Stealing money from a bank card is more difficult than pulling it out of a wallet. Nevertheless, fraudsters are mastering new technologies and have learned how to select keys even to bank cards.
What information about your card do cybercriminals need?
They need your card details: card number, owner's first and last name, expiration date, card authentication code (three digits on the back, for example, CVV or CVC), PIN. Also, a code from SMS for confirming payments and transfers on those sites where payments need to be confirmed using such a code.
Location: shop or cafe
1. You pay with a regular bank card
The malefactor may be an employee of the trade and services sector. A waiter, cashier or seller, accepting your bank card for payment, can take a photo of the necessary data (card number, expiration date, owner's name and code on the back), and then pay it on the Internet.
How to prevent?
When calculating, try not to lose sight of your card. And enter the PIN so that it is not visible to strangers.
2. You pay through the terminal, but the payment does not go through
In the cafe, the waiter brings you a POS terminal (in the picture), you pay, but then the waiter says that the payment did not go through and asks to re-enter the PIN code. By doing this, you risk paying twice.
How to prevent?
Connect SMS notifications about payments. Be sure to ask for a receipt notifying the failure or refusal of the operation (the POS terminal always prints this).
3. You pay by card with contactless payment system
You can pay with cards with a contactless payment system instantly, with one touch, if your payment does not exceed a certain limit. You do not need to enter a PIN code. Attackers can steal money from such a card by leaning the reader or POS terminal against the bag.
How to prevent?
To prevent contactless payments from taking place without your knowledge, it is better to store the card in the shielding compartment of your wallet, bag or a special case for bank cards.
Location: ATM
The most common way to steal card details (number, name and surname of the owner, expiration date) when using it in an ATM is to install a skimmer on the ATM. This is a special device that copies data from the magnetic stripe of the card. They can also steal a PIN by installing a hidden camera or an overhead keyboard on the ATM. A fake keyboard is placed right on top of the original one, and the ATM itself responds to pressing as usual - you will not even notice that something is wrong. Attackers, using the stolen data, can make a copy of your card.
“Once I came to a friend in Moscow, looked into a store near his house - and there was only cash payment. I ran to the ATM, in a hurry. I found such an unremarkable ATM in the same store, two guys, “technicians” in uniform, with equipment, were still spinning around, setting up something ... "
Be vigilant, do not step on someone else's rake!
How to prevent?
The skimmer is able to steal information only from the magnetic stripe, but not from a special chip.
Location: anywhere
1. You received an alarming SMS message or a call from a relative
An alleged relative writes or calls you from an unfamiliar number and says that he is in trouble and urgently needs money, but he has no time to explain the situation. In such messages, the urgency of the situation is often manipulated and sent at extremely inconvenient times, for example, at night.
How to prevent?
Don't rush to transfer money. Try to figure out the details - usually long conversations are not part of the attackers' plans. If you didn't manage to find out anything really, call the relative on whose behalf you are applying to make sure if he is calling / writing to you.
2. You received a message "from the bank"
An SMS message comes from an unfamiliar number that your card is blocked. The SMS contains the number that you need to call to clarify the details. By calling, you will be taken to the fake security service of the bank, where you will be persuaded to provide the card details or go to the nearest ATM and make transactions. By following the instructions of the intruders, you will give them access to the card and they will steal your money.
“My father fell for the bait of scammers via his mobile phone. First, he received an SMS supposedly from me from someone else's number, where they asked me not to ask anything and to top up the account. By the way, my father saw the message after the story was over, and the scammers decided not to wait a long time for an answer and try their luck in a different way ... "
Be vigilant, do not step on someone else's rake!
How to prevent?
Don't call back - first find out if your bank actually called. Real banks usually send notifications from the same number. In addition, your card contains a telephone number for communication with the bank - call it and find out if it is blocked. Or contact the employees of the nearest bank branch.
