Scale
The well-known Russian Roman Seleznev.
As a result of which more than 9 billion dollars were stolen from the cards of victims, and a database of 1,700,000 numbers of stolen stolen cards was found on his computer. It's hard to believe in this gigantic number, but let's figure out where such databases come from and see how money is debited from victims' cards.
It is naive to believe that card data can only be stolen from people who absolutely do not care about their safety and pay on suspicious sites or send photos of their card to social networks. After all, one of the types of data theft from a card is scrimming. The essence of this method is to install an additional reader on the ATM by fraudsters, which will read all information from the card and transfer it to the fraudsters. In addition, a camera is installed that will record on video the process of entering the secret password from the card. Sometimes an overlay keyboard reader is used instead of a camera. Regardless of what technologies the fraudsters use, it can be very difficult to understand at a glance that the ATM has been modified. Banks are aware of this type of fraud and are fighting it,but hackers come up with sophisticated new scrimming methods that allow them to continue to successfully steal data from cards.
But even if you minimize the risk of scrimming by thoroughly checking the ATM before using it, you cannot feel secure. When paying with a card to a cafe or restaurant, a waiter can discreetly take a photo or in any other way remember such data of your card as cvv, number, owner's name, expiration date. If, for making a payment, the waiter, having taken the card, leaves another room for making the payment, then there he can easily read all the information from the magnetic strip of the card. At the end I will tell you what data is used and how it is used later. The fact is that it is extremely easy to do this, and most importantly, the victim often does not even know that his card has just fallen into the hands of scammers.
Now that it is clear that fraudsters have many ways to steal data directly from the card itself, let's look at how things are with the security of payments on the Internet. Often, a user can become a victim of a scammer due to his carelessness. Hackers often create fake versions of bank websites or online stores, this is called phishing. The goal is to make the user believe that he got to the original version of the site he is familiar with, and to deceive him with his card details. The domain name is chosen as similar as possible to the resource that the hacker wants to fake, and the design can be copied down to the smallest detail. An experienced user can easily figure out such a site by the lack of a certificate and a strange domain name. But recently it was allowed to use not only the Latin alphabet in domain names, which led to the emergence of phishing domains,which look exactly like the original. For example, hackers replace o with cyrillic o. There are no external differences between the original and the fake! Until recently, the browser displayed them the same way in the address bar. Now this issue has been resolved, but phishing remains one of the main reasons for theft of card data on the network, especially foreign cards.
Attentive users, of course, recognize a fake site, but there is another method that no one is immune from. From time to time, hackers manage to break into databases of sites that work with user cards. As a result of such a hack, data on hundreds of thousands of cards are stolen at a time. And as a result of the Kaptoxa virus attack in 2013, when the American supermarket chain Target was hacked, the personal data of 110 million shoppers were stolen!
In addition to these methods, there are many more ways to steal a card. I have listed some of the most common. The number of data thefts from the card is constantly high.
Card provider
Now I will tell you what they do with the stolen cards. People who steal information from cards do not withdraw money on their own, but sell data from cards on special sites or already established networks, that is, the carders they trust, so finding a worthy card supplier is not at all easy, you need to have contacts or an experienced carder who wakes you up to provide guidance (training) and with it your supplier contacts. Why don't the vendors work out the cards themselves? It's very simple, they are masters in the extraction of cards and not in cash, as they say, everyone should go about their business. Here, by the way, what kind of data was stolen plays an important role. If you manage to steal the PIN code and read the contents of the magnetic tape, then an attacker can easily create a copy of the card.Together with a password,the ATM will accept a fake and allow you to cash out. The card itself has additional protection in the form of a chip, but at the moment not all ATMs check it, so this method finds its application. But most often, foreign cards are processed at clothing or techno stores such as Amazon, this is the most profitable and safe option!
The well-known Russian Roman Seleznev.
As a result of which more than 9 billion dollars were stolen from the cards of victims, and a database of 1,700,000 numbers of stolen stolen cards was found on his computer. It's hard to believe in this gigantic number, but let's figure out where such databases come from and see how money is debited from victims' cards.
It is naive to believe that card data can only be stolen from people who absolutely do not care about their safety and pay on suspicious sites or send photos of their card to social networks. After all, one of the types of data theft from a card is scrimming. The essence of this method is to install an additional reader on the ATM by fraudsters, which will read all information from the card and transfer it to the fraudsters. In addition, a camera is installed that will record on video the process of entering the secret password from the card. Sometimes an overlay keyboard reader is used instead of a camera. Regardless of what technologies the fraudsters use, it can be very difficult to understand at a glance that the ATM has been modified. Banks are aware of this type of fraud and are fighting it,but hackers come up with sophisticated new scrimming methods that allow them to continue to successfully steal data from cards.
But even if you minimize the risk of scrimming by thoroughly checking the ATM before using it, you cannot feel secure. When paying with a card to a cafe or restaurant, a waiter can discreetly take a photo or in any other way remember such data of your card as cvv, number, owner's name, expiration date. If, for making a payment, the waiter, having taken the card, leaves another room for making the payment, then there he can easily read all the information from the magnetic strip of the card. At the end I will tell you what data is used and how it is used later. The fact is that it is extremely easy to do this, and most importantly, the victim often does not even know that his card has just fallen into the hands of scammers.
Now that it is clear that fraudsters have many ways to steal data directly from the card itself, let's look at how things are with the security of payments on the Internet. Often, a user can become a victim of a scammer due to his carelessness. Hackers often create fake versions of bank websites or online stores, this is called phishing. The goal is to make the user believe that he got to the original version of the site he is familiar with, and to deceive him with his card details. The domain name is chosen as similar as possible to the resource that the hacker wants to fake, and the design can be copied down to the smallest detail. An experienced user can easily figure out such a site by the lack of a certificate and a strange domain name. But recently it was allowed to use not only the Latin alphabet in domain names, which led to the emergence of phishing domains,which look exactly like the original. For example, hackers replace o with cyrillic o. There are no external differences between the original and the fake! Until recently, the browser displayed them the same way in the address bar. Now this issue has been resolved, but phishing remains one of the main reasons for theft of card data on the network, especially foreign cards.
Attentive users, of course, recognize a fake site, but there is another method that no one is immune from. From time to time, hackers manage to break into databases of sites that work with user cards. As a result of such a hack, data on hundreds of thousands of cards are stolen at a time. And as a result of the Kaptoxa virus attack in 2013, when the American supermarket chain Target was hacked, the personal data of 110 million shoppers were stolen!
In addition to these methods, there are many more ways to steal a card. I have listed some of the most common. The number of data thefts from the card is constantly high.
Card provider
Now I will tell you what they do with the stolen cards. People who steal information from cards do not withdraw money on their own, but sell data from cards on special sites or already established networks, that is, the carders they trust, so finding a worthy card supplier is not at all easy, you need to have contacts or an experienced carder who wakes you up to provide guidance (training) and with it your supplier contacts. Why don't the vendors work out the cards themselves? It's very simple, they are masters in the extraction of cards and not in cash, as they say, everyone should go about their business. Here, by the way, what kind of data was stolen plays an important role. If you manage to steal the PIN code and read the contents of the magnetic tape, then an attacker can easily create a copy of the card.Together with a password,the ATM will accept a fake and allow you to cash out. The card itself has additional protection in the form of a chip, but at the moment not all ATMs check it, so this method finds its application. But most often, foreign cards are processed at clothing or techno stores such as Amazon, this is the most profitable and safe option!
