How hackers rob banks

October 25, 2020 Sophia 0 Comments

Remember those epic robbery movies? Where tough guys come up with an ingenious plan, change their looks more often than models in shows, use incredible (unrealizable) psychological tricks and risk their skin in pursuit of profit. I think you remember. It’s hard to imagine such robbers these days. Major economic crimes take place in the digital field. Today the robber is not a psychology genius or a builder who knows where to start digging. Today, a robber is a hacker who knows all the intricacies of the banking sector.

Carding

One of the most common types of “technological” fraud is bank card fraud. It is not surprising, because today almost everyone pays with cards everywhere. But are such payments safe?

There are many different types of attacks that payment systems and banks have to deal with on a daily basis:

Payments without 3-D Secure

Most cases of fraud are related to online payments using the card-not-present scheme (the transaction requires only data written on the card and easily obtained on shadow markets). To combat such schemes, 3-D Secure was invented – an additional authorization scheme that uses three domain entities: the domain of the online store, the domain of the payment system and the domain of the acquiring bank. However, some large stores such as Amazon are not ready to work with 3-D Secure, which is good news for scammers.

Magnetic stripe cloning

Despite the fact that modern cards are equipped with a chip, magnetic stripe cloning is the second most popular type of fraud. The fact is that in many US stores, when paying with a smart card, you can conduct a transaction using a magnetic stripe. And if the terminal refuses to accept the magnetic stripe, there is a technical fallback scheme that works across America (both North and South) and Europe. Just insert a card with a non-existent chip into the terminal / ATM, and after three unsuccessful attempts, the terminal will offer to carry out the operation using the magnetic stripe. In Russia, terminals must not accept a magnetic stripe for payment if the card is equipped with a chip. However, in some stores you can find terminals that accept operations for technical fallback. And besides, no one prohibits cybercriminals from transferring data to Europe / America for further monetization.

Man is what he consumes. This statement in the modern world now applies not only to food. Man is alive thanks not only to his daily bread. Every day we consume gigabytes of information, in one day we process it as much as in the Middle Ages people did not receive in their entire life. We just woke up and immediately check e-mail notifications, while we have breakfast, scroll through the feed on VKontakte or any other social network, in our free time we watch videos on YouTube, etc. etc. By these actions, we not only consume, but also create information. Each of our steps on the Internet, any of our clicks, all movements from site to site are recorded and recorded. This is called the user’s social data. It is they who make up our virtual personality. And this personality of ours has its own price, for which they are willing to pay big money.