Debit card thieves get around PIN obstacle (Biggest Scam to Date)

http://www.msnbc.msn.com/id/11731365/

With consumers around the country reporting mysterious fraudulent account withdrawals, and multiple banks announcing problems with stolen account information, it appears thieves have unleashed a powerful new way to steal money from cash machines.

Criminals have stolen bank account data from a third-party company, several banks have said, and then used the data to steal money from related accounts using counterfeit cards at ATM machines.

The central question surrounding the new wave of crime is this: How did the thieves managed to foil the PIN code system designed to fend off such crimes? Investigators are considering the possibility that criminals have stolen PIN codes from a retailer, MSNBC has learned.

The incident calls into question the security of the four-digit code that for years has made PIN-based transactions less subject to fraud than signature-based credit card transactions.

"This is the absolute worst hack that has happened, the biggest scam to date," said Gartner analyst Avivah Litan.

...is the main reason I rarely, if ever, use my debit card to pay for stuff. Credit cards are safer, and as the article says, one is liable only for the first $50 (if at all) in charges.

Thanks for the warning!

The same rules apply.

Credit cards are actually much more dangerous. I.e, you can spend more than you have.

They just function as credit cards. This is the part that really makes them dangerous. You steal one, then start charging a bunch of stuff. Those automated card acceptors that you swipe give you a choice between putting in a pin, or treating the card as an ordinary credit card (and avoiding ATM fees). If you choose the latter, you sign the pad, and your signature usually comes out looking like something scrawled by an arthritic drunk, so the clerk lets it go if it even kinda, sorta resembles the signature on the back of the card. Thus, your bank balance is drained up until the point when you discover the card is missing and call the bank to put a hold on the card, and you usually have to eat the charges, unlike with credit cards.

Clark Howard's solution: Use an ordinary credit card where you have the need to use one (like at Amazon.com), and pay the balance in full each month.

My bank covers my debit card the same way VISA, MC et al cover credit cards. They even have the same rules concerning notification & reasonable efforts, etc. I've been told that TX law requires this, and that TX law doesn't, so you ought to check with your bank.

:)

From now on it's greenbacks in hand to buy things, including groceries.

and so will the IRS, especially if you are not a Registered kool aid drinker.

Yes...I budget for $150 per two weeks for groceries (just me to feed). The checkers at the register will be pushing that hidden alert button under the counter, and the store video tapes will be reviewed and altered to show I, the red-headed grandma retired teacher, definitely fit the terra profile.

Oh my! I am sooooo fucked now :rofl:

the time for about 6 months now. From now on it will be all the time.My bank recently urged us to use the card method instead of debit. I would have to sign when I use the card method. Their incentive is to credit us with a measly few bucks a month for using the card method. Guess it gives them 24 hrs more use of our money.

Ashley Judd is on my 187-dollar bill
.

Like this could ever actually happen! Next thing you know they'll be reporting on other far-fetched computer crimes, like
election fraud.

Everyone KNOWS that's impossible, right??!??:sarcasm::sarcasm::sarcasm:

Never going to happen, especially with the current residents, who (as we all know) are adults and totally responsible for themselves.

snooping on Americans without warrents?

But no one in the NSA would ever betray the trust given them by the American people. The enormous technical capabilities of the NSA would be a grave threat to democracy, so everyone in that agency understands the seriousness of their responsibility. I'm grateful that the NSA is there to protect us from our enemies or potential adversaries.

why don't they catch those identity theft guys?

I mean if they are going to do illegal shit anyway, why not do some good?

... right?

But I will bet anything that the rank-and-file NSA personnel are just as upset by the news that the NSA has been used in warrentless monitoring of Americans' communication, as the rest of us are. They hire lots of PhD mathematicians, people who like college professors tend to be idealistic. My impression is that the NSA has a lot of institutional pride, and breaking the rules probably doesn't set very well with them.

