Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Please note this sub-forum does not provide professional finance advice. You should seek advice from a licensed financial advisor. If investing please consider our affiliate links for new accounts: Sharesies or Hatch. To post in this sub-forum you must have made 100 posts or have Trust status or have completed our ID Verification



tardtasticx

3032 posts

Uber Geek


#140779 19-Feb-2014 23:36
Send private message

As the title suggests, I've been a victim of card skimming. Thankfully it was stopped due to ASB and their clever systems. First found out when my card (Standard yellow ASB EFTPOS card, not a debit visa) no longer worked at McDonalds.

Called ASB to find out why it was declined as I was paid the night before, and they said my card has been blocked. I was thinking it must be a mistake but sure enough they said someone had attempted to use it in the UK so they stopped it from going ahead. 

Whats even more crazy, is my best friend had the EXACT same thing happen to her today, except ANZ called her directly to tell her about it and say a new card was on the way. They tried to charge her card $610, but it was blocked too. ASB did not say how much they tried to charge mine. Hers was also used in the UK. 

We looked through our online banking sites, and found all the transactions on our normal EFTPOS cards. We then found all the times we had used them together and found 6 places. 2 were supermarkets, 1 was a nail salon, 2 different Pizza joints, and the other was a new kebab store we never been to before. I'm guessing its the latter as all the others were big brand name stores but you never know I guess.

It could just be a huge coincidence, but I highly doubt it as both our cards were used and blocked on the exact same day, used in the same foreign country. 

We've got the stores and dates etc. written down, would it be beneficial to pass this on to either our banks or the police? I don't really want to have this happen again to us or other people. 

Its scary that these things still happen, especially in little old NZ. I was so scared when they told me what happened, because I've just finished paying off all my bank debt over summer to start the new school year clean. I nearly died. Never want to have that again.

-Sam

p.s. Thank you ASB and ANZ for saving me and my friends lives here hahaha. We would definitely be in a sticky situation had it gone through. 




Bachelor of Computing Systems (2015)

 

--

 

Late 2013 MacBook Pro with Retina Display (4GB/2.4GHz i5/128GB SSD) - HP DV6 (8GB/2.8GHz i7/120GB SSD + 750GB HDD)
iPhone 6S + (64GB/Gold/Vodafone NZ) - Xperia Z C6603 (16GB/White/Spark NZ)

Sam, Auckland 


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4 | 5
freitasm
BDFL - Memuneh
74146 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #990841 19-Feb-2014 23:39
Send private message

It could be anywhere. Most of these skimmers get card information from malware infected PoS (Point of Sale) systems - that's how they got those millions of card information from Target in the USA.




Support Geekzone by subscribing, making a donation. or using one of our referral links: Sharesies | Goodsync  | Mighty Ape | Backblaze | Norton 360 | Lenovo laptops 

 

freitasm on Keybase | My technology disclosure

 

 

 

 

 

 


Affiliate link
 
 
 

Affiliate link: Find your next Lenovo laptop, desktop, workstation or tablet now.
boby55
1539 posts

Uber Geek

Trusted

  #990844 19-Feb-2014 23:43
Send private message

It doesn't have to be the little guys who get the their terminals skimmed.

My flatmate was skimmed from the Terminal at BurgerFuel on Queen Street a couple of years back.

Kyanar
3453 posts

Uber Geek

Trusted
Subscriber

  #990846 19-Feb-2014 23:55
Send private message

freitasm: It could be anywhere. Most of these skimmers get card information from malware infected PoS (Point of Sale) systems - that's how they got those millions of card information from Target in the USA.


This is actually quite weird.  I have a terminal beside me, and I can say quite unequivocally that if I swipe a card and the transaction processes, the full card number is definitely not given to the POS software - it only gets a truncated PAN.  If I were using host comms, the data to be sent to the bank is an encrypted binary blob which should be unreadable by anything in the middle (you'd hope, since the EFTPOS NZ network is not using SSL).  Even PC EFTPOS where the POS is the terminal doesn't get the full card details, and definitely no track 3 data which would be necessary to clone a card.



freitasm
BDFL - Memuneh
74146 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #990847 19-Feb-2014 23:57
Send private message

It depends on the system. In the US it is a lot more common.