3. You are called from a government agency
People call you and introduce themselves as employees of the Bank, the prosecutor's office, the court, the Ministry of Health, the Ministry of Finance and other institutions. They report, for example, about the required compensation for damage from the actions of fraudsters: about compensation for purchased medical goods or services of psychics. If, in order to receive the promised compensation, the "employee" asks you to pay something (income tax, income tax, bank fee, compulsory insurance, state duty, money transfer commission), and even more so asks you to provide passport data or bank details, this is a telephone fraudster.
How to prevent?
Don't follow directions and don't pay anything. Do not provide personal information, real employees already have it.
Location: home
1. You received a letter or notification
You will receive a notification by mail on a form with the Bank details. It says that the court ordered to pay you compensation, for this you need to contact the contact person. And as soon as possible, otherwise the compensation will go to the benefit of the state - this is how the attackers are pushing you to act.
How to prevent?
Do not rush to contact the contact person specified in the letter, check the details. Call the phone number for inquiries indicated on the official website of the Bank. If the letter turns out to be fake, file a complaint with law enforcement.
Remember, the Bank of Russia sends SMS and e-mail only in response to your request via the Internet reception.
SMS messages from the regulator come from the short number 3434, e-mails - from the address [email protected].
Any messages from other numbers, especially those requiring the introduction of a PIN code, confirmation of transactions, the provision of personal data and other information, should be regarded as an attempt at fraud.
Protect yourself from scammers:
What if you still encounter a scam?
If money was suddenly debited from your bank card:
Compensation
After receiving your application, the bank will conduct an internal investigation and resolve the issue of damages. If you followed the security measures and applied to the bank no later than a day after the money was debited, then you can count on a refund. However, if you yourself provided the cybercriminals with the PIN code or SMS code required to confirm payments and transfers, unfortunately, the bank will not refund your money.
What information about your card do cybercriminals need?
They need your card details: card number, owner's first and last name, expiration date, card authentication code (three digits on the back, for example, CVV or CVC), PIN. Also, a code from SMS for confirming payments and transfers on those sites where payments need to be confirmed using such a code.
Location: shop or cafe
1. You pay with a regular bank card
The malefactor may be an employee of the trade and services sector. A waiter, cashier or seller, accepting your bank card for payment, can take a photo of the necessary data (card number, expiration date, owner's name and code on the back), and then pay it on the Internet.
How to prevent?
When calculating, try not to lose sight of your card. And enter the PIN so that it is not visible to strangers.
2. You pay through the terminal, but the payment does not go through
In the cafe, the waiter brings you a POS terminal (in the picture), you pay, but then the waiter says that the payment did not go through and asks to re-enter the PIN code. By doing this, you risk paying twice.
How to prevent?
Connect SMS notifications about payments. Be sure to ask for a receipt notifying the failure or refusal of the operation (the POS terminal always prints this).
3. You pay by card with contactless payment system
You can pay with cards with a contactless payment system instantly, with one touch, if your payment does not exceed a certain limit. You do not need to enter a PIN code. Attackers can steal money from such a card by leaning the reader or POS terminal against the bag.
How to prevent?
To prevent contactless payments from taking place without your knowledge, it is better to store the card in the shielding compartment of your wallet, bag or a special case for bank cards.
Location: ATM
The most common way to steal card details (number, name and surname of the owner, expiration date) when using it in an ATM is to install a skimmer on the ATM. This is a special device that copies data from the magnetic stripe of the card. They can also steal a PIN by installing a hidden camera or an overhead keyboard on the ATM. A fake keyboard is placed right on top of the original one, and the ATM itself responds to pressing as usual - you will not even notice that something is wrong. Attackers, using the stolen data, can make a copy of your card.
“Once I came to a friend in Moscow, looked into a store near his house - and there was only cash payment. I ran to the ATM, in a hurry. I found such an unremarkable ATM in the same store, two guys, “technicians” in uniform, with equipment, were still spinning around, setting up something ... "
Be vigilant, do not step on someone else's rake!
How to prevent?
The skimmer is able to steal information only from the magnetic stripe, but not from a special chip.
- Check the ATM for any foreign devices. The keyboard should not differ in texture, much less wobble.
