Ticket machine skimming fraud threat?

Credit and debit card 'skimming' - where your card details are unlocked and stolen using a small electronic device - used to be the preserve of ATMs.

Now the practice is being adopted for parking ticket meters and even transport ticket machines, claims new research. Pay-at-pump petrol stations are also being targeted. How serious is the issue for the UK?%VIRTUAL-SkimlinksPromo%

US-bound

We can relax a bit - for the moment. The situation is worse in the US where there has been reluctance to adopt chip-and-pin technology, claims research from European ATM Security Team. In contrast, European banks have moved to technology adopted by Visa, MasterCard and Europay, known as 'EMV'.

Algorithms are embedded in a chip on these Visa, MasterCard and Europay cards, making them difficult to clone cards for use at EMV terminals. However, stolen data can still be successfully exported to the US and used on cloned cards, enabling cash to be taken out of ATMs.

Claw or sledge hammer

"Skimmer scammers who steal card data from European ATM users tend to ship the stolen card data to buyers or co-conspirators in the United States," said security expert Brian Krebbs in a recent blog, "where the data is encoded onto fabricated cards and used to pull cash out of US ATMs."

Two countries, claim European ATM Security Team, have seen a recent rise in skimming from parking ticket machines (though these countries remain nameless). Bluetooth devices are also increasingly being used to transmit stolen card and PIN data wirelessly, it's claimed.

There's also been a rise in ATM 'cash claws'. This is where a metal 'claw' is pushed into an ATM cash dispenser once the machine shutter is opened, forcing out more cash than ordered. Crude but sometimes effective. There's also the sledge hammer option, not to mention exposed software vulnerabilities.

Avoid cash machine fraud

It's important to brush up on good ATM etiquette. Below are some tips from LINK, the UK's cash machine network, on how to avoid falling victim to cash machine fraud.

1. Protect your PIN
• The simplest step of all to minimise the chances of falling victim to fraud is to shield the keypad when you enter your PIN. This will protect your PIN from a shoulder-surfer, and also if a criminal has set up a hidden camera that is filming the keypad.

• Some losses at UK cash machines are still, unfortunately, the result of PINs being written down and kept in a purse or wallet. So, the other important advice remains: 'never write down your PIN'.

2. Choosing a cash machine
• Be aware of others around you. If someone close to the cash machine is behaving suspiciously, or makes you feel uncomfortable, go to another machine.

• If you suspect that a skimming device has been attached to a cash machine, inform staff within the bank or, if this is not possible, inform the police.

3. Using a cash machine
• Be aware of your surroundings. If someone starts crowding or watching you, cancel the transaction, preferably before you've entered your PIN, and go to another machine.

• Stand close to the cash machine and always shield the keypad effectively, for example by using your free hand, to avoid anyone seeing you enter your PIN.

• If your card gets jammed or retained by the machine report this as soon as possible to your card issuer.

If you are a victim of card fraud you are protected through legislation, which states that you will not be liable for losses unless you have acted fraudulently or without reasonable care.

10 PHOTOS
Revealed: The 10 most common scams
See Gallery
Ticket machine skimming fraud threat?

More than 12 million pieces of personal information were illegally traded online by identity fraudsters in the first quarter of 2012 alone, according to data from Experian CreditExpert - outstripping the entire of 2010.

The vast majority (90%) of this illegally traded information is password and log in combinations - a result of the spiralling number of online accounts many of us now have. Research shows the average Brit uses around five different passwords online, but with an average of 26 different accounts each – this is nowhere near enough protection.

"Using a different password for each account will minimise risks, but if password information is stolen from a website, all accounts using the same details will be compromised, and this information can spread among fraudsters rapidly," warns Peter Turner, managing director at Experian Consumer Services in the UK and Ireland.

Step up your account protection with this guide to choosing a secure password.

Credit and store cards continue to prove particularly attractive to fraudsters and 2012 year has seen 73% surge in the takeover of plastic card accounts by criminals with nearly one quarter of all identity frauds, and 36% of all account takeovers, taking place on these cards.

