud were registered in Kazakhstan in January-September 2022, which is 52% of the total number of offenses.
What is carding like?
Carders, that is, scammers who hunt for other people's payment cards, can use attacks on their potential victims using various readers on ATMs, or remote attacks – phishing, vishing, and others.
In the first case, a skimming device is used – this is a miniature device that is attached to an ATM, and with which you can read information from a payment card. Banks, in turn, are constantly improving the system level of their ATMs and putting electronic tools on them to protect and detect skimmers. Therefore, thefts using skimmers are becoming less and less – due to the improvement of the technical equipment of banks. Instead, they receive simulations of various situations with social engineering, when scammers try to get the necessary access to confidential information, based on the psychology of people.
Scammers show ingenuity, so do not give in to provocations, keep critical thinking in all situations.
What methods do scammers use at a distance?
As for the remote attack, scammers come up with various ways to obtain payment card data and actively use modern technologies for this purpose. They just need to find out the card number and the three-digit code on the back (CVV/CVC code) to leave the owner of "plastic" without funds. Fraudsters can steal your card, use a photo of it that you once posted on various sites, in social networks or messengers, using a phishing site, that is, a clone site, for example, an online store where you yourself specified the full card details for purchasing goods. Attackers can also use banking Trojans to remotely attack the card user, infecting computers and gadgets and penetrating the web browser to steal passwords for mobile banking applications, linked card numbers, and other personal confidential information. To minimize the risk of password theft using the above method, it is better NOT to use the auto-save password function in the browser of gadgets (smartphones, computers, etc.). If necessary, check the current browser settings and disable this function.
If you notice that money has been debited from your bank card, contact the bank and law enforcement agencies.
How else do carders work?
Posing as bank employees, representatives of the security service of a financial organization, or law enforcement agencies, intruders may call you and try to force you to provide your payment card details under various pretexts. For example, they may say that you are currently under a hacker attack, and in order for the bank to take action, you need to urgently dictate three digits on the back of the card and the confirmation code from the SMS.
Since the beginning of the pandemic, scammers are also actively exploiting the topic of coronavirus, whether it's free diagnostics, medical care, benefits, compensation, refunds for air tickets and much more. Older people most often trust such information, especially about various social benefits, and can pass on all the information on their cards to callers.
Scammers can not only threaten, they can also give you positive emotions so that you can trust them. To do this, they use social engineering techniques. For example, they may tell you that you have won a raffle held by their bank or organization, or in some other way you have become the lucky winner of a valuable prize. Or they can say that the bank has transferred you to the VIP client category, and you will have the best service, high cashback, and much more.
Fraudsters may ask you to install "special "software to " protect funds". In fact, these can be spyware programs that can be used by attackers to find out your card details, take possession of your funds, and easily apply for a loan for you.
The main goal of intruders is to confuse you, to cause strong emotions: fear or joy, delight. As you know, people in this state are easier to manage.
If unknown people call you and start talking about money, it is better to end the conversation and call back to the official numbers of the organization whose representative called you.
What should I do if the scammers got the necessary data?
Immediately contact the bank with a request to block the card, claiming fraudulent actions. Your card will be reissued. Also change your password in the mobile banking app.
File a complaint about the theft of money from the card with law enforcement agencies. Be sure to keep a copy of the application with the registration number, because if fraudsters try to apply for a loan for you, you will be able to prove your non-involvement in it.
Is it possible to return money that scammers managed to withdraw or transfer to another account?
Since 2016, the Law of the Republic of Kazakhstan "On Payments and Payment Systems" has been in force in Kazakhstan, according to which a refund for a money transfer is made in a number of cases, one of which is the establishment of the fact of unauthorized payment made by money transfer. This fact is established after a thorough investigation conducted by the bank and law enforcement agencies.
Refund of money for an unauthorized payment or transfer is made by the beneficiary's bank, that is, the person in favor of whom the payment or transfer is made, by withdrawing money from the beneficiary's bank account to which the specified money was credited. Moreover, the consent of this person is not required. And the beneficiary's bank makes a refund no later than the next business day from the date of detection of this fact at the expense of the available money in the beneficiary's bank account.
How to avoid becoming a victim of carding?
1. Use antivirus programs obtained from official sources that you can trust. To steal your bank card number using virus software, fraudsters will use various options: drop phishing links to your email address, send SMS messages.
2. Update your device's software in a timely manner. Updates increase its security level against hacking.
3. Change your passwords more often, and use complex passwords with different characters and numbers. The faster you detect a hack, the higher the chance to respond quickly and reduce the negative consequences of a fraudulent attack.
4. Recognize phishing. Do not follow suspicious links or download attached files from unknown sources, because the virus may be stored in a ZIP archive.
5. Set up SMS or PUSH notifications for mobile banking apps to track all your transactions.
What is carding?
Carding is a type of fraud in which attackers fraudulently obtain your confidential data and withdraw money from your accounts without your knowledge.
One of the methods used by fraudsters to gain access to card data is hacking the servers of an online store, payment and settlement systems. With the help of remote access programs and various malicious software (software), hackers can get hold of important personal information about you and your payment card data.
