Be wary of bank card fraud new tricks, choose a regular POS machine

The security of bank card use is facing new challenges. According to the "China Bank Card Industry Development Blue Book (2017)" released by the China Banking Association recently, the bank card fraud rate in China was 2.57 basis points in 2016, an increase of 0.68 basis points over the previous year. The fraudulent means was highlighted by offline fake card theft. Online account theft, telecom fraud.

At the same time, with the increasing variety of payment methods, especially the rapid and anonymized online non-face-to-face transactions, fraudulent practices are constantly being refurbished, and fraud risk management is more difficult. How should the above fraudulent means be identified? How to effectively prevent and control the risk of bank card fraud? How does the regulatory authorities form a synergy?

"Pseudo-card stolen" chain

Pseudo-card theft is the most important type of credit card fraud. According to the "Blue Book", credit card fraud losses were mainly based on pseudo-card transactions in 2016, and they accounted for an increase in the previous year, followed by false identity and Internet fraud. The main types of debit card fraud were telecom fraud, followed by Internet fraud. , fake card stealing brush.

According to the relevant person in charge of the banking industry association, the so-called fake card stealing brush means that the criminals will record the bank card magnetic stripe information, including the account password, etc., and then use this information to copy a fake card, using the fake card in the POS machine, The stolen brush is implemented on the ATM machine.

"The magnetic stripe information side record is the core. At present, the credit card is still a magnetic stripe card, which is easier to be recorded. The magnetic stripe card in the debit card is also easy to be recorded, and the chip card is much safer," said the person in charge.

Ms. Hu, who lives in Wuhan, Hubei Province, found that her debit card was taken away by 24,900 yuan. The withdrawal site was an ATM machine in Chongqing. However, the debit card is clearly around, how can it be stolen on ATMs in different places?

After investigation, the Chongqing police found that it contained a complete "pseudo-card stolen criminal chain" - research and development of POS machine pirate chip, transformation of pos machine, stealing bank card card information, foreign production of fake cards, domestic stolen brush withdrawal.

Specifically, the suspects in the case jointly developed a chip that recorded the bank card track information and payment password, and then used the false merchant identity to defraud the network payment company, bidding for more than 10 POS machines, and embedding the chip into the POS. The modification is completed in the machine, and then the modified POS machine is sold to certain consumer places through the payment company agent.

When the cardholder pays by the above POS card, the bank card account information, payment password and other data will be recorded and stolen by the chip. After that, criminal suspects will use maintenance as an excuse to regularly export data from chips, use these data to make "pseudo-cards" abroad, and then take fake cards back to the territory for cash withdrawal and consumption.

"It is worth noting that in recent years, the number of merchants colluding with fake card theft has increased." The relevant person in charge of the Ministry of Public Security said that some merchants in the acquiring institutions are not strict in the network review, and the criminals use this loophole to falsely apply for merchants or Merchants collude to commit fraud and quickly transfer accounts.

Scaled information theft

How to prevent your bank card information from being stolen by side? Industry insiders reminded that for debit cards, it is recommended that cardholders replace the magnetic stripe debit card with a more secure "IC chip card", and periodically change the payment password and bind the SMS notification to the mobile phone. Account status.

Since the current credit card is still a magnetic stripe card, it is recommended that the cardholder choose a regular business location when swiping the card. Merchants should choose formal channels when installing POS machines. They should not be convinced of salesmen other than bank staff to avoid being used by criminals.

In addition, the cardholder can set the credit card limit for his or her credit card and debit card. If the spending amount exceeds the upper limit, it must be confirmed by the mobile phone verification code to enhance the security of the account.

"Also, don't put a lot of money on the bank card that binds the third-party payment tools, so that criminals can use third-party agencies to steal information," said the relevant person in charge of the banking association.

It is also one of the methods of bank card fraud refurbishment by using third-party agency vulnerabilities to mass-produce and scale theft information. The "Blue Book" shows that in recent years, third-party payment institutions and outsourcing service providers have become targets of criminal attacks. Some third-party organizations illegally retain bank card magnetic stripe data and poorly managed access to sensitive data. Criminals use hacker technology to maliciously attack third-party back-end databases to obtain customer account information in batches.

Among them, the "collision library" and "sweeping number" methods are more common. The hacker first collects the leaked and decentralized account information and passwords, and then logs in to other websites in batches, and matches the information with each cardholder's bank and Alipay account number one by one, and finally “collides” like “big luck”. Some information about the cardholder's available information.

Attack mobile phone mobile

In addition to offline and online information theft, mobile phones are also becoming the hardest hit by bank card fraud. "Recently, some lawless elements used the gift as a bait to induce the cardholder to scan the QR code with the mobile phone, and then implant the Trojan virus program into the cardholder's mobile phone, and directly intercept the SMS verification code sent by the bank to the cardholder. The relevant person in charge of the Ministry of Public Security said.

Many well-known, SMS verification code is the second security guarantee outside the payment password, thus illegal interception and fraudulent verification code has become a key step in bank card fraud.

At present, there are two common attack methods on the mobile terminal: one is that the criminals modify the card holder to reserve the mobile phone number, and then implement the network theft. For example, the criminals use the variable number software to pretend that the cardholder calls the bank's customer service system and requests to modify the reserved mobile phone number and password.

Second, the criminals made up the points exchange, quota adjustment, return refund and other reasons, and sent the phishing website link to the cardholder's mobile phone. After the cardholder clicked the link, the transaction verification number was stolen and the criminals completed the stolen brush.

Faced with the above new methods, some banks have adopted the "virtual mobile phone number", "non-reserved phone" and other technologies to upgrade information protection. At present, when the Shanghai Pudong Development Bank credit card transmits information to customers, it does not display the real mobile phone number of the customer, and replaces it with a dynamic virtual number. Minsheng Bank has launched the “non-reserved telephone incoming line” and “interactive dynamic voice verification” functions. Multiple risk business tips such as periodic call reminders, account disputes, and handling reminders to prevent risks more effectively

Kids Adjustable Desk

The ergonomic comfortable seat minimizes the pressure on the spine caused by students sitting for a long time, and the seat is more suitable for the body, and it is more comfortable to sit for a long time. The size is upgraded, the student's range of activities is larger, the use of more comfortable oval tube, the steel tube is thicker, the weighing capacity is stronger, the service life is longer, the pen groove design prevents the pen from rolling on the table top, the side load-bearing hook, high fastness Hook design, plastic material scratch-resistant, convenient and practical. Free adjustment, lift table and chair design, to meet the needs of different heights and ages.

Kids Adjustable Desk,Lately Wooden Study Desk,Oem Kids Study Desk,Ergonomic Study Desk

Igrow Technology Co.,LTD , https://www.aigrowdesks.com