A learning experience for readers.
Carders have many tricks to get into our virtual pockets.
They use stolen personal data, hack personal accounts on bank websites, and link the card to another phone number. Fortunately, we are often able to protect our money. Readers of Tinkoff Magazine told how they encountered theft from bank cards and how it ended.
STORY #1
STORY #2
When I got home I blocked the card, but the money was gone. The police took my statement on December 31, but that was all. I went to the police a couple more times. The result is silence. The thief was never found.
STORY #3
STORY #4
Interestingly, on the same day they called my mobile operator, blocking my SIM card - supposedly the phone was lost. All this was preceded by the hacking of my VKontakte profile, where I sent a passport photo to my mother, as a result of which the passport data ended up in the hands of scammers. Now I have two-factor authentication absolutely everywhere.
STORY #5
STORY #6
It came to court. It turned out that a certain Doris Robinson in Bremen paid via the Internet with my money for a plasma TV for 1576 € (151,989 ₽). They delivered it to her on Tuesday, they even gave her the address at the bank. At the same time, payments in the amount of no more than 5-7 € (482-675 ₽) per day were made from this card for six months , everything was later confirmed by bank analysts.
As a result, it's my fault. She allegedly gave a third party a CVC code and card number. The money, of course, was not returned. Banking miracles. Since then I haven’t been in the same field with that bank.
STORY #7
They said that they would send a courier and pick up the dress, but part of the money would be transferred directly to the card in order to bomb the goods. The rest will be given by the courier upon receipt. Baby talk, but it gets even funnier. At home there were two cards with almost expired expiration dates, about 100 rubles on one and 50 rubles on the other. I dictated the number of one of them without a three-digit code and hoped that nothing would work out for them.
After some time they call back and, apologizing, ask for another card. I didn’t like the previous one because it was only 50 ₽, and they supposedly have corporate money and they only send money for goods to cards with a limit of 1000 ₽. They did the same with the second card, but were also left without any gain. We threatened to call them somewhere and report fraudulent activity - they hung up and the number immediately became unavailable.
They simply use the card number to enter the client’s personal account and can brazenly withdraw money from the account. Nothing was withdrawn from us, but we entered our personal account without problems - without a code, without messages from the bank.
STORY #8
STORY #9
My daughter immediately called the bank to find out whether they called or not. The bank's security service replied that they did not call.
STORY #10
The bank did not explain how the thieves gained access in such a short period of time, bypassing the password-protected access system, referring to the allegedly entered card number and changing the password via SMS recovery . At the same time, the bank did not recognize that changing the password is a change of personal data, after which it was obliged to request a code word known only to the real owner of the account, and not to the one in whose hands the phone with the SIM card and bank card logically associated with it ended up.
(c) https://journal.tinkoff.ru/stealing-money-cards/
Carders have many tricks to get into our virtual pockets.
They use stolen personal data, hack personal accounts on bank websites, and link the card to another phone number. Fortunately, we are often able to protect our money. Readers of Tinkoff Magazine told how they encountered theft from bank cards and how it ended.
STORY #1
When you linked a card to someone else's phone
There was a case - a bank employee leaked my data, deciding that the expectant mother would not run and call the bank if something suddenly happened . And I received an SMS on my phone that my card had been relinked to another phone number, please confirm this operation. I immediately contacted the bank, canceled it, and blocked entry from any other financial number. It turned out that there was indeed a hack. And this local office employee was fired after the leak. True, the bank never admitted that this was the result of a leak.STORY #2
When your wallet was stolen and money was debited from your credit card
On December 31, 2017, they pulled out my wallet while I was talking on the phone and quickly withdrew money from my credit card in the store - seven purchases in a row up to 1000 rubles. As a result, 6578 ₽ was spent on the card.When I got home I blocked the card, but the money was gone. The police took my statement on December 31, but that was all. I went to the police a couple more times. The result is silence. The thief was never found.
STORY #3
When they tried to hack into a personal account on a bank website
I always thought that this is stolen from some other people, it won’t affect me. Until, quite unexpectedly, I received a message that an attempt was made to log into my personal account at the bank, but I did not log in. Immediately , as recommended in the SMS, I called the bank and reported this - they reset my password and login, everything worked out. After that, I became more attentive to safety.STORY #4
When passport data was stolen and an attempt was made to hack into the Internet bank
Recently I came across a situation - someone changed the code word and phone number by calling the bank. But no one from the bank called on the old phone number to clarify. As a result, I accidentally noticed this myself when the access code did not arrive via SMS, since a different number was specified.Interestingly, on the same day they called my mobile operator, blocking my SIM card - supposedly the phone was lost. All this was preceded by the hacking of my VKontakte profile, where I sent a passport photo to my mother, as a result of which the passport data ended up in the hands of scammers. Now I have two-factor authentication absolutely everywhere.
