Breaking News


Header Ads Widget

how to steal money from bank cards: Data Capture by a new way

how to steal money from bank cards: Data Capture by a new way. Cybersecurity experts warned, Scammers  have come up with a new way to steal money from bank cards

how to steal money from bank cards: Data Capture by new way
how to steal money from bank cards: Data Capture by a new way

Cybersecurity experts warned of a new way to steal money from bank cards - attackers infect websites with a special skimmer program using JavaScript. If the cardholder was inattentive or does not use an antivirus, it is extremely easy to get to this fraudulent trick.

Information about a new method of bank card fraud has appeared in Sucuri's IB blog. The owner of the website addressed the employees of the brand, whose resource unexpectedly appeared in the blacklist of the antivirus. As it turned out, he was infected with a skimmer program aimed at stealing money from user cards.

It turned out that the skimmer was associated with the google-analytîcs [.] Com domain, which belongs to internationalized domain names - as you can see, the address contains the letter of the national alphabet. Replacing one letter with another, the attacker deceives the user to a fake website, which differs from the original by one character. Also, "google" in the address prompts the user to the idea that this is a reliable site, and lulls his vigilance.

When a user enters a fake website, the skimmer, imperceptibly for the cardholder, steal the data transmitted by him, sending them to the malicious operator.

  • Internet fraud in the segment of CNP operations [operations without a card - Gazeta.Ru] remained the only mass scheme for stealing money from bank cards, says Alexei Sizov, head of the anti-fraud department of the Applied Systems Security System of Jet Systems.

  • “The number of twin sites, cases of injection of dangerous code to web resources has an avalanche growth. Mechanisms to counter such attacks exist, but not all resources provide control over injections, especially when they are carried out on the client's device. Not all clone sites are detected and blocked quickly, ”the expert explained.

  • Cybercriminals can hack sites, abusing site vulnerabilities, using brute-force attacks or leaking credentials to inject malicious code. In this case, they used JavaScript - with its help, the payment data entered on the site is captured, information security evangelist at Avast Luis Corrons told

Such methods are especially scary for users who do not have an antivirus installed on the device that they use to access the site.

“The site does not seem suspicious, it looks like a normal, reliable site that users trust. Therefore, as a rule, people quietly enter their data. Antivirus programs can warn users of malicious site content and block access to it, ”said Corrons.

Another frightening aspect, in this case, is that the cybercriminals behind this attack are very well prepared.

“They conducted extensive research, targeting over 50 payment gateways. Payment gateways are services that authorize transactions, something like Yandex.Cash. Also, hackers are carefully looking for credit card numbers, CVV numbers, expiration dates and other payment details on the sites, ”a correspondent told.

The main motivation of cybercriminals is financial gain. In the past, cybercriminals installed skimmers of physical cards at ATMs to steal card information, but this took a lot of time and put them at significant risk, while the targeted victims were quite small.
 In the case of cyber fraud, criminals can make such attacks without leaving home, just by embedding the code on websites. This method will provide them with a much wider range of potential victims.

“However, it’s not so easy to use a stolen credit card information, so cyber criminals will most likely sell the data on the darknet for further use by other criminals,” the expert concluded.
In early July, the Central Bank of the Russian Federation spoke about a new method by which fraudsters manage to steal money from ATMs. This happens when a transaction is cancelled when a client transfers money to another person, and then, when a warning appears on the screen about the commission charged for the operation, cancels the transaction. As a result, the frozen amount is unlocked on his account and goes to the account of the accomplice.

You May Also Like:

Visa and MasterCard settled a dispute with retailers for $ 6 billion

  • Payment systems Visa and MasterCard have agreed to pay retailers $ 6 billion - this is the largest compensation in the history of the United States for cartel collusion paid out of court.

  • Visa and MasterCard will pay $ 6 billion to merchants for collusion in setting tariffs for servicing credit cards, and from next year, US sellers can transfer fees to buyers. Such a danger does not threaten Russian buyers; on the contrary, non-cash payment is beneficial for trade networks, market participants say.

how to steal money from bank cards: Data Capture by a new way
how to steal money from bank cards: Data Capture by a new way
  • The largest amount will be paid by Visa - $ 4.4 billion. Master Card will allocate $ 790 million. The remaining $ 810 million will be paid by card-issuing banks to retailers (JP Morgan Chase, Bank of America, Citigroup, Wells Fargo, Capital and others).

  • Also within the framework of the agreement, payment systems will have to reduce the size of the commission to 0.1% for eight months, which will allow retailers to save $ 1.25 billion. Previously, retailers had to pay 2% of each purchase.

  • And from 2013, trade organizations will be able to compensate for these costs at the expense of buyers who pay with credit cards. Thus, they plan to encourage customers to use cash or cards issued by retailers themselves when paying for goods and services.

  • In 2005, the largest US retailers Kroger Co, Safeway Inc. and Walgreen, as well as the National Association of Convenience Stores, the National Pharmaceutical Association, the National Cooperative Grocery Stores Association and the National Association of Pharmacies sued Visa, MasterCard, and issuing banks in the New York District Court. They were accused of deliberately overstating the size of the commission charged for using credit and debit cards when paying for goods and services.

  • The court was to consider the dispute in September 2012, but the parties decided to settle the conflict in a pretrial order.

  • MasterCard chief consultant Noa Hanft and Visa CEO Joseph Saunders believes that retailers, like operators, were beneficial to resolve the dispute "peacefully." “This is a historic event,” said one of the lawyers of retail chains. “The agreement will make it possible to equalize rights in a market where banks previously dominated.”

According to the data of the National Retail Federation of the USA, each year trading organizations pay issuing banks for transactions on cards about $ 30 billion. The funds received are distributed between issuing banks and electronic payment operators.

The voluntary resolution of the conflict was the first step towards one of the largest anti-monopoly agreements in US history, said Mallory Duncan, senior vice president and general counsel of the National Retail Federation. “We need changes in the rules that will lead to market transparency and free competition,” he said.

But retailers will, again and again, be able to take the opportunity to demand lower commissions from congress and operators, adds Frank Keating, president of the American Bar Association (ABA). “It’s about billions of dollars in revenue,” he says.

Transferring costs to buyers will not affect Russia, market participants say.

“Retailers in Russia have no right to take an additional commission from buyers,”

  • - explain in X5 Retail Group. According to a company representative, in Russia, non-cash payments are just beginning to develop, which is due to “the uneven development of banking infrastructure, as well as people's distrust of cashless payment security systems.”

  • In Russia, large retailers, on the contrary, advocate payment for purchases with cards and some even give discounts for cashless payments, said Alexander Ivanov, president of the Distance Trading Association.

“Retailers already have to compete with online stores, whose prices are much lower. They expect the map system to help equalize their rights, ”

- he says. Ivanov specifies that in Russia there is also no uniform compensation system for payment systems - everything depends on an agreement with the retailer with the issuing bank.

As they said, the standard commission of international payment systems in a network of "Auchan" for a transaction in Russia is traditionally 1.5%. In Europe, it is 2.5 times lower.

Post a Comment


  1. I think this is a really good article. You make this information interesting and engaging.


  2. Very good points you wrote here..Great stuff...I think you've made some truly interesting points.Keep up the good work.
    python course in Guwahati

  3. It has increases the importance of the field. If you have also been attracted by the value of data science and want to learn it, you have to understand the basic courses of data science you need to learn to move successfully in the industry.
    data science course in patna


Like a Reply