Credit card users (businesses and individuals) need to acknowledge that not all threats are even when it comes to credit card theft. While the theft of credit cards is nothing new, the way in which the data is stolen has evolved over the past decade. One technique used by adversaries is credit card cloning, normally referred to as skimming.
The process involves the victim running their credit cards through a scanning device, and then hackers, who have already infiltrated the device, use the information to make illegal copies of credit cards, thereby gaining access to the victim’s accounts.
The scheme often requires a recruit willing to participate in the scheme. The criminal gives a pocket size device to the recruited individual featuring a scanning slot, something that looks like a pager. They are told to swipe credit cards of customers through the device; the process takes just a few seconds.
Customers swipe credit cards through the device and the magnetic strip holds the information and stores it in the memory, from where it can be transferred to a counterfeit card with security holograms. Criminal forums and underground markets have a number of sellers offering products and services to streamline and facilitate this credit card data theft practice.
Credit cards rely on track 1 and track 2, while track 3 remains blank. The main tracks store the name of the cardholder, the primary account number, the brand of the credit card, the expiry date and other values to verify card legitimacy. Because the data is stored in the temporary RAM, thieves are able to take out sets of information without the hassle of rigging up card cloning devices.
Credit card thieves are particularly interested in the following to succeed with credit card cloning:
- CVV: These contain bits of sensitive data that allow adversaries to cash out the stolen data through online purchases. They conduct transactions consisting of small amounts to undergo less scrutiny and avoid investigation from the merchant or card issuer.
- DUMPs: This is the raw data on the magnetic strip of a credit card, and is obtained by skimming or via a memory-scraping POS malware. DUMPs play an essential role in credit card cloning and are sold on the black market at prices higher than CVV because of the bigger payout.
- FULLZ: Important for stealing cardholder’s identity. It enables crooks to perform bank transactions that asks users for financial information to authenticate the account. Outdated FULLZ can be used to open bank accounts or order new credit cards on behalf of the card owner.
Employees working on POS devices are the ideal recruits for criminals and POS devices themselves also serve as privileged targets; these systems do not act as dedicated servers and therefore may be poorly protected.
What is the solution to credit card cloning threat?
Credit card cloning is difficult to detect and results in huge losses each year; as a result, it is vital that victims report suspicious activities to law enforcement agencies and stay informed on the advancements of credit card thefts.
Another solution is smart chip credit card. Smart chips refer to microchips in credit cards that keep the information in the magnetic strip protected by encrypting it. As the microchip can’t be deleted, skimmers scanning cards through cloning devices will only be able to get encrypted information, which is a hassle for them to break down.
For merchants, point-of-sales data theft feeds is an option as they provide immediate notifications of credit card cloning via POS terminals as well as Track 2 data along with the databases being extracted. The information is collected via raw data interception, making sure that any recruited malicious insiders are not able to escape if they use infected POS terminals.