Support Geekzone by subscribing, making a donation. or using one of our referral links: Sharesies | Goodsync  | Mighty Ape | Backblaze | Norton 360 | Lenovo laptops 

 

freitasm on Keybase | My technology disclosure

 

 

 

 

 

 


Kyanar
3453 posts

Uber Geek

Trusted
Subscriber

  #990851 20-Feb-2014 00:05
Send private message

Ah, yeah their systems are rather archaic. For reference, the terminal type I refer to is a Verifone vx810. I have yet to go over the Ingenico specs, and I don't even want to think about SmartPay and Cadmus. Overseas is pretty much just Verifone and Ingenico though.

sbiddle
30853 posts

Uber Geek

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #990868 20-Feb-2014 07:20
Send private message

boby55: It doesn't have to be the little guys who get the their terminals skimmed.

My flatmate was skimmed from the Terminal at BurgerFuel on Queen Street a couple of years back.


And compromised terminals have been a huge problem in AU - there were a huge number of McDonalds stores at one point that had compromised terminals.


Batman
Mad Scientist
28003 posts

Uber Geek

Trusted
Lifetime subscriber

  #990900 20-Feb-2014 09:10
Send private message

gosh that's scary! no way to tell if the eftpos machine is infected?




Involuntary autocorrect in operation on mobile device. Apologies in advance.




sbiddle
30853 posts

Uber Geek

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #990905 20-Feb-2014 09:13
Send private message

joker97: gosh that's scary! no way to tell if the eftpos machine is infected?


Depends on the compromise - but in many cases, no.





freitasm
BDFL - Memuneh
74146 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #990907 20-Feb-2014 09:18
Send private message

Well, that's the whole idea of malware, to try to be undetectable.

I recommend you read up this article, then read about Max Butler and close with Kingpin (from the same author of the Wired article) and you will see how they do it.





Support Geekzone by subscribing, making a donation. or using one of our referral links: Sharesies | Goodsync  | Mighty Ape | Backblaze | Norton 360 | Lenovo laptops 

 

freitasm on Keybase | My technology disclosure

 

 

 

 

 

 


myndlyz
471 posts

Ultimate Geek


  #990923 20-Feb-2014 09:25
Send private message

boby55: It doesn't have to be the little guys who get the their terminals skimmed.

My flatmate was skimmed from the Terminal at BurgerFuel on Queen Street a couple of years back.


exact same thing happened to me, about a couple of years ago at Burger Fuel on Queen Street.

I wasnt even aware, this was during the labour weekend, Kiwibank called me on a Saturday saying money has been withdrawn from an overseas atm, i was gutted as i didnt have money for the rest of that long weekend

Handsomedan
4840 posts

Uber Geek

ID Verified
Trusted
Subscriber

  #990939 20-Feb-2014 09:35
Send private message

There was a scam happening in AU a few years back, where people would turn up to small retailers and state that they were from the EFTPOS provider and do a terminal swap-out.

Obviously the swapped-in terminal was one with skimming software/hardware installed and the customers were compromised.
They'd come back and return the original terminala few days later, "once it was fixed"..

Also - they were being swapped out in malls where kiosks were not protected sufficiently - i.e. slipping a large sheet over the kiosk when closed.




Handsome Dan Has Spoken.
Handsome Dan needs to stop adding three dots to every sentence...

 

Handsome Dan does not currently have a side hustle as the mascot for Yale 

 

 

 

*Gladly accepting donations...


Geektastic
16800 posts

Uber Geek

Trusted
Lifetime subscriber

  #991032 20-Feb-2014 11:56
Send private message

I would not have though a domestic NZ Eftpos card would work (except perhaps in an ATM) in the UK.

Surely you need a Visa Debit for international use?





trig42
5369 posts

Uber Geek

ID Verified
Subscriber

  #991039 20-Feb-2014 12:07
Send private message

Geektastic: I would not have though a domestic NZ Eftpos card would work (except perhaps in an ATM) in the UK.

Surely you need a Visa Debit for international use?

They will work in an ATM, and that's what they will be doing. the $610 the OP talks about would be ~300GPB?
If that was successful, the scumbags would have either tried again, or moved to a different ATM.

Gotta wonder how they got PINs though? They have to be skimmed as well don't they? I suppose if a terminal is compromised, it can log keystrokes.

