More On Identity Theft - Credit Card Data Theft

Credit Card Breaches

Credit Card Breaches 1

BotNets

A BotNet is a number of Internet-connected devices, such computers and smartphones, each of which is running one or more bots. BotNets can be used to perform distributed attacks to steal data, send spam, and allow the attacker access to the device and its connection. The perputrator can control the BotNet using command and control software. The word BotNet is a combination of the words robot and network ... BotNets are increasingly rented out by cyber criminals for a variety of purposes.1

BotNet software is usually installed on computers by users who are tricked into loading it (by attractive images, tailored ads, spam emails, videos. or even software supposedly offering fixes or virus protection). In recent years BotNet hackers have become enormously more prevalent and sophisticated, in some cases even rivaling governmental spy agencies in their scope.

The following example illustrates how a BotNet is created and used for malicious gain.

  1. A hacker purchases or builds a Trojan and/or exploit kit and uses it to start infecting users' computers, whose payload is a malicious application — the bot.
  2. The bot on the infected PC logs into a particular command-and-control server. (This allows the bot master to keep logs of how many bots are active and online.)
  3. The bot master may then use the bots to gather keystrokes or use form grabbing to steal online credentials and may rent out the BotNet as a service or sell the credentials online for a profit.
  4. Depending on the quality and capability of the bots, the value is increased or decreased.

The BotNet controller community features a constant and continuous struggle over who has the most bots, the highest overall bandwidth, and the most "high-quality" infected machines, like university, corporate, and even government machines. While BotNets are often named after the malware that created them, multiple BotNets typically use the same malware, but are operated by different entities.

The BotNet software effectively sets your computer up to receive instructions from a master control terminal that is controlled by the BotNet owner who is usually a hacker or other cyber criminal that purchased the use of your computer from the person who infected it.

Not only is your computer infected, but people are making money by selling the rights to use your computer (without your knowledge) to carry out attacks on other computers. Mind boggling isn't it? It's like someone renting out your car for someone else's use while it's parked at a shopping center, and then putting it back before you discover it was gone.

A typical BotNet may consist of tens of thousands of computers that are all controlled by a single command and control terminal. Hackers love using BotNets because it allows them to combine the computing power and network resources of all the computers in the BotNet to attack a single target.

Some of the bad guys will even blackmail the targets, telling them that if they pay them a fee, then they will stop the attack. Incredibly enough, some businesses will pay the blackmail fee just to get back in business until they can figure out how to better deal with the attacks.

Malware developers who create the BotNet software pay money via malware affiliate marketing programs to people willing to install their malware on victims' computers. They may pay $250 or more per 1000 "installs". Enterprising bad guys will use every means necessary to trick unsuspecting users into installing this malware. They will link it in spam e-mails, post malicious links to forums, setup malicious websites, and anything else they can think of to get you to click the installer so they can get credit for another install.

The malware developer will then sell control of the BotNets they have created. They will sell them in large blocks of 10,000 or more slave computers. The larger the block of slave bots, the higher the price they will ask.

Malware used to be created by kids trying to prank people, but it is really all about bad guys making money off of trafficking the use of your computer's CPU cycles and your network bandwidth.

How Can You Stop These BotNets?

  1. Get a malware-specific scanner. Your virus scanner might be awesome at finding viruses, but not so good at finding Scareware, rogue malware, rootkits, and other types of malicious software.
  2. Get a "second opinion" scanner. If one doctor says everything is good, but you still feel sick, you might want to get a second opinion from another doctor, right? Do the same for your malware protection. Install a second malware scanner on your computer to see if it might catch something that the other scanner missed. You would be surprised how many times one tool misses something that another one catches.
  3. Be on the lookout for fake anti-virus software. In your search for malware protection you could end up installing something malicious if you don't do your research on the product first. Google the product to see if there are any reports that it is fake or malicious before you install anything. Never install anything that is sent to you in an e-mail or found in a pop-up box. These are often delivery methods for malware developers and malware affiliates.
  4. If you want to be extra sure that the malware infection is gone then you should consider a performing full backup, wipe and reload of your computer to ensure that the malware is gone.2

More About Bot Networks

Skimmers

Stealing debit card information using "skimmers" at gas pumps and ATMs is an old problem. But thieves are becoming more sophisticated at hiding the devices and getting around some of the fixes merchants have put in their way.

