New debit-card fraud modality

punto de venta2A new fraud modality is gaining popularity in some business establishments of Caracas. A “trick” with POS terminals is the key of this swindle in which customers see double charges in their accounts. Learn about it step by step:

  1. Users pay their purchases with their debit card as usual. After entering their pin, the receipt comes out blank.
  2. The cashier says they made a mistake by installing the paper roll on the wrong side and guarantees the customer that due to the technical defect the money was not debited from their accounts. They then urge the customer to swipe their card a second time to they can pay for their purchase.
  3. Customers agree to swipe the card one more time. At this point, the cashier uses a different POS that “isn’t damaged” to carry out the operation.
  4. Customers swipe their cards and the transaction goes through.

The detail

Although there’s no receipt for the first transaction, the terminal’s screen indicates whether it was “approved” or “rejected.” In this scam, the money is taken from the account twice, once in the “damaged” POS and once in the one working fine.

The “trick” of using two different POS terminals is critical at the time of a complaint.

What to do?

  1. Keep sight of your card and be aware of the operation of POS terminals.
  2. If an irregular situation arises and you’re required to use your card a second time, make sure you’re making the transaction on the same POS terminal.
  3. You may ask for a transaction report from the POS terminal in which you made your transaction. This report indicates all transactions that went through so far in the day and indicate the amount, card number (first four and last four digits), approval numbers and time. If different POS terminals were used, checking this information is more complex.
  4. Contact your bank to verify whether the transaction went through.

Source: El Diario de Caracas

Android keeps getting popular among cybercriminals

AndroidAndroid keeps getting stronger in the market: currently, 81% of devices have this operating system installed. In the Trends 2014 reports: the challenge of Internet privacy, developed by ESET (a computer safety firm) in November, 2013, showed the increasing number of attacks against the platform, as comparing single detections in 2012 and 2013, it is possible to device a 63% increase worldwide.

Moreover, last year, ESET researchers identified new Android threats that were previously known for Windows and other non-mobile platforms: DropperTrojan, ClickerTrojan and Bank Trojan. Also, in 2013, the company released a research paper on Hesperbot, an advanced bank trojan. Part of this malware’s model was based on violating apps for Android, Symbian and Blackberry OS and thus avoiding the multifactor authentication they use when they sign into some banks.

Here are a few tips for users to stay clear of these threats:

  • Only install applications from the official app store. Using genuine software from official sources and repositories helps minimize the possibility of becoming a victim of malware code.
  • Implement an integral security solution. It must be able to proactively detect malware, screen unwanted messages, checking your phone’s right settings and offering the possibility to remotely erase all the information stored in case of robbery or loss.
  • Update your smartphone’s operating system and applications. As with computers, updating the operating system and programs is necessary to obtain security updates and new functionalities.

Source: Alta Densidad

Secure your bank accounts and avoid electronic robbery

rrobo electronico2When it comes to banking, technology has been used several ways, especially with transactions, transfers or opening accounts. Things are easier now.

The comfort of being able to check or transfer funds from your home or office using a Tablet, a smartphone or a computer has been very useful for many people, but has also brought new risks of identity theft and high-scale robberies.

There’s a large variety of “channels” to become victims of this kind of robbery, with two of the most frequent being “social engineering” (being deceived by people devoted to extracting information from someone in particular), and “employee fraud,” where employees take clients’ information and use for their own benefit.

For Helcio Beninatto, expert in the subject, the two most widely used examples of “electronic robbery” are:

  • Man in the middle: “The attacker uses a program to “trick” the server pretending to be the client, and tricks the client as well by simulating to be the server. This type of program can be used to obtain a client’s access credentials or to allow the attacker to modify the message before sending it, allowing him/her to steal funds.”
  • Man in the browser. “A variation of the man in the middle in which malware intervenes between the user and the browser to modify the transaction information”.

Ways to prevent electronic robbery

One of the best ways to prevent this type of event is by getting effectively informed on how not to risk your bank account information, contact numbers, funds or transactions.

Another way is to avoid overexposing your account passwords; attackers often pose as your bank. In these cases it’s best to call your bank to verify the call you just received.

As the owner or manager of a company working with clients required to provide banking information, you should establish strict policies with your employees, trying as much as possible to keep them from having contact with the customers’ database.

Source: Banca & Negocios

New anti-fraud platform to protect online transactions in PCs and mobile devices

antifraude electronicoKaspersky Lab, the largest endpoint protection firm, recently presented its latest platform Kaspersky Fraud Prevention during the Mobile World Congress 2014 in Barcelona, Spain. Designed to protect electronic payments made from computers and mobile devices, the solution is targeted at financial institution and e-commerce companies.

According to a study carried out by B2B International and Kaspersky Lab, 98% of consumers use online banking or online shopping services, and 38% do it on their mobile devices. The global penetration of electronic payments has made electronic money robbery a profitable business for criminals. The same study revealed that over the last 12 months of 2013, 62% of users had found cyber-threats that had targeted their accounts.

