Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

A warning to us all


  • Please log in to reply
12 replies to this topic

#1 Chris Cosgrove

Chris Cosgrove

  • Moderator
  • 7,102 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:06:06 AM

Posted 21 April 2015 - 06:23 PM

Yesterday our monthly credit card bill came in the door, I took a quick look at it and set it aside for later attention. Today since my wife was going into the bank she said she would go and pay it. when she came home she said there were a couple of transactions on it she didn't recognise and I was to check them.

 

Looking at them I didn't recognise them either - both to the same supplier and on consecutive days - so I hot footed it to the bank who told me to ring their credit card department. Speaking to the credit card people it was established that both transactions were to a well known women's clothing store and both transactions took place at about 0320 local time. I don't cross-dress, I don't sleepwalk and I am normally in bed by 0100 !  To my knowledge, my credit cards have never been out of my possession with the exception of a pre-paid Euro card we share. Happily, the bank is treating this as fraud and refunding our money and the on-line store in question is treating this as fraud - apparently the e-mail address used was nothing like mine and the delivery address is about 300 miles away in a city I haven't been into for 20 years.

 

The question remains - how did this criminal get hold of my credit card details ?

 

I thought I was good on security. Nobody knows my pin numbers, although they are on file in our house. I've never leant out my credit card. I don't keep passwords and access codes on a computer but on a memory stick which lives on top of my desk at home - it gets put into the computer when I need one I don't know - and I use different passwords for any account than can cost me money.

 

I am beginning to wonder if this was done through a hacked PoS terminal.

 

Happily, I understand out money will be refunded. It wasn't a particularly ambitious attack, nowhere near the limit on the card, the sum involved was only about £UK 450 but it would have made a dent in the budget for a couple of months at least !

 

But it is a warning to be very careful with your plastic !

 

Chris Cosgrove



BC AdBot (Login to Remove)

 


#2 pcpunk

pcpunk

  • Members
  • 6,231 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:01:06 AM

Posted 21 April 2015 - 06:35 PM

Hmm, scary - you better start using that linux system lol.


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#3 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:06 AM

Posted 21 April 2015 - 06:46 PM

I am beginning to wonder if this was done through a hacked PoS terminal.


Wouldn't be the first time. This happens more often now a day. I've also been victim of a cloned card. I went into an Empire one day to buy a pair of shows and a week later, the police raided the place for fraud suspicions and found out that they attached a nifty little device on the PoS that was cloning cards as you were swipping them. It can happen to anyone.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#4 White Hat Mike

White Hat Mike

  • Members
  • 312 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:::1
  • Local time:02:06 AM

Posted 21 April 2015 - 07:00 PM

Do you use the card that was compromised to pay for gas? Have you ever? If so, I would bet that it was retrieved via a skimmer at a gas pump.

Information Security Engineer | Penetration Tester | Forensic Analyst

CipherTechs.com


#5 JohnnyJammer

JohnnyJammer

  • Members
  • 1,118 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:04:06 PM

Posted 21 April 2015 - 07:20 PM

mate Brian Krebbs has some great articles about POS systems being exploited, worth a read if you have not already mate.



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,905 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:06 AM

Posted 21 April 2015 - 07:56 PM

How Was Your Credit Card Stolen?
Five Ways Thieves Steal Credit Card Data
10 Simple Ways Identity Thieves Steal Your Credit Card
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Crazy Cat

Crazy Cat

  • Members
  • 808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:06:06 PM

Posted 21 April 2015 - 11:28 PM

Now cybercriminals can automate rogue credit card charges. http://www.computerworld.com/article/2840589/now-cybercriminals-can-automate-rogue-credit-card-charges.html
https://www.intelcrawler.com/news-23

Flaw in New Secure Credit Cards Would Let Hackers Steal $1M Per Card. http://www.wired.com/2014/11/chip-n-pin-foreign-currency-vulnerability/
http://www.ncl.ac.uk/press.office/press.release/item/contactless-cards-fail-to-recognise-foreign-currency

How RAM Scrapers Work: The Sneaky Tools Behind the Latest Credit Card Hacks. http://www.wired.com/2014/09/ram-scrapers-how-they-work/
http://www.wired.com/wp-content/uploads/2014/09/wp-pos-ram-scraper-malware.pdf

Quantum physics used in quest for fraud-proof credit cards. http://www.computerworld.com/article/2859030/quantum-physics-used-in-quest-for-fraud-proof-credit-cards.html
Quantum-secure authentication of a physical unclonable key. https://www.opticsinfobase.org/optica/fulltext.cfm?uri=optica-1-6-421&id=306292

Edited by Crazy Cat, 22 April 2015 - 07:48 PM.