Among the newest tools are deep-insert skimmers, which disappear into the payment device card slot. Skimmers—electronic devices that thieves insert into ATMs and card readers—can record data stored on the magnetic stripe on the back of your debit card.

These newest skimmers are placed deep inside an ATM, behind the shutter of a motorized card reader, and are completely hidden from the consumer. Thieves often use them along with tiny cameras or other devices to capture cardholders' personal identification numbers when they punch them in on a keypad.

"As the last few years have proven, skimming technology and know-how have improved and are more accessible to the general population," says T.J. Horan, vice president of fraud solutions at FICO Card Alert Services. "So we will continue to see increases in compromises and the speed at which they occur."

How do you protect your debit and ATM cards?

Tell us in the comments section below.

A study this week from FICO Card Alert Services shows just how big a problem this sort of theft has become. FICO reported a 70 percent increase in the number of debit cards that were compromised in 2016 at ATMs and at card readers used by merchants. It also reported that the number of card readers at ATMs and merchant devices that were hacked rose 30 percent.

Consumers most at risk for debit card theft are those who use nonbank ATMs, such as the ones in convenience stores, and those who make purchases at out-of-the-way merchants, such as remote gas stations, says Michael Betron, a FICO senior product manager.

In addition to using skimmers, thieves also obtain debit card information by installing data-stealing software in card readers and through data breaches, where they hack into the main computer systems where card information is stored.

Some merchants may be able to catch thieves when they return to retrieve the skimmers. But newer versions can transmit data wirelessly to thieves, who then make duplicate debit cards to withdraw cash at ATMs or to make purchases.

If data is stolen from your card, you could find that your debit card was used to make unauthorized purchases or withdrawals from your bank account. The faster you act, the better. Depending on how quickly you notify the bank, you could be responsible for $50, $500, or the whole amount.

“People really need to pay attention," warns Katherine Hutt, a spokeswoman for the Better Business Bureau. "We have convenient access to our money 24/7, but so do scammers."

How to Protect Your Cards

Because it can often be impossible to detect whether a skimmer has been inserted into the card reader you may be using, consider taking these precautions:

Don’t use remote ATMs and point-of-sale terminals. ATMs that are in low-trafficked, poorly lit areas are vulnerable to being tampered with by thieves. So are gas pumps that accept credit cards at stations far from major highways. The safest ATMs, says Owen Wild, director of marketing for security solutions at NCR Corporation, are the vestibule and drive-up machines at your bank. But skimmers have been found even in some of those, he says.

Look for signs of tampering. Before using an ATM or point-of-sale terminal, try wiggling the keypad or card slot, says the police department in Portland, Ore. If anything seems loose, don’t use the device. Also look for keypads that appear raised or have an unusual color, the New York City Department of Consumer Affairs recommends. A thief could have placed an overlay on the keypad to record the personal identification number you punch in. Some gas pumps have security tape that forms a seal around the card reader. If the seal is broken, that could be a sign that the reader has been compromised.

Protect your PIN. Place your hand over the keypad when entering your personal identification number in case thieves have installed a pinhole camera to record it, the Better Business Bureau recommends.

Use a chip card. Credit and debit cards with chips offer better protection than those only with magnetic stripes, Wild says. But that’s only the case if you insert just the chip portion of your card into a reader. If you need to insert your entire card, a skimmer may steal the data from the magnetic stripe.

Check your transactions. Carefully examine your bank account activity online to see whether funds have been withdrawn that you didn't authorize, FICO says. You can also set up an alert so that you're notified when funds are withdrawn.3

References

Images