Your browser is obsolete!

The page may not load correctly.

Banking online

Онлайн по банкингу

Other issues in this category (4)
  • add to favourites
    Add to Bookmarks

Thank you for your purchase?

Read: 1388 Comments: 15 Rating: 43

Bank cards have become one of the most convenient and popular ways of making payment throughout the developed world. Without a doubt, they are also popular with criminals who seek to steal card information in order to use it without the cardholder’s knowledge. To achieve their goal, criminals employ social engineering techniques as well as special malicious programs.

Carding is a type of fraud involving trafficking credit card information that can be used to perform transactions without the card owner’s consent.

Trojans that infect PoS (point-of-sale) terminals, which facilitate bank card transactions, have posed a severe threat to cardholder finances for quite some time. Usually, terminals are connected to Windows PCs which can be infected with malware.

The Trojans intercepted information written on the magnetic strips of cards and passed it along to criminals. Some of these Trojans could also log PIN pad keystrokes. Criminals used the data to create a copy of the card which could then be used to pay for goods and services or withdraw money from ATMs.

However, with the advent of chip and PIN cards and contactless smart cards, criminals are finding PoS Trojans to be much less effective.

PoS Trojans aren't the only threat to cardholders. There are many applications that can inject content into web pages as they are being loaded in the browser. The content is replaced on the compromised machine which means that the page design and the URL remain the same—and users lower their guard. If a remote server requires a secure HTTPS connection, the Trojans can use bogus digital certificates.

With web injections, malware can introduce fake web forms into pages to lure users into divulging their bank card information. For example, a fake web form can appear on a page belonging to a popular online store, a flight booking portal, a site for purchasing game accounts, etc. Criminals can use the card information to carry out all sorts of transactions online, e.g., they can purchase bitcoins or pay for goods and services.

What card information do criminals steal to conduct transactions online?

  • Card number
  • Cardholder name
  • Card expiry date
  • CVV2 code: the card’s three-digit authentication code printed on the reverse side.

Dr.Web recommends

  • Use current anti-virus software;
  • Keep its virus definitions up to date;
  • Remember to scan your PC regularly—some malicious programs may have infected your system before their definitions were added to the Dr.Web virus database.

Rate this issue and receive Dr.Weblings! (1 vote = 1 Dr.Webling)

Sign in and get 10 Dr.Weblings for sharing the link to this issue via social media.

[Twitter]

Unfortunately, due to Facebook's technical limitations, Dr.Weblings cannot be awarded. However, you can share this link with your friends for free.

Tell us what you think

Leave your comment on the day of publication and get 10 Dr.Weblings, or get 1 Dr.Webling for a comment posted any other day. Comments are published automatically and are reviewed by a moderator. Rules for leaving comments about Doctor Web news items.

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments