Borrower, Beware: Credit-Card Fraud Attempts Rise During The Coronavirus Crisis
Emboldened fraudsters are mounting phishing attacks and attempting purchases with card numbers stolen in old hacks. Borrower, Beware: Credit-Card Fraud Attempts Rise During The Coronavirus Crisis
Fraudsters are increasingly using pilfered credit-card numbers and phishing attacks to prey on overwhelmed consumers and banks during the coronavirus pandemic.
There has been a big jump in attempted credit- and debit-card fraud since coronavirus shut down the U.S. economy earlier this year, according to Fidelity National Information Services Inc., known as FIS, which assists about 3,200 U.S. banks with fraud monitoring. The dollar volume of attempted fraudulent transactions rose 35% in April from a year earlier, FIS said, a trend that appears to be continuing in May.
For apps and websites that don’t take Apple Pay
yet, there’s a virtual card number in the Wallet app. Hackers never see your actual card number.
Gain peace of mind with Privacy, the online card that protects your money and gives you full control when shopping online.
Most of the fraudulent transactions were caught before they hit cardholders’ accounts, FIS said, but the spike in attempts presents another challenge for consumers and their lenders muddling through the worst economic crisis since the Great Depression.
Credit-card purchases have fallen over the past two months, and millions of out-of-work borrowers have stopped making their monthly payments. A rise in successful fraud attempts could lead to higher losses for card issuers and, ultimately, higher costs for consumers.
“This is going to hit everyone very hard,” said Krista Tedder, head of payments at Javelin Strategy & Research, which advises card issuers on security issues.
Fraud is a perennial problem for banks. Fraud losses—including losses linked to credit and debit cards—cost banks, merchants and, in some cases, cardholders $16.9 billion last year, up 15% from a year prior and the highest level since 2013, according to Javelin.
Banks have increased their fraud projections for 2020, according to Aite Group, a research and consulting firm.
A sharp decline in travel and spending at bricks-and-mortar locations has shifted much of the fraud to the internet at large card issuers including Wells Fargo & Co., Bank of America Corp. and Synchrony Financial, according to people familiar with the matter.
Fraudsters are employing a number of tactics to dupe unsuspecting consumers and banks.
They are generating random card numbers until they stumble upon legitimate accounts and attempting more fraudulent purchases with card numbers stolen in pre-pandemic hacks, said Eric Kraus, vice president of fraud at FIS.
Phishing attacks—the use of phone calls, emails or texts to trick customers into handing over their credentials—are rising, too, so much so that executives at one community bank were certain they had been hacked before learning that many of their cardholders had instead fallen victim to scams, Mr. Kraus said.
Anton Hinton got a phone call in late April from someone claiming to represent JPMorgan Chase & Co. The caller, who knew Mr. Hinton’s full name, email address and the last four digits of his account, said his debit-card number had been stolen and needed to be frozen.
The caller told Mr. Hinton to set up a digital wallet to make purchases until Chase could ship a new card to his home in Cleveland. While on the call, he got an email, ostensibly from Chase, with a one-time activation code to set up the digital wallet.
After he hung up, Mr. Hinton saw more than $300 in purchases had been made in Florida.
Chase refunded the charges and sent Mr. Hinton a replacement card. “Scams typically increase during times of crisis, like pandemics and natural disasters,” a spokesman said.
Banks often alert customers to fraud attempts, but getting customer-service representatives on the phone to remove charges and replace cards has been a challenge for some cardholders. Lenders have been flooded with calls from borrowers looking for a break on their monthly payments during the coronavirus shutdown.
Capital One Financial Corp. texted and emailed Lisa Camillieri in late March to ask if she had tried to make a $1,279 purchase at a BMW dealership in Texas and a $1,344 purchase at a car-parts dealer in Florida. She hadn’t, she replied, and the bank stopped the transactions.
Replacing her card hasn’t been so easy. She called the bank several times and got an automated message warning of lengthy wait times.
A Capital One spokeswoman declined to comment.
Carolyn Mora was doing a routine check of her accounts in early April when she spotted five charges on her Citigroup Inc. credit card. The $232 in charges were made in Israel, where Ms. Mora, who lives in Pennsylvania, has never traveled. She was also charged $7 in foreign-transaction fees.
Ms. Mora said she called Citigroup several times and got automated messages telling her to call back later. She was hoping to get the pending charges canceled before they went through.
“We couldn’t reach anybody for such a long time,” she said. “We were trying every possible way.”
Ms. Mora messaged the bank through its app and tweeted at the company. She was refunded about 10 days after she first spotted the charges.
A Citigroup spokeswoman said the charges went through due to a combination of factors, including their low dollar amount. “We regret any inconvenience this may have caused,” she said.
Dark Web Merchants Sell Thousands of Stolen Credit Card Numbers
Cyble Research Team unveiled a new massive data dump of credit cards for sale on the dark web.