We've only heard about the "one program authorized by the President" as repeated over and over by Gonzo while not under oath (and clarified in a 10 page letter afterwards)

NSA folks would know about alot more of the capabilities - depending on their job and clearance level.

the 'compromised' third-party is the NSA. I bet the forced all the banks to turn over all data including PIN numbers.

to the US Constitution.

Well, maybe not on the wording, but on the actual thing, right?

for Gov Perry in the rethug primary, but only 28,000 people voted. Minor mistake that no one noticed, until the company said that they mis named some files, never mind what we reported last night, here are the real numbers, that also can not be verified by any possible method.

Can we sue the Texas Secretary of State, for fraud or false advertising, who keeps propagandizing on television that voting in Texas is now easier and more =secure= than ever before? What a blatant lie!

If ANY retailer is actually storing those codes, they need to have their asses sued off. There is no reason for them to retain those codes.

Why the hell would THEY need to store the codes???

More than likely somebody hacked into a store system somewhere, and downloaded the PINs to a memory stick or some such like. And if the retailer is one of those ultra high tech places, all the hacker would have to do is have a receiver and can catch them right out of the air.

.... Madhound. Peace :hi:

As always, Peace:hi:

wave your card in front of the scanner?

Those scare the hell out of me.

Just swipe your card. I think the dollar amount is even higher at local discount store.

Why the hell would anyone want to use those things? :shrug:

From the MasterCard web site:

Built-in technology
The MasterCard PayPass card has built-in chip and antenna technology, as well as a standard magnetic stripe. The card and specially equipped PayPass terminals communicate payment card details using very short range radio waves.


How long before someone manages to get their hands on a receiver that allows them to "catch" those radio waves? :eyes:

Feb 28th...I had used it the night before at a restaurant, Target and then Walmart and the next day, poof, no longer valid. My bank was not very helpful, I found out more from another customer who was standing next to me than I did from the teller.
The teller finally said that the card shut down was so massive that they had to bring in 2 separate group of workers, one group to cancel the cards and a second to re-issue. They got 4,000 calls in one morning from confused customers. They just kept saying to us that a "merchant" we had all used lost our data and there was a fear of fraud. I figured for so many people to be involved that it had to be a large financial group involved and not some local store.

It worked fine one night, then the next day, poof.

Bank had to reissue cards.

According to my Visa rep (I have a machine that I use for a non-profit fundraiser), skimming is a big problem. A thief approaches a waiter/waitress and asks them to wear a small device on their belt. When the waiter takes your card away to be swiped when you settle up the bill, he/she can swipe it through the device on their belt on the way to the restaurant's machine. The thief pays the waiter/waitress $100 for every card they swipe. It can take the bank several days to catch on, and even then there isn't a quick way to trace it back to a particular person, since the device is mobile.

they don't encrypt it first.

Remember when FedEx "lost" the tapes full of financial data for government employees and members of Congress right before the 2004 elections?

wadayawanna bet? bush just fucked up again.

Need I say more?

They certainly have loose morals when it comes to elections.

:kick:

Are the only people being scammed the same ones that did not vote for Bush? ;)

Security wonder if a this was outsourced your pin data possible!!!

I still use my debit card as a credit whenever possible because of it. They somehow manage to capture the swipe and PIN number. Five or six withdrawals later from ATMs at a couple of convenience stores, along with a couple of tanks of gas and POOF!

It was a nightmare that took three months to get straightened out. Luckily, our bank 'loaned' us $1,000 while they investigated whether it was us or not. That took a week. We lost the rest of what had been stolen. Once the bank determined it was stolen, it became an issue between the bank and the thief. How hard they went after the guy (or girl :shrug: ), I don't know. To us, it was everything and we couldn't pay bills, buy gas, or grocery. To them, it was peanuts.

What the bank was most suspicious about was that the PIN number was used to withdraw the cash. I never lost posession of my card or gave it to anyone. I told them they could check the tapes of the stores the withdrawals came from...in fact, I gave them the addresses where each happened. They would/should have had the exact times or transaction numbers.

Well, at least they waived the overdraft fees from everything bouncing. *sigh*