Translate into numbers: how money is stolen using virtual cards

Fraudsters have begun to use a new scheme involving the creation of virtual images of bank cards - the Central Bank (CB) of Russia has warned of this. Attackers deceive their victims with data for this purpose and then steal money. Details about what is known about the new scheme and how to protect valuable information - in the material "Izvestia".

What is known about the scheme with virtual images of bank cards

That the fraudsters began to use a new scheme with the creation of virtual images of bank cards, reported in the press service of the Central Bank of Russia. According to the regulator, fraudsters call a person by phone or via messenger and inform him that his money is allegedly trying to steal.

After that, the person is persuaded to install a fake Central Bank application. Then the attackers ask to launch it and enter a confirmation code from the bank - supposedly it is necessary for authorization. This is how the fraudsters get the card data they need.

Photo: Izvestia/Konstantin Kokoshkin

"The application that fraudsters are asked to install creates a virtual image of the victim's bank card. They use it remotely on their phones to withdraw money from ATMs that support contactless technology, that is, instead of another person's bank card, they attach their smartphone," the message published in the Telegram channel said.

Consciousness token: in the Russian Federation will limit the deposit of money on virtual cards

But only on those released less than two days ago - this is needed to combat a massive cheating scheme

The Central Bank urged not to download applications at the request of strangers, as well as not to tell outsiders their personal and financial data. If in doubt, the press service urged to call the bank at the number specified on the official website of the regulator.

How fraudsters have previously used virtual images of bank cards

A virtual image of a card is, in fact, its digital copy, which can be used to gain access to funds, says Eryania Bochkina, an analyst at Banki.ru portal, in a conversation with Izvestia. The peculiarity of such a tool, which plays into the hands of fraudsters, is that the user does not need to hold plastic in his hands, only a phone. This means that attackers can remotely withdraw money from the card with the help of their device.

Photo: Izvestia/Pavel Volkov

- The scheme of creating a virtual image by installing an application on the victim's phone is quite new," says the specialist. - However, virtual cards have been used in fraudulent schemes before.

For example, a person whose data was obtained as a result of leaks was given a virtual card and used to withdraw money obtained by criminal means. The fraudsters also asked the victim to transfer funds to the "safe account" of the virtual card they had just opened, says Eryania Bochkina.

For this reason, the State Duma is now considering a bill that would prohibit the transfer of more than Br50 thousand to virtual cards within two days after their opening. The National Payment Card System (NPCS) is going to provide banks with a similar opportunity.

Internet analyst and expert of the company "Gazinformservice" Marina Probets adds that the creation of fully functional virtual images of bank cards is a relatively new and complex fraudulent technique. However, experts have already recorded similar schemes of deception using malware, when fraudsters manipulated the trust of victims.

Photo: Izvestia/Anna Selina

Previous methods include phishing, data theft using keyloggers and Trojan viruses that steal bank card information. Screensharing (screen recording) to obtain data from mobile devices has also been popular, although it usually requires physical access to the device or prior infection.

- The scheme outlined by the Central Bank differs in that criminals seek to gain functional access to a card remotely by mimicking the operation of a legitimate application. This makes it more dangerous and difficult to detect," emphasizes Marina Probets.

What is the danger of fraudsters using virtual images of bank cards?

Fraud using virtual card images is dangerous because it allows financial transactions to be carried out on behalf of the victim virtually undetected and with minimal risk, says Marina Probets. Unlike traditional methods of data theft, where fraudsters only learn card information, in the new scheme they gain functional access to the victim's funds.

Photo: Izvestia/Alexei Maishev

- This allows them to make contactless payments, transfers and other operations, practically excluding the possibility of quick detection of fraud," explains the Izvestia interlocutor. - Moreover, restoring access to a compromised account can take considerable time and be accompanied by bureaucratic difficulties, while the fraudsters can quickly cash out the stolen funds.

Token strike: Russians have been massively defrauded with virtual cards

How fraudsters use Pay services and what authorities are proposing to combat this scheme

As a result, the victim suffers significant financial losses and suffers severe stress due to lengthy proceedings and attempts to recover the money.

However, the risks don't end there. According to Nikita Leokumovich, Head of Digital Forensics and Cyber Intelligence at Angara SOC, virtual card images are one of the ways to conduct transactions without the client's consent.

Photo: Izvestia/Mitriy Korotayev

This means that the victim is not only deprived of the ability to control the movement of funds in the account, but is also included in a criminal chain that uses stolen or transferred bank cards to withdraw and cash out funds. If such a dropper account is detected by the regulator or banks, it will be entered into the Bank of Russia's database of fraudulent accounts.

- Its owner will be restricted in access to online banking and bank accounts," says Nikita Leokumovich. - It is accurate to say that he will have to meet with representatives of the Investigative Committee of Russia (ICR) and law enforcement agencies.

How to protect yourself from fraud schemes with virtual images of bank cards

According to experts interviewed by Izvestia, first of all, it is necessary to be extremely careful when installing any applications - especially those that request access to screen functions, camera, microphone and other sensitive data, says Marina Probets.

- It is necessary to install applications only from official stores (Google Play, App Store), check reviews and ratings,- says the expert. - You should never download applications offered over the phone or in suspicious messages. In addition, it is important to regularly update the operating system and antivirus software on your smartphone. If you receive suspicious calls or messages on behalf of the bank, you should contact the bank yourself at the verified phone numbers listed on the official website or bank card to confirm the information.

Photo: Izvestia/Eduard Kornienko

It is also worth being attentive to requests for access to various phone functions and do not agree to them unless absolutely necessary, emphasizes Marina Probets. In turn, Roman Tikhonov, product director of fintech company Paygine, notes that it is important not to share card details (number, expiration date, CVV) with third parties and not to enter them on suspicious sites.

- Use two-factor authentication: activate SMS or push notifications to confirm transactions," the expert advises. - When using this or that site, make sure that it has a secure connection (HTTPS) and is legitimate. In addition, from a security point of view, it will be useful to set limits on card transactions, especially for online payments.

For online purchases, you can also use disposable virtual cards with a limited validity period and limit. Finally, regularly check your card statements and report suspicious transactions to your bank, concludes Roman Tikhonov.