STORY #5
When they wrote off money under the guise of a movie subscription
Fraudsters stole 2,000 ₽ from the card, allegedly for a subscription to Kinopoisk. Every month I pay for SMS alerts , the SMS arrives every other time - exactly when the money was withdrawn, there were no alerts! They say insure your card! So, without insurance, any hacker can write off money from the card, there is no protection?STORY #6
When did you find out the password for the card after purchasing an air ticket?
Money was stolen from the card, and the bank did nothing. I paid for my air ticket in Frankfurt via the Internet; there was no other option. The site is real, the ticket is valid. Three months later, on Saturday, I was at a dacha in the Moscow region. I receive an SMS about payment of 1576 € (151,989 ₽) via the Internet in Germany, in Bremen - I’ve never been there. Within three minutes I called the bank, blocked the card, explained that it was not me, and asked not to transfer anything. I wrote a complaint on Monday.It came to court. It turned out that a certain Doris Robinson in Bremen paid via the Internet with my money for a plasma TV for 1576 € (151,989 ₽). They delivered it to her on Tuesday, they even gave her the address at the bank. At the same time, payments in the amount of no more than 5-7 € (482-675 ₽) per day were made from this card for six months , everything was later confirmed by bank analysts.
As a result, it's my fault. She allegedly gave a third party a CVC code and card number. The money, of course, was not returned. Banking miracles. Since then I haven’t been in the same field with that bank.
STORY #7
When the card number was enough to hack an online bank
They tried to steal money on the Avito and Yula websites when we put things up for sale. Fraudsters monitor immediately. They called and offered a deal: they liked the product and bought it without looking - especially a wedding dress. They screwed up right away. We decided to play along with their proposals.They said that they would send a courier and pick up the dress, but part of the money would be transferred directly to the card in order to bomb the goods. The rest will be given by the courier upon receipt. Baby talk, but it gets even funnier. At home there were two cards with almost expired expiration dates, about 100 rubles on one and 50 rubles on the other. I dictated the number of one of them without a three-digit code and hoped that nothing would work out for them.
After some time they call back and, apologizing, ask for another card. I didn’t like the previous one because it was only 50 ₽, and they supposedly have corporate money and they only send money for goods to cards with a limit of 1000 ₽. They did the same with the second card, but were also left without any gain. We threatened to call them somewhere and report fraudulent activity - they hung up and the number immediately became unavailable.
They simply use the card number to enter the client’s personal account and can brazenly withdraw money from the account. Nothing was withdrawn from us, but we entered our personal account without problems - without a code, without messages from the bank.
STORY #8
When they promised financial protection and stole all the money
Thinking that this was a state website of an authorized unit for the financial protection of citizens, I fell into the hands of scammers who took all my money from the card and ultimately paid nothing. Moreover, I had to pay twice for the services of their lawyer, but did not receive the service itself. I had to block the card and call the bank. Previously, government agencies dealt with such scammers. It is scary to live in a country where there is no limit to lawlessness.STORY #9
When they tried to lure out the card number by posing as a bank employee
They called under the guise of the bank's security service - like I made a purchase in an online store , but the payment did not go through, and they themselves will correct the situation. I actually paid for the purchase the day before. They asked for card details. The voice is male, very confident, even demanding. I was somehow alarmed and believed, but as soon as they started talking about the card details, I was indignant - why on earth are you asking for card details? - and turned off the phone.My daughter immediately called the bank to find out whether they called or not. The bank's security service replied that they did not call.
STORY #10
When your phone was stolen and the money was quickly debited
They stole a phone in a crowded public transport and in 26 minutes, during which I was looking for which other phone to call the bank from and block the account, they managed to write off money in five different amounts with an interval of one minute. The largest transfers were rejected, but even despite the atypical behavior, the bank did not request a code word for the second suspicious tranche.The bank did not explain how the thieves gained access in such a short period of time, bypassing the password-protected access system, referring to the allegedly entered card number and changing the password via SMS recovery . At the same time, the bank did not recognize that changing the password is a change of personal data, after which it was obliged to request a code word known only to the real owner of the account, and not to the one in whose hands the phone with the SIM card and bank card logically associated with it ended up.
(c) https://journal.tinkoff.ru/stealing-money-cards/