Current techniques (temporary passwords, SMS confirmations, tokens, single-use password generators) used by Banks and e-payment systems to protect their clients become obsolete quite rapidly. This is the reason why the market needs innovating solutions to ensure safe transactions.

The new platform Kaspersky Fraud Prevention incorporates tools capable of protecting online transactions in several devices, server solutions for the detection of fraud operations during the e-payment process, and a set of additional services.

Kaspersky Fraud Prevention’s client applications work on devices running on Microsoft Windows and Apple OS X, as well as Google Android and mobile devices based on Apple’s iOS. These applications, encompassed under the global name Kaspersky Fraud Prevention for Endpoints, are designed to protect users’ devices from financial cyber-threats aimed at specific operating systems.

Source: Kaspersky Lab

Safety recommendations for using credit and debit cards

credit_cardA recent study conducted in Venezuela about the tendencies regarding credit and debit cards fraud after the inclusion of electronic chips, showed a 60.53% decrease of such crimes for credit cards, while for debit cards it showed was a decrease of 61.30%.

Said study conducted to 1,547 Venezuelan users of both credit and debit cards, determined that in the year 2009, 36% of users had cards that were cloned, while in 2010 said percentage decreased to 22.3%; in the year 2012 it decreased to 7.40%.

Even though this type of fraud has decreased, there have been reports regarding such crimes due to the lack of caution or care from users. It is important to be cautious and to bring attention to the security in order to prevent becoming a victim of criminals. Applying any of the preventive measures expressed below, can save your finances from being taken away by delinquents. Many of those measures are more related to common sense, others are warnings to be considered when making a transaction, whether at ATMs, restaurants or commercial shops.

Some the foregoing measures are as follows:

Be careful with your pin code

  • Cover the keyboard when typing the numbers.
  • Never let anyone know your pin code.
  • Do not write or record your pin code in your cell phone or in pieces of paper thrown inside your bag.
  • Change your pin code periodically.
  • Any time you get a new card, sign it at the moment of reception, check frequently that the card actually belongs to you (sometimes cards are switched in some stores).
  • Never use the same pin code for different products like savings and checking accounts, credit cards, or means of transaction such as audio, Internet, and ATMs.
  • Never loose sight of your credit card
  • Never give your card to strangers.
  • Never allow your card to be slid through devices different than the ones set for such purpose like ATMs and points of sales.
  • Always check that your card is slid in front of you and only one time (do not loose sight of it, especially in bars and restaurants).
  • Always cancel your card in case of theft, loss or if it has been retained by an ATM.

Use a safe network for Internet transactions

  • Do not use your card’s data through public networks (Internet cafes).
  • Always type your bank’s web site address.
  • Always search for the safe log out in the official web sites of your bank.

At the ATMs

  • Use ATMs that you are familiar with or use ATMs located under very good lighting and safe places.
  • Take a good look of the surroundings of the ATM and do not use it if you notice people that might look suspicious.
  • Do not open your wallet or purse while waiting on the ATM’s queue.
  • Be ready with your card at hand when approaching the ATM.
  • Check if there are any strange objects in the openings or keyboard of the ATM.
  • Avoid being helped by strangers.
  • Do not follow the instructions located next to the ATM that order you to type your card’s pin code more than once.
  • Follow only the instructions that appear on the ATM’s screen.
  • Do not type your pin code until requested by the ATM.
  • If you think the ATM does not work, press the ‘Cancel’ key, take your card, and find another one.
  • Never force your card in the card slot of the ATM.
  • If your card gets stuck, is retained, gets lost or someone cuts you out at the ATM, report it immediately to your bank or to the police.
  • Always make sure that you have completed the transactions by pressing the CANCEL key before leaving the ATM.
  • Do not rush while doing the transactions and put your card and cash carefully inside your wallet or purse before leaving the ATM.
  • Always wait until the ATM indicates that the transaction has been completed.
  • Check your account balance, as well as statements often, and report any discrepancies immediately to the bank.

At the bank office

  • Identify all the workers of the bank.
  • Deliver you money only at the cashier’s window.
  • If you notice anything irregular inside the bank, let one of the workers duly identified know immediately.
  • If you withdraw cash, avoid counting it in front of other people and put it on a safe place.

After leaving the bank or ATM

  • Avoid walking long distances by foot or window shopping for a long time or speak in the street.
  • If you have to make transactions with large sums of money, ask someone you trust to go with you. However, always use the electronic banking platforms.

On Internet

  • Make your personal transactions using personal equipment. Do not use Internet cafes, system halls or public sites.
  • Always type the name of your banking institution directly on your browser (www.nameofthebank’swebpage.com).
  • Never log in through a link written on an email, even though the email comes from someone you know. Do not believe any messages that suggests you to log into your account or to give card information. This is known as ‘phishing’, an illegal and fraudulent practice in which the delinquents design web pages similar to the ones of the banking institutions in order to steal your pin codes and then steal the money in the account.
  • Any time that you access a web page to make a transaction regarding your account, check that the web address shown on the upper side of the page starts with “https://” instead of “http://”, and that the browser shows the symbol of a locked lock on the lower side of the page.
  • Avoid using templates included in emails requesting your financial information.