According to the Committee on Legal Statistics and Special Records of the Prosecutor General's Office of the Republic of Kazakhstan, over 16.6 thousand cases of Internet fraud were registered in Kazakhstan in January-September 2022, which is 52% of the total number of offenses.
What is carding like?
Carders, that is, scammers who hunt for other people's payment cards, can use attacks on their potential victims using various readers on ATMs, or remote attacks – phishing, vishing, and others.
In the first case, a skimming device is used – this is a miniature device that is attached to an ATM, and with which you can read information from a payment card. Banks, in turn, are constantly improving the system level of their ATMs and putting electronic tools on them to protect and detect skimmers. Therefore, thefts using skimmers are becoming less and less – due to the improvement of the technical equipment of banks. Instead, they receive simulations of various situations with social engineering, when scammers try to get the necessary access to confidential information, based on the psychology of people.
Scammers show ingenuity, so do not give in to provocations, keep critical thinking in all situations.
What methods do scammers use at a distance?
As for the remote attack, scammers come up with various ways to obtain payment card data and actively use modern technologies for this purpose. They just need to find out the card number and the three-digit code on the back (CVV/CVC code) to leave the owner of "plastic" without funds. Fraudsters can steal your card, use a photo of it that you once posted on various sites, in social networks or messengers, using a phishing site, that is, a clone site, for example, an online store where you yourself specified the full card details for purchasing goods. Attackers can also use banking Trojans to remotely attack the card user, infecting computers and gadgets and penetrating the web browser to steal passwords for mobile banking applications, linked card numbers, and other personal confidential information. To minimize the risk of password theft using the above method, it is better NOT to use the auto-save password function in the browser of gadgets (smartphones, computers, etc.). If necessary, check the current browser settings and disable this function.
If you notice that money has been debited from your bank card, contact the bank and law enforcement agencies.
How else do carders work?
Posing as bank employees, representatives of the security service of a financial organization, or law enforcement agencies, intruders may call you and try to force you to provide your payment card details under various pretexts. For example, they may say that you are currently under a hacker attack, and in order for the bank to take action, you need to urgently dictate three digits on the back of the card and the confirmation code from the SMS.
Since the beginning of the pandemic, scammers are also actively exploiting the topic of coronavirus, whether it's free diagnostics, medical care, benefits, compensation, refunds for air tickets and much more. Older people most often trust such information, especially about various social benefits, and can pass on all the information on their cards to callers.
Scammers can not only threaten, they can also give you positive emotions so that you can trust them. To do this, they use social engineering techniques. For example, they may tell you that you have won a raffle held by their bank or organization, or in some other way you have become the lucky winner of a valuable prize. Or they can say that the bank has transferred you to the VIP client category, and you will have the best service, high cashback, and much more.
Fraudsters may ask you to install "special "software to " protect funds". In fact, these can be spyware programs that can be used by attackers to find out your card details, take possession of your funds, and easily apply for a loan for you.
The main goal of intruders is to confuse you, to cause strong emotions: fear or joy, delight. As you know, people in this state are easier to manage.
If unknown people call you and start talking about money, it is better to end the conversation and call back to the official numbers of the organization whose representative called you.
What should I do if the scammers got the necessary data?
Immediately contact the bank with a request to block the card, claiming fraudulent actions. Your card will be reissued. Also change your password in the mobile banking app.
File a complaint about the theft of money from the card with law enforcement agencies. Be sure to keep a copy of the application with the registration number, because if fraudsters try to apply for a loan for you, you will be able to prove your non-involvement in it.
Is it possible to return money that scammers managed to withdraw or transfer to another account?
Since 2016, the Law of the Republic of Kazakhstan "On Payments and Payment Systems" has been in force in Kazakhstan, according to which a refund for a money transfer is made in a number of cases, one of which is the establishment of the fact of unauthorized payment made by money transfer. This fact is established after a thorough investigation conducted by the bank and law enforcement agencies.
Refund of money for an unauthorized payment or transfer is made by the beneficiary's bank, that is, the person in favor of whom the payment or transfer is made, by withdrawing money from the beneficiary's bank account to which the specified money was credited. Moreover, the consent of this person is not required. And the beneficiary's bank makes a refund no later than the next business day from the date of detection of this fact at the expense of the available money in the beneficiary's bank account.
How to avoid becoming a victim of carding?
1. Use antivirus programs obtained from official sources that you can trust. To steal your bank card number using virus software, fraudsters will use various options: drop phishing links to your email address, send SMS messages.
2. Update your device's software in a timely manner. Updates increase its security level against hacking.
3. Change your passwords more often, and use complex passwords with different characters and numbers. The faster you detect a hack, the higher the chance to respond quickly and reduce the negative consequences of a fraudulent attack.
4. Recognize phishing. Do not follow suspicious links or download attached files from unknown sources, because the virus may be stored in a ZIP archive.
5. Set up SMS or PUSH notifications for mobile banking apps to track all your transactions.
