Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




2958 posts

Uber Geek


# 140779 19-Feb-2014 23:36
Send private message

As the title suggests, I've been a victim of card skimming. Thankfully it was stopped due to ASB and their clever systems. First found out when my card (Standard yellow ASB EFTPOS card, not a debit visa) no longer worked at McDonalds.

Called ASB to find out why it was declined as I was paid the night before, and they said my card has been blocked. I was thinking it must be a mistake but sure enough they said someone had attempted to use it in the UK so they stopped it from going ahead. 

Whats even more crazy, is my best friend had the EXACT same thing happen to her today, except ANZ called her directly to tell her about it and say a new card was on the way. They tried to charge her card $610, but it was blocked too. ASB did not say how much they tried to charge mine. Hers was also used in the UK. 

We looked through our online banking sites, and found all the transactions on our normal EFTPOS cards. We then found all the times we had used them together and found 6 places. 2 were supermarkets, 1 was a nail salon, 2 different Pizza joints, and the other was a new kebab store we never been to before. I'm guessing its the latter as all the others were big brand name stores but you never know I guess.

It could just be a huge coincidence, but I highly doubt it as both our cards were used and blocked on the exact same day, used in the same foreign country. 

We've got the stores and dates etc. written down, would it be beneficial to pass this on to either our banks or the police? I don't really want to have this happen again to us or other people. 

Its scary that these things still happen, especially in little old NZ. I was so scared when they told me what happened, because I've just finished paying off all my bank debt over summer to start the new school year clean. I nearly died. Never want to have that again.

-Sam

p.s. Thank you ASB and ANZ for saving me and my friends lives here hahaha. We would definitely be in a sticky situation had it gone through. 




Bachelor of Computing Systems (2015)

 

--

 

Late 2013 MacBook Pro with Retina Display (4GB/2.4GHz i5/128GB SSD) - HP DV6 (8GB/2.8GHz i7/120GB SSD + 750GB HDD)
iPhone 6S + (64GB/Gold/Vodafone NZ) - Xperia Z C6603 (16GB/White/Spark NZ)

Sam, Auckland 


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4 | 5
BDFL - Memuneh
64233 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  # 990841 19-Feb-2014 23:39
Send private message

It could be anywhere. Most of these skimmers get card information from malware infected PoS (Point of Sale) systems - that's how they got those millions of card information from Target in the USA.




1539 posts

Uber Geek

Trusted

  # 990844 19-Feb-2014 23:43
One person supports this post
Send private message

It doesn't have to be the little guys who get the their terminals skimmed.

My flatmate was skimmed from the Terminal at BurgerFuel on Queen Street a couple of years back.

 
 
 
 


3095 posts

Uber Geek

Trusted
Subscriber

  # 990846 19-Feb-2014 23:55
Send private message

freitasm: It could be anywhere. Most of these skimmers get card information from malware infected PoS (Point of Sale) systems - that's how they got those millions of card information from Target in the USA.


This is actually quite weird.  I have a terminal beside me, and I can say quite unequivocally that if I swipe a card and the transaction processes, the full card number is definitely not given to the POS software - it only gets a truncated PAN.  If I were using host comms, the data to be sent to the bank is an encrypted binary blob which should be unreadable by anything in the middle (you'd hope, since the EFTPOS NZ network is not using SSL).  Even PC EFTPOS where the POS is the terminal doesn't get the full card details, and definitely no track 3 data which would be necessary to clone a card.

3095 posts

Uber Geek

Trusted
Subscriber

  # 990851 20-Feb-2014 00:05
Send private message

Ah, yeah their systems are rather archaic. For reference, the terminal type I refer to is a Verifone vx810. I have yet to go over the Ingenico specs, and I don't even want to think about SmartPay and Cadmus. Overseas is pretty much just Verifone and Ingenico though.

28126 posts

Uber Geek

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  # 990868 20-Feb-2014 07:20
Send private message

boby55: It doesn't have to be the little guys who get the their terminals skimmed.

My flatmate was skimmed from the Terminal at BurgerFuel on Queen Street a couple of years back.


And compromised terminals have been a huge problem in AU - there were a huge number of McDonalds stores at one point that had compromised terminals.


Mad Scientist
20660 posts

Uber Geek

Trusted
Lifetime subscriber

  # 990900 20-Feb-2014 09:10
Send private message

gosh that's scary! no way to tell if the eftpos machine is infected?




Involuntary autocorrect in operation on mobile device. Apologies in advance.


 
 
 
 


28126 posts

Uber Geek

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  # 990905 20-Feb-2014 09:13
Send private message

joker97: gosh that's scary! no way to tell if the eftpos machine is infected?


Depends on the compromise - but in many cases, no.





BDFL - Memuneh
64233 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  # 990907 20-Feb-2014 09:18
Send private message
459 posts

Ultimate Geek


  # 990923 20-Feb-2014 09:25
Send private message

boby55: It doesn't have to be the little guys who get the their terminals skimmed.

My flatmate was skimmed from the Terminal at BurgerFuel on Queen Street a couple of years back.


exact same thing happened to me, about a couple of years ago at Burger Fuel on Queen Street.

I wasnt even aware, this was during the labour weekend, Kiwibank called me on a Saturday saying money has been withdrawn from an overseas atm, i was gutted as i didnt have money for the rest of that long weekend

2171 posts

Uber Geek

Subscriber

  # 990939 20-Feb-2014 09:35
Send private message

There was a scam happening in AU a few years back, where people would turn up to small retailers and state that they were from the EFTPOS provider and do a terminal swap-out.

