Language Selection

English French German Italian Portuguese Spanish

Online scams net criminals £2.75 billion

Filed under
Security

Poor card vetting at ATMs helped criminals make off with nearly $3bn in cash plundered from the accounts of users duped into handing over sensitive information in online scams.

Gartner estimates some three million US consumers had $2.75bn stolen out of their bank accounts in the 12 months ending May 2005.

The theft was almost entirely down to criminals using online scams to con consumers out of account and password information through attacks such as phishing and key-logging.

Account information is being increasingly used in the manufacturing of fake cards that are subsequently used at ATM cash machines to withdraw money.

Yet banks are not taking sensible precautions on how their ATMs and others' check these cards, even though it is them that bears the brunt of the cost of these fraudulent withdrawals.

Avivah Litan, VP and research director at Gartner said that these criminals 'succeed when the card-issuing bank is not validating security codes on the magnetic stripe of the card while authorizing transactions ... These security codes are stored on Track 2 of the magnetic stripe and include PIN offsets and Card Verification Value (CVV) codes. The codes link the physical card to the customer's account number.

'Surprisingly, perhaps as many as half of US-based financial institutions are not validating Track 2 security data while authorizing ATM and PIN debit transactions. Most of these institutions are unaware that they, or the outsourced ATM transactions processor they rely on, should be doing so.'

Withdrawing cash has benefits over online transactions for these criminals. Many of the gangs that use phishing attacks to access online bank accounts 'hire' mules through which the money is funnelled in an attempt to hide the trail to their own bank account. Taking cash out of an ATM has none of these drawbacks. But Gartner insists that 'Banks have the ability to stop these attacks' as the CVV code is not known to the customer and therefore not prey to phishing attacks - a key element for ATMs to check.

By Matt Whipp
PCPro

More in Tux Machines

Microsoft Linuxwashing and Research Openwashing

today's howtos

Why Everyone should know vim

Vim is an improved version of Vi, a known text editor available by default in UNIX distributions. Another alternative for modal editors is Emacs but they’re so different that I kind of feel they serve different purposes. Both are great, regardless. I don’t feel vim is necessarily a geeky kind of taste or not. Vim introduced modal editing to me and that has changed my life, really. If you have ever tried vim, you may have noticed you have to press “I” or “A” (lower case) to start writing (note: I’m aware there are more ways to start editing but the purpose is not to cover Vim’s functionalities.). The fun part starts once you realize you can associate Insert and Append commands to something. And then editing text is like thinking of what you want the computer to show on the computer instead of struggling where you at before writing. The same goes for other commands which are easily converted to mnemonics and this is what helped getting comfortable with Vim. Note that Emacs does not have this kind of keybindings but they do have a Vim-like mode - Evil (Extensive Vi Layer). More often than not, I just need to think of what I want to accomplish and type the first letters. Like Replace, Visual, Delete, and so on. It is a modal editor after all, meaning it has modes for everything. This is also what increases my productivity when writing files. I just think of my intentions and Vim does the things for me. Read more

Graphics: Intel and Mesa 18.1 RC1 Released

  • Intel 2018Q1 Graphics Stack Recipe
    Last week Intel's Open-Source Technology Center released their latest quarterly "graphics stack recipe" for the Linux desktop. The Intel Graphics Stack Recipe is the company's recommended configuration for an optimal and supported open-source graphics driver experience for their Intel HD/UHD/Iris Graphics found on Intel processors.
  • Mesa 18.1-RC1 Released With The Latest Open-Source 3D Driver Features
    Seemingly flying under our radar is that Mesa 18.1 has already been branched and the first release candidate issued. While the Mesa website hasn't yet been updated for the 18.1 details, Dylan Baker appears to be the release manager for the 18.1 series -- the second quarter of 2018 release stream.