Geektastic
16800 posts

Uber Geek

Trusted
Lifetime subscriber

  #991060 20-Feb-2014 12:37
Send private message

tardtasticx: As the title suggests, I've been a victim of card skimming. Thankfully it was stopped due to ASB and their clever systems. First found out when my card (Standard yellow ASB EFTPOS card, not a debit visa) no longer worked at McDonalds.

Called ASB to find out why it was declined as I was paid the night before, and they said my card has been blocked. I was thinking it must be a mistake but sure enough they said someone had attempted to use it in the UK so they stopped it from going ahead. 

Whats even more crazy, is my best friend had the EXACT same thing happen to her today, except ANZ called her directly to tell her about it and say a new card was on the way. They tried to charge her card $610, but it was blocked too. ASB did not say how much they tried to charge mine. Hers was also used in the UK. 

We looked through our online banking sites, and found all the transactions on our normal EFTPOS cards. We then found all the times we had used them together and found 6 places. 2 were supermarkets, 1 was a nail salon, 2 different Pizza joints, and the other was a new kebab store we never been to before. I'm guessing its the latter as all the others were big brand name stores but you never know I guess.

It could just be a huge coincidence, but I highly doubt it as both our cards were used and blocked on the exact same day, used in the same foreign country. 

We've got the stores and dates etc. written down, would it be beneficial to pass this on to either our banks or the police? I don't really want to have this happen again to us or other people. 

Its scary that these things still happen, especially in little old NZ. I was so scared when they told me what happened, because I've just finished paying off all my bank debt over summer to start the new school year clean. I nearly died. Never want to have that again.

-Sam

p.s. Thank you ASB and ANZ for saving me and my friends lives here hahaha. We would definitely be in a sticky situation had it gone through. 


It's not uncommon for businesses who have family around the world to run skimmers in one country and pass that info through to someone in the home country apparently.

I once had a call from Visa asking if I had been shopping in India the day before and I said no. However a few days before I had eaten in an Indian restaurant and paid with the card. Coincidence? The Police thought not but couldn't prove anything.

I wonder if the kebab shop has a 'cousin' in the UK....!





bbygtr
4 posts

Wannabe Geek


  #991084 20-Feb-2014 13:15
Send private message

I have been hit with the same thing this morning.  I am Westpac and my eftpos card has been cut off due to it being used in Great Britain for fradulent use.  My dad who is with ASB also got his card cut off this morning and his was used in Canada.  Depending how long the "capture" period is I can think of only a few places we have used our cards together.  The last place was the Crowne Plaza Restaurant in Auckland CBD.  Both My card and his was used to split a bill.  Interesting.  

 1 | 2 | 3 | 4 | 5
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Google Bringing First Cloud Region to Aotearoa New Zealand
Posted 10-Aug-2022 08:51


ANZ To Move to FIS Modern Banking Platform
Posted 10-Aug-2022 08:28


GoPro Hero10 Black Review
Posted 8-Aug-2022 17:41


Amazon to Acquire iRobot
Posted 6-Aug-2022 11:41


Samsung x LIFE Picture Collection Brings Iconic Moments in History to The Frame
Posted 4-Aug-2022 17:04


Norton Consumer Cyber Safety Pulse Report: Phishing for New Bait on Social Media
Posted 4-Aug-2022 16:50


Microsoft Announces New Solutions for Threat Intelligence and Attack Surface Management
Posted 3-Aug-2022 21:54


Seagate Addresses Hyperscale Workloads with Enterprise-Class Nytro SSDs
Posted 3-Aug-2022 21:50


Visa Launching Eco-friendly Payment Solutions in New Zealand
Posted 3-Aug-2022 21:48


NCR Delivers Services to Run Bank of New Zealand ATM Network
Posted 30-Jul-2022 11:06


New HP Portfolio Supports New Era of Hybrid Work
Posted 28-Jul-2022 17:14


Harman Kardon Launches Citation MultiBeam 1100 Soundbar
Posted 28-Jul-2022 17:10


Nanogirl Labs Launches Creator Project
Posted 28-Jul-2022 17:05


Marvel Snap Launches as an Action Collectible Card Game
Posted 26-Jul-2022 17:46


Jabra Talk 65 Review
Posted 26-Jul-2022 17:31









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







Backblaze unlimited backup