New research by cybersecurity firm, Cyble Research Team, revealed that on May 29, data for more than 80,000 credit cards were put up for sale on the dark web. The data from these cards appears to have been gathered from various countries around the world.
According to the announcement, the data leak involved credit card details from various countries, such as the United States (33K), France (14K), Australia (5K), United Kingdom (5K), Canada (2K), Singapore (1.2 K) and India (1.3K).
They include both Visa and Mastercard, according to the information collected by Cyble.
The price of each credit card, which includes the name of the cardholder, CVV code, and expiration date, is $5 per unit, paid in crypto. This price is regardless of each card’s value.
Billing Address Info Leaked In The Data Dump
According to the research, the country classification was unveiled due to the leak of billing information. This info included each card holder’s address, making it easier for the cybersecurity company to establish the country origins of each card.
It is not clear where the hackers stole the data from, but Cyble believes that it could have come from a phishing website or an online store that the hackers had managed to breach.
Cyble created a search engine so people could check whether their personal information was leaked on the dark web. In total, their database contains over 40 billion records.
Hackers Move To Sell Stolen Data On The Dark Web
The study comes after the cybersecurity firm identified and reported another massive data breach, which involved over 47.5 million Indian Truecaller records for sale on the dark web for only $ 1,000.
Cointelegraph reported on May 15 that anonymous hackers had taken the data of over 129 million Russian car owners and exposed it on the darknet in exchange for cryptocurrencies such as Bitcoin (BTC).
A group of hackers also breached the Ethereum.org forum and allegedly put the database for the three most-popular crypto hard wallets up for sale.
Fraudsters Are Switching From Credit Cards To Bitcoin, Says Consumer Protection Company
Scammers are taking advantage of one of Bitcoin’s strengths, as once lauded by Satoshi Nakamoto.
Fraudsters are taking advantage of the irreversible nature of crypto transactions, says MyChargeBack’s vice president of global operations, Michael Cohen. When Bitcoin (BTC) was first envisioned, one of its selling points was the fact that it was offering better protection to retailers than credit cards.
In one of his earliest emails — from November 10, 2008, Satoshi Nakamoto parried a complaint from an early adopter James A. Donald, who lamented the fact that Bitcoin transactions are not instantaneously final:
“Instantant non-repudiability is not a feature, but it’s still much faster than existing systems. Paper cheques can bounce up to a week or two later. Credit card transactions can be contested up to 60 to 180 days later. Bitcoin transactions can be sufficiently irreversible in an hour or two.”
According to Cohen, in some cases, credit card chargebacks are possible 18 months after the transaction date. There are two classifications of credit card chargebacks: unauthorized use (when a criminal gains access to one’s credit card) and authorized (where a cardholder authorized the transaction but is not satisfied with the outcome).
Cohen said that when it comes to crypto, consumers may have a chance of recovering funds only in the case of unauthorized transactions, as credit companies like MasterCard and Visa exclude certain industries like crypto and gambling from the second category. Cohen opined that the ubiquity of scammers who use crypto as a tool hampers mass adoption:
“Unfortutenley, it’s a very nice tool for a scammer to have as a means to collect funds. I think it serves in the disinterest of those who are looking to promote the general and universal usage of crypto. I think it is at this point. It is somewhat of a stumbling block because of all of the people who are getting scammed. I mean, they’re not going to be the ones who are going to be promoting the usage.”
Cohen said that one of the most typical tropes of scammers involves them offering some product or service (the most common tend to be related to forex trading) to an unsuspecting customer. Then at the last moment, the scammer convinces the unsuspecting victim to pay for the service or fund their supposed-account using cryptocurrency. According to Cohen, not all is lost for the victims, however; there may be potential avenues for redress.
Cohen’s company helps the victims identify scammers by tracing their movements on the blockchain. Typically this leads to a crypto exchange where the criminals deposit the proceeds of their crimes before cashing out. Cohen said that many crypto exchanges have been receptive and are truly eager to stamp out users who engage their services for nefarious purposes.
Recently, two offices of the U.S. Department of the Treasury have issued advisories to the crypto companies, primarily exchanges, about processing malware attack payouts. A few days later, the U.S. government went after BitMex and its founder for operating an unregistered trading platform. As crypto regulation tightens around the world, it appears that cashing out of ill-gotten proceeds could become increasingly more difficult for the criminals.
Borrower, Beware: Credit-Card Fraud,Borrower, Beware: Credit-Card Fraud,Borrower, Beware: Credit-Card Fraud,Borrower, Beware: Credit-Card Fraud,Borrower, Beware: Credit-Card Fraud,Borrower, Beware: Credit-Card Fraud,Borrower, Beware: Credit-Card Fraud,Borrower, Beware: Credit-Card Fraud,