Credit/Debit cards fraud – The Nightmare – How does it happen

Now that the main reasons of why this is happening I will go through how does fraud happen? To answer that, please understand that there is no magic wand by which credit/debit card information can be obtained by anyone. Anyone preforming credit/debit card fraud must have your card’s data by using one of the below 3 main methods.

  • Method 1: A leak from inside the entity issuing the card
  • Method 2: A leak from your computer/tablet/phone
  • Method 3: A leak from you personally

There are other methods but they are very rare in UAE due to the presence of CCTV cameras nearly in every corner. So tampering with an ATM, for example, is just unheard of in UAE. To be a victim of credit/debit cards fraud then mainly one of the above mentioned must happen.

Method 1 : A leak from inside the entity issuing the card

In method 1, to be fair, a leak from inside the financial entity issuing the card is very difficult but not impossible. People do not know that though the bank’s call center staff can see their security questions and their answers, they can’t see several other sensitive date. Those with access to all other details of credit/debit card sensitive information (PIN, CVV,….) are very few. Such leaks are very rare because the identity of the leaker will be found out easily in a very short time.

Most leaks are a result of either the 2nd or 3rd methods on which I will go into details below.

Method 2 : A leak from your computer/tablet/phone

In method 2, some kind of software (aka trojan horse) gets installed on your device and it is later used to transmit your keyboard actions to whoever is controlling it. These kinds of software depend on you using either pirated OS or application or has misconfigured some of the security settings on the device. They depend on fooling you enough to accept and open something simple as a word document or a PDF file or a to open a link. If the device in question is secured, then these attempts will result in many warning messages and popups alerting you that something is trying to change some settings on your device which should be enough for you to take action and stop it.

This method however is where the vast majority of leaks take place in UAE mainly because a lot of people buy and use 2nd hand phones/tablets which could have been previously hacked. The same applies to computers using pirated OS and/or applications or if the security settings on your device are turned off. In addition, very few invest in securing their devices further by using powerful antiviruses and not the free ones which offers basic levels of protection.

Method 3 : A leak from you personally

Method 3 describes itself. It is a leak from you personally. It happens when people ignore common sense. For example, people handing over their credit/debit cards along with PINs to others in order to process their payments. An example of this is when people hand over gas station workers their cards and provide them with the PIN to pay on their behalf. Another example would be when people hand over their cards to their kids and give them the PIN numbers! A child has no grasp of the dangers surrounding that plastic card and can be fooled much easier than you.