At a time when the world is relying on the internet to perform various jobs during the pandemic, cyber security becomes extremely important. Financial transactions are always the target of malicious hackers. A report by NordVPN shows that using a computer, an average payment card can be hacked in just six seconds.
The global VPN service provider, used by millions of Internet users worldwide, analyzed four million payment cards in 140 countries and found that “brute force” was the most common method of hacking a payment card .
This type of attack is incredibly fast and can be executed in seconds, he said.
NordVPN CTO Marijus Briedis said, “The only way so many payment cards could appear on the dark web is through brute force. This means criminals are trying to guess the card number and CVV.”
Briedis added that the first 6-8 digits are the card issuer ID number. “This leaves hackers with 7-9 digits to guess, as the 16th digit is a checksum and is only used to determine if any errors were made when entering the number. Using a computer, an attack like this one can only take six seconds.”
To guess the nine digits needed for a complete card number, a computer must go through a billion combinations, Briedis said. “And it will only take a minute for a typical computer, which can try about 25 billion combinations per hour.”
However, depending on the card issuer, a criminal may only need seven digits to make a correct estimate. “In this case, six seconds would be enough,” he said.
What debit and credit card users can do
Briedis said card users should review their monthly statements for suspicious activity and respond quickly and seriously to every security notification from your bank.
“Another recommendation is to have a separate bank account for different purposes and only keep small amounts of money in the one your payment cards are connected to. Some banks also offer temporary virtual cards that you can use if you don’t feel safe shopping online,” he added.
In September last year, the Reserve Bank of India (RBI) also warned the public about the upsurge in fraudulent activity.
Through a tweet on September 13, the central bank warned of bank fraud related to Know Your Customer (KYC) documents. The apex bank warned people on its tweet and press release against sharing their personal account information with scammers.
The central bank also said that people should not share certain personal information such as login details, card details, PIN or even one-time passwords.
The tweet posted by the RBI read: “RBI warns against fraud in the name of KYC update”.
In a statement, the RBI also said: “The usual modus operandi in such cases includes the receipt of unsolicited communications, such as calls, texts, emails, etc., by the client inviting him to share some personal information, account/login details/card information, PIN, OTP, etc. or install an unauthorized/unverified application for KYC update using a link provided in the communication.”
He added that these communications are also flagged as carrying freeze/blocking/account closure threats. “Once the customer shares information through an unauthorized call/message/app, the fraudsters gain access to the customer’s account and defraud them.”
“Members of the public are hereby warned not to share account login information, personal information, copies of KYC documents, card information, PIN, password, OTP, etc. .with unidentified persons or agencies,” the apex bank added.
Read all the latest Ukraine-Russia war news, breaking news and live updates here.