The Anti-virus Times

Thursday, September 29, 2016

This issue’s material has been provided by Anti-virus Times project participant Irrepressible Inhabitant from Shakhty

To catch their victims, fraudsters are setting special traps, and ignorant users are getting ensnared in them. Today, tons of criminals are actively engaged in stealing money, including from card accounts. This type of fraud is referred to as “carding”, a topic that has already been the subject of several Anti-virus Times issues. You, and we, already know what kind of scoundrels these carders are, and we’re not going to tuck our tails and run from them! We will beat them at their own game—by putting some bait out for them.

Carders are like predators that devour their victims. One of the most efficient ways to catch predators is by luring them with live bait—with the things they are used to eating, like small fish or animals, for example. So, we are proposing to combat carders using this highly effective method. Since carders “feed on” card data, we should use it as bait. But first we need to attract a predator by putting bait out so that it can see it or sense that it’s there.

So, let’s get started.

The first thing to do is to create an account on a social media site. Be sure to enter a publicly listed phone number and your e-mail address. Give everyone, including unauthorised users, full access to all the sections of your account. This can be done in the “Privacy” settings. It would be a huge plus if you also registered on all existing social media sites, and on popular forums and portals. While creating your accounts, follow the recommendations of our previous issue “The best password is “qwerty”—there’s no need to go to any great lengths here. If you already have a fairly large number of public accounts, you can skip this step.

The second thing needed for a theft to occur is a card. If you don’t have one yet, you need to apply for one through any bank that supports online banking transactions. Today, this is pretty easy to do; the banks are practically forcing their cards on people. By the way, it’s better to write your PIN on your card; otherwise you can easily forget it. The piece of paper the bank gives you that your PIN is printed on usually fades quickly, or you could lose it. Actually, the most convenient thing to do is to write your PIN on the backside of your card, next to the three-digit code. You can also enter and save your PIN to your phone’s contacts or address book—making it convenient to access and ready when you need it. If bank employees suggest that you set some restrictions and limits on your online transactions when issuing you your card, tell them you’re not interested. First, you’re a reasonable person and you’re not going to buy yachts and helicopters online. Second, if you really decide to suddenly buy a yacht, this restriction can only obstruct you. Two-factor authorisation is a throwback to 2014. In a day and age when banks can already ensure the security of accounts and payments, this anachronism only prevents transactions from being carried out quickly and smoothly. For example, if your phone’s battery runs down, you won’t be able to make a payment. Even worse—your phone could get stolen, and all your authorisation data would be in the hands of robbers. In addition, be sure to disable SMS notifications. For banks, this is profitable; after all, they can ding you for a monthly fee for this service. Remember the proverb: “Who will not keep a penny never shall have any”! There’s no sense in paying any more than you have to

You must become attractive to fraudsters, so try to make yourself an open book in every way. Regularly, on your social media pages, share photos of expensive things you’ve purchased—tablets, smartphones, cars, handbags, watches, and haute couture dresses. Post photos from your trips to the Maldives and the Seychelles. You must also take pride in your financial successes and achievements, and the awards you’ve received. Let your friends know about your success and envy you! A potential fraudster must make sure that you are really rich and worthy of becoming a carding victim.

In a special album, upload photos of the front and back of your credit card, passport, and other documents you may need at some point. This is red meat for a predator. Post your entire biography on one of your account pages, and don’t forget to list all of your relatives, together with their contact details. Remember that some social media sites let you specify family relationships (mom, dad, brothers, sisters, grandmothers, etc.). Be sure to take advantage of this option. You must show off your relatives with pride! Also, don’t forget to boast about your pets—post cute photos of them, with captions containing their nicknames.

If you can geotag your photos, definitely do it. Everyone should know where you are. Everyone will probably envy you—there they are, probably languishing in a stuffy office or some impassable hick town.

The next thing we need is popularity. As the saying goes, “A friend in court is better than a penny in purse”. In real life we have few friends, but social media sites are a different story! In addition to our real friends, we can add anyone who sends us a friend request. Moreover, you can join all types of groups to get friends. The easiest way is to join some game-related group where participants can assist each other. Write a post in this kind of community, saying: “I add everybody! I send help every day”. You can be sure that within a few days, you will have so many online friends that your offline friends will envy you.

Another good way to become popular is to participate actively in various public or popular forums. It’s very easy! Prove that participants are wrong; actively spar. And try to criticize everyone in a rude manner; it’s better to humiliate and insult an opponent in order to touch a nerve. Everybody who is humiliated and insulted will surely visit your page to familiarise themselves with such a worthy opponent as you.

If, for some reason, your system is protected with an anti-virus, you need to follow the recommendations we described in the issue “How to train your anti-virus”, so that it doesn’t interfere with this important business you’re now engaged in.

When your online friends (and other people you’ve become popular with) start sending you messages containing all sorts of links and requests to visit and vote for a child/pet/class/ensemble, etc., don’t ignore them. Without question, follow these links and do exactly what you’re asked to do. Remember, you are an open and kind public person—don’t lose your influence! Help people; this is easy to do. Perhaps, on your phone, you’ll occasionally receive messages containing sets of numbers, and your friends will ask you to pass those numbers along to them. Don’t refuse your online friends or they may delete you from their friends list, and your popularity will begin to fall.

If you’ve thoroughly complied with the previous recommendations and stick to our plan, you can just sit back and enjoy life, actively communicate with others, and wait. Wait until you finally manage to lure a predator into a trap.

When a predator takes the bait and withdraws money from your account, the simplest part of our plan is all that’s left—inform your bank. Bank employees will surely know what to do with fraudsters! But don’t rush, it’s better to wait a few days until the criminal involved has gotten over his adrenaline rush and is in a relaxed mood, lying on a hammock somewhere in Hawaii. After all, the biggest mistake you can make when monitoring your trap is to activate it too soon! And, generally speaking, don’t even report the theft—your bank can identify the fraudulent transactions and do what’s needed to catch the swindler. Just sit back with a refreshing drink in hand, and bask in the knowledge that you’ve saved the world from a scoundrel.