Kapital.kz business portal found out the scheme scammers use when withdrawing money from the card. Last week scammers cashed out the funds from a payment card of KKB of an employee of “Capital” Publishing House. A fact of fraud was confirmed in the bank. Kapital.kz Business Portal has found out the schemes used by scammers and how to safe cash on a card-account.
For example, when skimming scammers copy the magnetic stripe of a card and PIN- code using special device installed on the ATM. “After copying the data, they make a duplicate card, then, the funds are cashed. Typically, skimming and other similar types of fraud are used by international criminal groups with participation of citizens of different countries. In some countries we can observe data theft from cards, in other countries one manufactures and sells duplicate cards. As a rule, holders compromise their cards during trips abroad. Several years ago, a foreigner was caught, who arrived in Kazakhstan with lots of fake cards for cashing. The cards were made based on data stolen in European countries. He was arrested and a few days later he was sentenced to five years,” Kazkommertsbank commented.
To protect against skimming, banks started issuing chip cards of EMV standard. “Kazkom also produces maps of such a standard. Chip compared to the magnetic strip is protected from reading. The global problem is that not all banks in the world produce chip cards, continuing issue the cards with magnetic stripe only according to the technology of 60th years of the last century. To protect the ATM skimming, ATM of Kazkom is equipped with special anti-skimming devices – card readers and bumpers for the keyboard”, the bank said.
Scammers are constantly inventing new ways of cashing the cards with strangers. Besides, Kazakhstan people still prefer to cash funds credited in the card. In October 2013, the volume of cash withdrawal transactions was 2.9 times higher than the number of transactions on non-cash payments. In October this year 13.6 million of cash withdrawal transactions was carried. The number of transactions on non-cash payments amounted to only 4.6 million. In October 2012, the gap between these rates was much higher. The number of transactions carried out cashless was 3.3 times less than the number of cash transactions. In addition, over 86 % of cards turnover is cash withdrawal transactions.
There is another way that can benefit scammers – phishing. In this case, the scammers get the data directly from the user, using his carelessness. “As a rule they used to substitute genuine site with the fake one. The card holder opens a site, enters payment card data, secret codes, passwords, and then it turns out that it is a fake. Phishing is a relatively new type of fraud in Kazakhstan”, Kazkom stressed.
So, at the end of September 2013 officers of technical protection of information of Kazkom discovered a new fraudulent site mobile500.kz, by which scammers collected cardholders’ data through Kazakhstan. “The site was disguised as an aggregator for accepting payments for mobile services. After selecting a mobile operator and populate data about the phone number and amount of the payment, the card holder got a page that imitated Kazkom payment server and offered to enter payment card data. If we carefully read the address bar, we can find that email is written incorrectly and not a payment page and served to collect cardholder data. The mobile500.kz site is currently blocked by hosting company. Also, the bank has submitted an application to the Ministry of Internal Affairs to investigate the facts”, in Kazkom noted.
Therefore, to protect against phishing, one should not conduct payment transactions on unknown sites and carefully read the address bar on the payment page. If the site address or ending of its domain is different from the original address of the portal, at least one symbol, this site is not authentic.
Also, it is recommended by Kazkom that 3DSecure should be installed on cards. This special greeting is known only to a card holder.
At the same time, as it is stressed in the bank, the fraud occurs mainly due to the fault of a card holder.
This type of fraud also has a name – Friendly fraud. In this case, the fraudulent transactions are conducted by persons of inner environment of a card holder, who could seize card or know its details.
“It is not uncommon when on the an ATM video surveillance withdrawn from, a victim card holder can see a close relative, a friend or a colleague, ” Kazkommertsbank reports. So, in any case persons should not tell anyone a password of a card.
If scammers have withdrawn funds from a card, who will return the stolen money? Whether the bank is obliged to compensate for damage? “Everything depends on the situation. Each case shall be subject to an official investigation. If scammers seized a payment card or its details due to the fault of a card holder, in accordance with the terms of the service contract for a payment card, money shall not be returned. If a card holder is a victim of skimming, a bank shall apply to the international payment system for dispute on refund. In this situation, funds shall be returned within a period of 45 to 60 days “, Kazkommertsbank reported.
Source: Kapital.kz Business Portal