- When entering your PIN, always cover the keyboard with your free hand so that no one spies.
- Try to use ATM machines inside bank branches. They are checked more often and are better guarded.
Location: anywhere
1. You received an alarming SMS message or a call from a relative
An alleged relative writes or calls you from an unfamiliar number and says that he is in trouble and urgently needs money, but he has no time to explain the situation. In such messages, the urgency of the situation is often manipulated and sent at extremely inconvenient times, for example, at night.
How to prevent?
Don't rush to transfer money. Try to figure out the details - usually long conversations are not part of the attackers' plans. If you didn't manage to find out anything really, call the relative on whose behalf you are applying to make sure if he is calling / writing to you.
2. You received a message "from the bank"
An SMS message comes from an unfamiliar number that your card is blocked. The SMS contains the number that you need to call to clarify the details. By calling, you will be taken to the fake security service of the bank, where you will be persuaded to provide the card details or go to the nearest ATM and make transactions. By following the instructions of the intruders, you will give them access to the card and they will steal your money.
“My father fell for the bait of scammers via his mobile phone. First, he received an SMS supposedly from me from someone else's number, where they asked me not to ask anything and to top up the account. By the way, my father saw the message after the story was over, and the scammers decided not to wait a long time for an answer and try their luck in a different way ... "
Be vigilant, do not step on someone else's rake!
How to prevent?
Don't call back - first find out if your bank actually called. Real banks usually send notifications from the same number. In addition, your card contains a telephone number for communication with the bank - call it and find out if it is blocked. Or contact the employees of the nearest bank branch.
3. You are called from a government agency
People call you and introduce themselves as employees of the Bank, the prosecutor's office, the court, the Ministry of Health, the Ministry of Finance and other institutions. They report, for example, about the required compensation for damage from the actions of fraudsters: about compensation for purchased medical goods or services of psychics. If, in order to receive the promised compensation, the "employee" asks you to pay something (income tax, income tax, bank fee, compulsory insurance, state duty, money transfer commission), and even more so asks you to provide passport data or bank details, this is a telephone fraudster.
How to prevent?
Don't follow directions and don't pay anything. Do not provide personal information, real employees already have it.
Location: home
1. You received a letter or notification
You will receive a notification by mail on a form with the Bank details. It says that the court ordered to pay you compensation, for this you need to contact the contact person. And as soon as possible, otherwise the compensation will go to the benefit of the state - this is how the attackers are pushing you to act.
How to prevent?
Do not rush to contact the contact person specified in the letter, check the details. Call the phone number for inquiries indicated on the official website of the Bank. If the letter turns out to be fake, file a complaint with law enforcement.
Remember, the Bank of Russia sends SMS and e-mail only in response to your request via the Internet reception.
SMS messages from the regulator come from the short number 3434, e-mails - from the address [email protected].
Any messages from other numbers, especially those requiring the introduction of a PIN code, confirmation of transactions, the provision of personal data and other information, should be regarded as an attempt at fraud.
Protect yourself from scammers:
- Connect your mobile bank to track transactions that you haven't made. So you can quickly respond to the actions of scammers - and time is very important in this case.
- Do not store large amounts of money on the card that you carry with you and use for everyday spending.
- If you plan to use the card only in Russia, be sure to inform the bank employees about it.
- Tell elderly relatives about the tricks of the scammers - they are the ones most often targeted by cybercriminals.
What if you still encounter a scam?
If money was suddenly debited from your bank card:
- Call the bank as soon as possible (the number is on the back of the card), report a fraudulent operation and block the card.
- Go to the bank branch and ask for an account statement. Write a statement of disagreement with the operation. Keep a copy of the application with the bank's note of acceptance.
- Contact law enforcement with a statement of theft.
Compensation
After receiving your application, the bank will conduct an internal investigation and resolve the issue of damages. If you followed the security measures and applied to the bank no later than a day after the money was debited, then you can count on a refund. However, if you yourself provided the cybercriminals with the PIN code or SMS code required to confirm payments and transfers, unfortunately, the bank will not refund your money.
