On the Internet, as in offline life, almost every day you can stumble on a fraudster. And if on the street such an intruder can still be discerned, then in the network his identity can forever remain anonymous. One of the most frequent places for potential victims to meet with a fraudster is an online store or payment system. To understand this complex topic, we answered a few questions.
I've heard a lot about the scams with credit cards on the Internet, but I have never faced them myself. Is it really so common and dangerous?
Every day cyberwarers make thousands of payments with the help of someone else's payment and credit cards. Annually, residents of all countries of the world lose hundreds of millions of their savings. And a large number of such scams occur on the sites of online stores and payment systems. For example, only in the UK in the period from 2001 to 2011, credit card fraud resulted in losses of 400-800 million US dollars annually.
Okay, then, how do the scams happen? Scammers, for sure, are constantly improving their schemes of crimes?
Criminals can be either outsiders or unscrupulous representatives of the site team directly, the online store, the payment system, etc., who have access to classified information and have conspired with accomplices. They work on the most sophisticated schemes, ranging from fairly simple to extremely difficult. Based on this, scams with payments and credit cards can be divided into scams that occur through:
fraudulent manipulation of scammers directly on the sites through direct dialogue with users, during which they themselves communicate their requisites (even minimal information can be enough for conducting so-called operations without the presence of a card); or through deceptive elements in the interface and textual maintenance of the site, which force users to specify those data of their cards that can not be reported
hacking servers of online stores and payment systems, as well as personal devices of their visitors either directly, or through remote access programs, Trojans and bots-form grabbers
creating a site that looks very much like the one the user trusts; in fact, it is a fraud, giving access to the details of those who did not recognize the fake (this method is called phishing)
scams with a return of payments, when, for example, using the scheme of the so-called friendly fraud, one of the scammers makes a large order in the online store, he pays it with a credit card and receives the goods, and right after that the Internet shop receives a request for a refund for this purchase from the bank is already a "real" cardholder; the owner of the credit card, in fact, is the accomplice of the first criminal, so if the bank becomes their side, the online store runs the risk of losing both money and goods
On what grounds can you then understand that the details of my payment card are being stolen?
You should always be most careful when using those online sites that are directly related to payments and operations and need credit card details. User accounts for such resources must be protected with a complex, thoughtful password that should be periodically changed. It is desirable to track changes in the interface and structure of the site, to be in general details familiar with the user agreements.
If any suspicious user or representative of the resource team tries to find out the details of the credit card in various ways, you should contact the information center of the site or make a complaint about fraud. With the web address and interface used sites should always be careful:
the connection with them must be protected by appropriate security protocols;
the address should not contain additional characters or be shorter than usual;
it is necessary to avoid suspicious or false elements of the resource interface and carefully familiarize with the information related to the payment process and with the data requested for this.
And how then to detect these scammers and protect our site, online store and payment system?
To prevent such machinations, the most widely available public information about users is collected:
the history of their behavior when visiting the site and making purchases (orders, the contents of the buyer's basket, goods of interest)
information about your browser, device, and geolocation
details of previous transactions with credit cards on the site
data from accounts
By combining all the collected information together, the online store/site/payment system is able to determine which of their visitors may be a potential fraudster. The qualitative means of protection against such scams is the technology of digital imprint, which automatically allows you to obtain all the data necessary for the safety of users of the resource and its command data.