Obviously the swapped-in terminal was one with skimming software/hardware installed and the customers were compromised.
They'd come back and return the original terminala few days later, "once it was fixed"..

Also - they were being swapped out in malls where kiosks were not protected sufficiently - i.e. slipping a large sheet over the kiosk when closed.




Handsome Dan Has Spoken.

13073 posts

Uber Geek

Trusted
Lifetime subscriber

  # 991032 20-Feb-2014 11:56
Send private message

I would not have though a domestic NZ Eftpos card would work (except perhaps in an ATM) in the UK.

Surely you need a Visa Debit for international use?





Banana?
4803 posts

Uber Geek

Subscriber

  # 991039 20-Feb-2014 12:07
Send private message

Geektastic: I would not have though a domestic NZ Eftpos card would work (except perhaps in an ATM) in the UK.

Surely you need a Visa Debit for international use?

They will work in an ATM, and that's what they will be doing. the $610 the OP talks about would be ~300GPB?
If that was successful, the scumbags would have either tried again, or moved to a different ATM.

Gotta wonder how they got PINs though? They have to be skimmed as well don't they? I suppose if a terminal is compromised, it can log keystrokes.

13073 posts

Uber Geek

Trusted
Lifetime subscriber

  # 991060 20-Feb-2014 12:37
Send private message

tardtasticx: As the title suggests, I've been a victim of card skimming. Thankfully it was stopped due to ASB and their clever systems. First found out when my card (Standard yellow ASB EFTPOS card, not a debit visa) no longer worked at McDonalds.

Called ASB to find out why it was declined as I was paid the night before, and they said my card has been blocked. I was thinking it must be a mistake but sure enough they said someone had attempted to use it in the UK so they stopped it from going ahead. 

Whats even more crazy, is my best friend had the EXACT same thing happen to her today, except ANZ called her directly to tell her about it and say a new card was on the way. They tried to charge her card $610, but it was blocked too. ASB did not say how much they tried to charge mine. Hers was also used in the UK. 

We looked through our online banking sites, and found all the transactions on our normal EFTPOS cards. We then found all the times we had used them together and found 6 places. 2 were supermarkets, 1 was a nail salon, 2 different Pizza joints, and the other was a new kebab store we never been to before. I'm guessing its the latter as all the others were big brand name stores but you never know I guess.

It could just be a huge coincidence, but I highly doubt it as both our cards were used and blocked on the exact same day, used in the same foreign country. 

We've got the stores and dates etc. written down, would it be beneficial to pass this on to either our banks or the police? I don't really want to have this happen again to us or other people. 

Its scary that these things still happen, especially in little old NZ. I was so scared when they told me what happened, because I've just finished paying off all my bank debt over summer to start the new school year clean. I nearly died. Never want to have that again.

-Sam

p.s. Thank you ASB and ANZ for saving me and my friends lives here hahaha. We would definitely be in a sticky situation had it gone through. 


It's not uncommon for businesses who have family around the world to run skimmers in one country and pass that info through to someone in the home country apparently.

I once had a call from Visa asking if I had been shopping in India the day before and I said no. However a few days before I had eaten in an Indian restaurant and paid with the card. Coincidence? The Police thought not but couldn't prove anything.

I wonder if the kebab shop has a 'cousin' in the UK....!





4 posts

Wannabe Geek


  # 991084 20-Feb-2014 13:15
Send private message

I have been hit with the same thing this morning.  I am Westpac and my eftpos card has been cut off due to it being used in Great Britain for fradulent use.  My dad who is with ASB also got his card cut off this morning and his was used in Canada.  Depending how long the "capture" period is I can think of only a few places we have used our cards together.  The last place was the Crowne Plaza Restaurant in Auckland CBD.  Both My card and his was used to split a bill.  Interesting.  

 1 | 2 | 3 | 4 | 5
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

New AI legaltech product launched in New Zealand
Posted 21-Aug-2019 17:01


Yubico launches first Lightning-compatible security key, the YubiKey 5Ci
Posted 21-Aug-2019 16:46


Disney+ streaming service confirmed launch in New Zealand
Posted 20-Aug-2019 09:29


Industry plan could create a billion dollar interactive games sector
Posted 19-Aug-2019 20:41


Personal cyber insurance a New Zealand first
Posted 19-Aug-2019 20:26


University of Waikato launches space for esports
Posted 19-Aug-2019 20:20


D-Link ANZ expands mydlink ecosystem with new mydlink Mini Wi-Fi Smart Plug
Posted 19-Aug-2019 20:14


Kiwi workers still falling victim to old cyber tricks
Posted 12-Aug-2019 20:47


Lightning Lab GovTech launches 2019 programme
Posted 12-Aug-2019 20:41


Epson launches portable laser projector
Posted 12-Aug-2019 20:27


Huawei launches new distributed HarmonyOS
Posted 12-Aug-2019 20:20


Lenovo introduces single-socket servers for edge and data-intensive workloads
Posted 9-Aug-2019 21:26


The Document Foundation announces LibreOffice 6.3
Posted 9-Aug-2019 16:57


Symantec sell enterprise security assets for US$ 10.7 billion to Broadcom
Posted 9-Aug-2019 16:43


Artificial tongue can distinguish whisky and identify counterfeits
Posted 8-Aug-2019 20:20



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.