Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




2959 posts

Uber Geek


# 140779 19-Feb-2014 23:36
Send private message

As the title suggests, I've been a victim of card skimming. Thankfully it was stopped due to ASB and their clever systems. First found out when my card (Standard yellow ASB EFTPOS card, not a debit visa) no longer worked at McDonalds.

Called ASB to find out why it was declined as I was paid the night before, and they said my card has been blocked. I was thinking it must be a mistake but sure enough they said someone had attempted to use it in the UK so they stopped it from going ahead. 

Whats even more crazy, is my best friend had the EXACT same thing happen to her today, except ANZ called her directly to tell her about it and say a new card was on the way. They tried to charge her card $610, but it was blocked too. ASB did not say how much they tried to charge mine. Hers was also used in the UK. 

We looked through our online banking sites, and found all the transactions on our normal EFTPOS cards. We then found all the times we had used them together and found 6 places. 2 were supermarkets, 1 was a nail salon, 2 different Pizza joints, and the other was a new kebab store we never been to before. I'm guessing its the latter as all the others were big brand name stores but you never know I guess.

It could just be a huge coincidence, but I highly doubt it as both our cards were used and blocked on the exact same day, used in the same foreign country. 

We've got the stores and dates etc. written down, would it be beneficial to pass this on to either our banks or the police? I don't really want to have this happen again to us or other people. 

Its scary that these things still happen, especially in little old NZ. I was so scared when they told me what happened, because I've just finished paying off all my bank debt over summer to start the new school year clean. I nearly died. Never want to have that again.

-Sam

p.s. Thank you ASB and ANZ for saving me and my friends lives here hahaha. We would definitely be in a sticky situation had it gone through. 




Bachelor of Computing Systems (2015)

 

--

 

Late 2013 MacBook Pro with Retina Display (4GB/2.4GHz i5/128GB SSD) - HP DV6 (8GB/2.8GHz i7/120GB SSD + 750GB HDD)
iPhone 6S + (64GB/Gold/Vodafone NZ) - Xperia Z C6603 (16GB/White/Spark NZ)

Sam, Auckland 


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4 | 5
BDFL - Memuneh
64431 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  # 990841 19-Feb-2014 23:39
Send private message

It could be anywhere. Most of these skimmers get card information from malware infected PoS (Point of Sale) systems - that's how they got those millions of card information from Target in the USA.




1539 posts

Uber Geek

Trusted

  # 990844 19-Feb-2014 23:43
One person supports this post
Send private message

It doesn't have to be the little guys who get the their terminals skimmed.

My flatmate was skimmed from the Terminal at BurgerFuel on Queen Street a couple of years back.

 
 
 
 


3095 posts

Uber Geek

Trusted
Subscriber

  # 990846 19-Feb-2014 23:55
Send private message

freitasm: It could be anywhere. Most of these skimmers get card information from malware infected PoS (Point of Sale) systems - that's how they got those millions of card information from Target in the USA.


This is actually quite weird.  I have a terminal beside me, and I can say quite unequivocally that if I swipe a card and the transaction processes, the full card number is definitely not given to the POS software - it only gets a truncated PAN.  If I were using host comms, the data to be sent to the bank is an encrypted binary blob which should be unreadable by anything in the middle (you'd hope, since the EFTPOS NZ network is not using SSL).  Even PC EFTPOS where the POS is the terminal doesn't get the full card details, and definitely no track 3 data which would be necessary to clone a card.

3095 posts

Uber Geek

Trusted
Subscriber

  # 990851 20-Feb-2014 00:05
Send private message

Ah, yeah their systems are rather archaic. For reference, the terminal type I refer to is a Verifone vx810. I have yet to go over the Ingenico specs, and I don't even want to think about SmartPay and Cadmus. Overseas is pretty much just Verifone and Ingenico though.

28206 posts

Uber Geek

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  # 990868 20-Feb-2014 07:20
Send private message

boby55: It doesn't have to be the little guys who get the their terminals skimmed.

My flatmate was skimmed from the Terminal at BurgerFuel on Queen Street a couple of years back.


And compromised terminals have been a huge problem in AU - there were a huge number of McDonalds stores at one point that had compromised terminals.


Mad Scientist
20741 posts

Uber Geek

Trusted
Lifetime subscriber

  # 990900 20-Feb-2014 09:10
Send private message

gosh that's scary! no way to tell if the eftpos machine is infected?




Involuntary autocorrect in operation on mobile device. Apologies in advance.


 
 
 
 


28206 posts

Uber Geek

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  # 990905 20-Feb-2014 09:13
Send private message

joker97: gosh that's scary! no way to tell if the eftpos machine is infected?


Depends on the compromise - but in many cases, no.





BDFL - Memuneh
64431 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  # 990907 20-Feb-2014 09:18
Send private message

Well, that's the whole idea of malware, to try to be undetectable.

I recommend you read up this article, then read about Max Butler and close with Kingpin (from the same author of the Wired article) and you will see how they do it.





460 posts

Ultimate Geek


  # 990923 20-Feb-2014 09:25
Send private message

boby55: It doesn't have to be the little guys who get the their terminals skimmed.

My flatmate was skimmed from the Terminal at BurgerFuel on Queen Street a couple of years back.


exact same thing happened to me, about a couple of years ago at Burger Fuel on Queen Street.

