Oh not again - Credit card cloned.

  jack 14:32 18 Jan 2008

Just over a year ago [Nov 2006] I was telephoned by my bank security asking if I had placed an order with an Irish Mail order firm for £500 twice.
No I said
We guessed not they said - we stopped the second one and killed the card we will send another in due course.
In this place we discussed how it is a card could be cloned and how it was a firm would accept an order for a large sum to be delivered to a different address without some form of check back.

Move to Saturday 8am 12 Jan 2008
Telephone call
Same Bank security
This is you is it asked the bank
yup I sez
confirm it please by answering your secret data[not the pin]
So you could not possibly have withdrawn 300 ***
in cash 5 times and one for 2000** in 3 different locations in Morocco in the last 5 days
No Way- I say - I never use my card for cash - ever.
Never been to Morocco
We thought not said they - the card is stopped we send you another.

Now- In each case the last purchase was for petrol at a local nationwide chain-
Mentioned this ans the lady .She responded in a in a tone of voice indicating this would be the source of the cloning.

So I fan figure that a villain can put a gadget on a card reader say to collect data- so transcribe later to make a card for nefarious purposes
But to get cash he would need a PIN.
The PIN is encrypted into the card and as it is punched to the reader it simply compares one with to-other and OK's it so in my imagination there can be no data leak there -or can there?
Could some one be parked nearby with a wireless enabled lappie picking up all card data from the garage.
Is that possible?
Hence forth I shall be paying for my fuel in cash.

  johndrew 14:41 18 Jan 2008

Correct me if I`m wrong, but wasn`t there a bit of kit shown on TV fairly recently that will read your PIN and transmit it at the same time as cloning the details of your card? Or was it the card details that were cloned and the PIN input observed?

Either way, some businesses are now wanting both the PIN input and a signature to confirm validity. So much for progress!!!

  SANTOS7 14:43 18 Jan 2008

Nothing to stop these people having hidden cameras on the keypad you enter your pin into...

I was in an Argos store last year just happening to watch a work colleague of mine at the till to pay, from where i was standing i could clearly se exactly what digits where pressed to validate the card.
I approached him the next day and i asked him if these four numbers mean anything to him, NO he said at first then i reminded him what they where, shocked is not the word...

It shows you how easy it is to gain this info, scares me!!!!

click here

look under skimming to see how easy it can be....

  bstb3 14:46 18 Jan 2008

From what I have heard about such scams, its either the card reader that is 'modified' to retain or transmit PIN numbers to a third party, or as simple as a hidden camera above the reader keypad (in the ceiling somewhere).

The second option is easily defeated, but the first you would have no chance of spotting unless the implementation was very clumsy.

  dukeboxhero 14:51 18 Jan 2008

im always amazed at how many times i am behind a que at petrol stations and the person in front punches in there number and i can see it clearly

  interzone55 14:51 18 Jan 2008

Some university types proved that you could compromise a chip and pin machine so that it would remember everything entered.

click here

If someone was to swap the machine in your local garage with one of the compromised ones then they would be able to suck up your card details.

Would the name of your petrol station have a sea related theme?

There is a rumour around my area that one of their garages is the source of a lot of cloned cards.

click here

  Kemistri 15:05 18 Jan 2008

Petrol stations do seem to be hotspots for this, though it could easily happen almost anywhere. A while back, I became aware of an investigation into a petrol station in my town, where this exact same activity was believed to be taking place. Thankfully, it wasn't my regular choice of garage.

I use cash most of the time and I never use a debit card. If I use plastic, it's a credit card -- if the worst happens, at least it's a bit easier to sort out and your current account remains untouched.

  rossgolf 15:54 18 Jan 2008

if anyone watches a show called the real hustle then on one of the episodes it actually shows how this is done....

  Forum Editor 20:00 18 Jan 2008

so we'll have no references to the names and/or locations of any filling stations please - whether or not attempts are made to disguise the information with schoolboy latin.

  Forum Editor 20:05 18 Jan 2008

with a wireless enabled lappie picking up all card data from the garage?"

Someone could park with a wireless laptop, yes, but it wouldn't do them any good. The data that goes via the filling station's card terminal is encrypted, and it goes down a dedicated line to the card authorisation servers - nothing is going to be picked up by a crim with a laptop.

  Al94 20:11 18 Jan 2008

There was much coverage of this last year click here

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

The Evil Within 2 review-in-progress

InVision Studio takes on Adobe XD and Sketch

Camera tips to take better iPhone photos

Comment transformer un iPhone en borne Wi-Fi ?