 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


#8 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:06 AM

Posted 21 April 2015 - 11:35 PM

Since people are becoming more aware in security, criminals will have to invent new ways to get our money.

I own only a debit card (as a student), and even then I just withdraw and pay things in cash. Habits are hard to break.

#9 Chris Cosgrove

Chris Cosgrove
  • Topic Starter

  • Moderator
  • 7,102 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:06:06 AM

Posted 23 April 2015 - 03:22 AM

The word that has come back to me is that it was probably at a local branch of ASDA/Walmart where they have 24 hour card pay pumps. I use it falrly often because it is (1) on my road home from one of my bridge clubs, and, (2) they usually have the cheapest fuel in the area !  Also life is a bit easier there at the moment for those with a criminal turn of  mind since they only have one 24 hour pump working just now. Just before Christmas somebody accidentally drove a truck through the other and apparently they are still arguing about the insurance !

 

As Alexstrasza says, there is a lot to be said for the old motto -

 

"In God we trust, the rest pay cash" !

 

Chris Cosgrove



#10 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:06 AM

Posted 23 April 2015 - 03:45 AM

In my country PoS machines are only seen in supermarkets and large chain stores, and even then most people don't own a credit/debit card.

I have to admit, I started having the habit of checking ATMs and PoS machines when I use them after moving. But my greatest defense is still to use cash :P

#11 White Hat Mike

White Hat Mike

  • Members
  • 312 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:::1
  • Local time:02:06 AM

Posted 23 April 2015 - 01:05 PM

The word that has come back to me is that it was probably at a local branch of ASDA/Walmart where they have 24 hour card pay pumps. I use it falrly often because it is (1) on my road home from one of my bridge clubs, and, (2) they usually have the cheapest fuel in the area !  Also life is a bit easier there at the moment for those with a criminal turn of  mind since they only have one 24 hour pump working just now. Just before Christmas somebody accidentally drove a truck through the other and apparently they are still arguing about the insurance !

 

As Alexstrasza says, there is a lot to be said for the old motto -

 

"In God we trust, the rest pay cash" !

 

Chris Cosgrove

 

Yep, just what I thought.  Happened to me a few times; it's not uncommon, and happens to many people whether you travel or you just frequent a certain gas station.  Anywhere that's not always full service is a target.  Multiple stations in my town had skimmers attached to their pumps as well as skimmers attached to some ATMs at high-traffic banks in the area.


Information Security Engineer | Penetration Tester | Forensic Analyst

CipherTechs.com


#12 r.a.d.

r.a.d.

  • Members
  • 750 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:06 PM

Posted 23 April 2015 - 01:21 PM

Ours was compromised once. We'd had only two transactions, one an online purchase from a Canadian pharmacy, and the other a local restaurant. Details of the call from the credit card showed two purchases, the first for under five bucks ( a shakedown cruise, if you will) followed by an attempt of a $200+ purchase, prompting the call. Both occurred in a neighboring state indicating the compromise happened at the restaurant by whoever ran our card at the register.
We stopped eating there on principle, though their food was great.

Thought I'd add a quick edit, that Canadian pharmacy was for Etoricoxib folks! Nothing starting with a V...:-)

Edited by r.a.d., 23 April 2015 - 01:30 PM.

Bleepin' desert rat retiree in climes yet to fry brains (knock on cactus).

Past climes/best friend:  photo-91.gif

#13 RolandJS

RolandJS

  • Members
  • 4,539 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:12:06 AM

Posted 23 April 2015 - 01:49 PM

Were they, as Chase would put it, "blink" cards?  Blink cards can transmit a signal to the correct PoS terminal via quick-wave near it. And, they can transmit to an unauthorized receiver, being used by an "over-the-airway" skimmer. 


"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users