I wasnt even aware, this was during the labour weekend, Kiwibank called me on a Saturday saying money has been withdrawn from an overseas atm, i was gutted as i didnt have money for the rest of that long weekend

2205 posts

Uber Geek

Subscriber

  # 990939 20-Feb-2014 09:35
Send private message

There was a scam happening in AU a few years back, where people would turn up to small retailers and state that they were from the EFTPOS provider and do a terminal swap-out.

Obviously the swapped-in terminal was one with skimming software/hardware installed and the customers were compromised.
They'd come back and return the original terminala few days later, "once it was fixed"..

Also - they were being swapped out in malls where kiosks were not protected sufficiently - i.e. slipping a large sheet over the kiosk when closed.




Handsome Dan Has Spoken.

13196 posts

Uber Geek

Trusted
Lifetime subscriber

  # 991032 20-Feb-2014 11:56
Send private message

I would not have though a domestic NZ Eftpos card would work (except perhaps in an ATM) in the UK.

Surely you need a Visa Debit for international use?





Banana?
4822 posts

Uber Geek

Subscriber

  # 991039 20-Feb-2014 12:07
Send private message

Geektastic: I would not have though a domestic NZ Eftpos card would work (except perhaps in an ATM) in the UK.

Surely you need a Visa Debit for international use?

They will work in an ATM, and that's what they will be doing. the $610 the OP talks about would be ~300GPB?
If that was successful, the scumbags would have either tried again, or moved to a different ATM.

Gotta wonder how they got PINs though? They have to be skimmed as well don't they? I suppose if a terminal is compromised, it can log keystrokes.

13196 posts

Uber Geek

Trusted
Lifetime subscriber

  # 991060 20-Feb-2014 12:37
Send private message

tardtasticx: As the title suggests, I've been a victim of card skimming. Thankfully it was stopped due to ASB and their clever systems. First found out when my card (Standard yellow ASB EFTPOS card, not a debit visa) no longer worked at McDonalds.

Called ASB to find out why it was declined as I was paid the night before, and they said my card has been blocked. I was thinking it must be a mistake but sure enough they said someone had attempted to use it in the UK so they stopped it from going ahead. 

Whats even more crazy, is my best friend had the EXACT same thing happen to her today, except ANZ called her directly to tell her about it and say a new card was on the way. They tried to charge her card $610, but it was blocked too. ASB did not say how much they tried to charge mine. Hers was also used in the UK. 

We looked through our online banking sites, and found all the transactions on our normal EFTPOS cards. We then found all the times we had used them together and found 6 places. 2 were supermarkets, 1 was a nail salon, 2 different Pizza joints, and the other was a new kebab store we never been to before. I'm guessing its the latter as all the others were big brand name stores but you never know I guess.

It could just be a huge coincidence, but I highly doubt it as both our cards were used and blocked on the exact same day, used in the same foreign country. 

We've got the stores and dates etc. written down, would it be beneficial to pass this on to either our banks or the police? I don't really want to have this happen again to us or other people. 

Its scary that these things still happen, especially in little old NZ. I was so scared when they told me what happened, because I've just finished paying off all my bank debt over summer to start the new school year clean. I nearly died. Never want to have that again.

-Sam

p.s. Thank you ASB and ANZ for saving me and my friends lives here hahaha. We would definitely be in a sticky situation had it gone through. 


It's not uncommon for businesses who have family around the world to run skimmers in one country and pass that info through to someone in the home country apparently.

I once had a call from Visa asking if I had been shopping in India the day before and I said no. However a few days before I had eaten in an Indian restaurant and paid with the card. Coincidence? The Police thought not but couldn't prove anything.

I wonder if the kebab shop has a 'cousin' in the UK....!





4 posts

Wannabe Geek


  # 991084 20-Feb-2014 13:15
Send private message

I have been hit with the same thing this morning.  I am Westpac and my eftpos card has been cut off due to it being used in Great Britain for fradulent use.  My dad who is with ASB also got his card cut off this morning and his was used in Canada.  Depending how long the "capture" period is I can think of only a few places we have used our cards together.  The last place was the Crowne Plaza Restaurant in Auckland CBD.  Both My card and his was used to split a bill.  Interesting.  

 1 | 2 | 3 | 4 | 5
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Bitcoin.com announces partnership with smartphone manufacturer HTC
Posted 16-Sep-2019 21:30


Finalists Announced for Microsoft NZ Partner Awards
Posted 16-Sep-2019 19:37


OPPO Showcases New CameraX Capabilities at Google Developer Days China 2019
Posted 15-Sep-2019 12:42


New Zealand PC Market returns to growth
Posted 15-Sep-2019 12:24


Home sensor charity director speaks about the preventable death which drives her to push for healthy homes
Posted 11-Sep-2019 08:46


Te ao Maori Minecraft world set to inspire Kiwi students
Posted 11-Sep-2019 08:43


Research reveals The Power of Games in New Zealand
Posted 11-Sep-2019 08:40


Ring Door View Cam now available in New Zealand
Posted 11-Sep-2019 08:38


Vodafone NZ to create X Squad
Posted 10-Sep-2019 10:25


Huawei nova 5T to be available 20th September
Posted 5-Sep-2019 11:55


Kogan.com launches prepay challenger brand Kogan Mobile in New Zealand
Posted 3-Sep-2019 11:42


Pagan Online available now
Posted 27-Aug-2019 20:22


Starship hopes new app will help combat antibiotic resistance challenges
Posted 27-Aug-2019 19:43


Intel expands 10th Gen Intel Core Mobile processor family
Posted 23-Aug-2019 10:22


Digital innovation drives new investment provider
Posted 23-Aug-2019 08:29



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.