As Floridians and citizens of the increasingly connected digital world, we must stay on DEFCON4 (see the 1983 movie WarGames for meaning) at all times for the next threat.
Phishing emails, data breaches, credit card skimmers at the gas pump, bot nets, and identity theft are in the news weekly, but how about crowd hacking (also called digital skimming)?
It’s the worst of the bunch and unless you’ve been a victim, you probably wouldn’t even know about. It’s very difficult to catch someone in the act, and the credit card companies certainly do not want anyone talking about it. For example I found this statement in an article from a Mobile, Alabama Fox TV station.
MasterCard spokesman, Chris Kangas, issued this statement:
“Sniffing, replay and relay attacks have been reported by the media and others as threats to contactless payments. Cardholders can rest assured that MasterCard has and continues to invest significantly to ensure the security of the payment system including for MasterCard contactless technology. As a consequence of these investments, the various attack scenarios which are difficult for criminals to conduct, make this an unattractive means of committing fraud. Accordingly, in the 10 years since contactless was launched, MasterCard is not aware of any fraud incidents using these techniques.”
If you reached the second paragraph, you obviously have not heard of crowd hacking. So off to the classroom we go.
Let’s start with the criminal. He goes on eBay and purchases a RFID card reader for $50, hits the dark web to order a stack of blank credit cards and lastly picks up a card magnetizing device for about $300. Then he’s ready to have his own digital criminal syndicate. Next he heads to a ball game or mall and turns on the reader and credit card numbers are wirelessly stolen. Dozens at a time.
As a nation, we are trying to combat counterfeit card use by using “chip and pin” technology so that even if a number is stolen it cannot be used. However, that technology covers only part of the problem. By going online or using a credit card over the phone, the hacker can circumvent those security measures as the RFID scanners can pick up expiration dates as well as the CVV number on the back.
There are products that can protect you from this. I have a card in my wallet made by signal vault that creates white noise to any RFID card reader in the vicinity. In essence, it blocks any attempted theft.
If you want something more advanced, there is a product called Guard Bunny that goes in your wallet and it actually makes a whining nose and lights up if you are targeted. I would encourage you to invest in one of these security tools. For the ladies, there is a RFID blocking purse called Clutch that can protect you.
Despite what the experts at the credit card companies say, this is real and you need to protect yourself because someone is out there right now planning his next digital heist.