Prevent theft or identity theft

  • Always check the state of your accounts to identify any potential balance in red.
  • Report the loss or theft of your identification documents to the police.
  • Do not deliver personal or commercial information through phone surveys or other means.

Keys for Internet shopping with minimum risks

comprasShopping through the Internet is more and more frequent. It is also more comfortable and it can save a lot of money to the buyer, but it can also generate frauds, frustrations and scams.

Commercial transactions through the Web comprise a growing number of items and are becoming a very frequent option among shoppers. At the same time, many stores and businesses now offer their products and catalogues “online”.

According to a study made by IBM in 2011 among 28,000 consumers of 15 countries, 86% of consumers would like to use Internet, their TVs and mobile phones to shop while eight out of ten people believe that the social networks will allow time saving when shopping.

Said analysis have made it clear that the percentage of consumers that want to use the technologies to either shop or perform research about products and services is growing, at least six points since the last time the study was performed in 2010.

Such increase in the interest people have in e-commerce have been verified among consumers with ages ranging from 15 and 60+, which have participated in said studies.

However, with the growing demand for products and transaction volumes through the Internet, there is also a growth in the risks consumers are exposed when buying, if they don’t take the right security measures.

According to Javier Echaleku, founder and director of the e-commerce consulting firm Kuombo, located in California, U.S.A., consumers are very intelligent and analyze the different options available in order to buy where information, security and customer service allow for a safe and profitable experience.

However, to buy safely, Echaleku advises not to buy on Web sites that don’t offer tranquility, in which the buyer is not treated as deserved or in which they are not able to explicitly get warranties offered by the seller, such as returns or trial periods. Besides, according to this expert, there should always be clear how much the client will pay for the product’ shipping and handling directly to his/her home or business. Also, there should be a phone number easily identifiable in order to keep up –to-date with regards to the status of the product and the seals guaranteeing a safe transaction.

The Norton Club from Symantec (a company specialized on Web security) suggests that the consumer should learn about the reputation virtual stores have (just like you do with physical stores) before making an order or payment transaction.

It is also recommended to read the terms and conditions of agreements, print and store them; pay special attention to the return policy of the store and the fees for replacement when returns are made.

Safety recommendations to help you safeguard your money

fraude-tarjetas-creditoG4S Venezuela dedicates this section to offer some suggestions regarding preventive safety to help you carry out your financial transactions safely:

Use of ATMs

  • Keep your password confidential.
  • Sign your ATM cards the moment you get them.
  • Avoid writing your PIN number; if you do, make sure no one is looking.
  • Block strangers’ sight when dialing your PIN.
  • Refuse any help offered by strangers during your transaction.
  • If a problem with your card arise, go to the nearest bank office as soon as possible.
  • Save all receipts printed by the ATM.
  • Disregard informal or unidentified signs indicating telephone numbers or addresses to place claims, only the bank issuing your card is authorized to handle your claims.
  • Press CANCELL when you finish any operation, regardless of whether it was successful or not.
  • Keep your card in a safe place and change your password frequently, avoid using repeated digits or numbers matching your personal address, date of birth or phone number.

Use of Electronics POS

  • Make sure your debit or credit card is swiped through a bank’s electronic point of sale and not a different device.
  • Ask for your receipt when the operation has been completed, regardless of whether it was successful or not.
  • Keep your receipt for a considerable amount of time so you can compare with your bank statement.
  • During the transaction, don’t loose sight of your card, once the operation is complete, check it and make sure it is your purchase.

Use of Internet Banking

  • Make safe transactions by logging-in in reliable computers; avoid public access centers to carry out financial operations.
  • Enter the internet portal through your bank’s website, under no circumstance access through links in emails or external websites.
  • Make sure you sign-out once you have finished your electronic banking transaction.
  • Check your bank accounts on a regular basis, if you find something suspicious, report it immediately to your bank’s customer service or visit your nearest bank office.
  • Always keep your computer’s antivirus and web browser updated.
  • Disregard any requests sent via email. Your bank will never send an email asking you to update or check your personal or account information.

Use of Email

  • Never answer emails asking you for financial information or personal data, even if it looks official.
  • Keep your email private, avoid displaying it in public places such as websites, social networks, etc. Otherwise, you are inviting spam into your inbox and making room for new phishing techniques.
  • Emails are not private, they can be intercepted while sent. Be aware of your emails’ contents.
  • Contact your card’s bank as soon as possible to report suspicious emails.

Use of Debit and Credit cards

  • Make sure the safety envelope has not been opened when you get your cards, and check whether it meets the protection measures indicated therein.
  • Sign the back of your cards immediately with blue or black ink.
  • Constantly check your bank statements. Report any irregularities to your bank immediately.
  • Memorize your PIN numbers. Avoid writing them in organizers, papers or on the card itself.