Richard Hurley, communications manager at CIFAS explains the threat: "Whether it is through using an innocent party's details to open a new account in the victim's name, or hijacking the victim's details and taking over existing accounts, the modern fraudster will continue to pay specific attention to credit and store card accounts as an easy way of obtaining funds and goods, while leaving someone else to pick up the bill."

Be vigilant with your cards and follow our tips to protect your plastic through safe online shopping.

As if the mis-selling of payment protection insurance (PPI) wasn't scandal enough, 2012 has seen fraudsters preying on PPI victims. Consumers have received phone calls from someone who knows their name, announcing that they have won their PPI claim. The caller may also know the lender's name and an estimate of the loan amount.

However, the caller will then request a payment from the consumer in order to receive their compensation. This should signal warning bells, but many innocent victims have fallen for the scam and parted with money only for the bogus firm to disappear with their cash, and of course the compensation that never existed.

Consumers should be wary of all cold calls, particularly those that request cash upfront. There is no need to pay to make a claim for mis-sold PPI – you can claim direct to your bank for free and receive free advice from debt charities like Citizens Advice and the Consumer Credit Counselling Service.

If you do choose to take on the assistance of a claims management firm – never agree to an upfront payment. Reputable firms will only request payment for their services once you have received your compensation from your lender either by cheque or by payment into your bank account.

Phishing – when an unsolicited email arrives in your inbox requesting details to your personal accounts – continues to rise, leading to a surge in online banking fraud. Online banking fraud losses totaled £21.6 million during January to June 2012, according to CIFAS - a 28% increase on the 2011 half-year figure.

The emails trick customers into visiting fake banking websites – often made to look startlingly similar to the real thing - and disclosing their online banking login details. Online banking customers are also being tricked into divulging their bank login details and passwords over the phone to someone they believe is from their bank but is actually a fraudster.

The key point to remember is that banks will never contact you by phone or email and ask you to disclose your details, so always beware correspondence of this nature. Consumers should also be cautious of emails purporting to be from government bodies such as HMRC, or other financial accounts, such as Paypal.

There were over 50 different scams known to the 2012 Olympic Committee, with fraudsters cashing in on the good-natured spirit of the Games and nationwide scramble for tickets. The vast majority of scams took the form of phishing emails – purporting bogus job offers; prize draws; lottery wins and complimentary tickets – all with the sole purpose of duping consumers into sharing personal details or parting with cash in order to claim prizes.

Official tickets for the London 2012 Games were only available for purchase through the London 2012 website and appointed ticketing partners, so any other sources were offering fake or non-existent tickets. As for competition prizes and lottery wins – consumers should remember that it is impossible to win a competition or draw that you did not knowingly enter and that if a prize seems too be good to be true, it probably is.

Insurance is an incredibly complex area of personal finance and different forms of cover are riddled with different hitches that make it crucial to read the small print. Failure to do so could lead you to pay for a product you would be never be able to claim upon, or unknowingly do something that invalidates your claim.

Always buy the right level of cover for your needs and pay close attention to any exclusions in the policy wording. For example, many travel insurance policies for winter sports won't pay out for treatment of injuries incurred while under the influence of alcohol.

Surely the lowest of the low, charity donation fraud – when fake charities play on our sympathy by requesting donations to a worthy cause – is on the rise. Donation requests come in the form of unsolicited emails; phone calls; house visits or being approached in a public place. In many cases, donation requests are linked to a high-profile event, such as Hurricane Sandy that wreaked havoc across America last month.

Either the charity that the fraudster has asked you to donate to doesn't exist, or they are misusing the name of a genuine, often well-known, charity and pocketing your money.

Don't let fraud risks put you off donating – just make the necessary checks to ensure your money is going to the intended cause. Genuine charities are registered with the Charity Commission and print their registration details on all documentation, collection bags and envelopes, so check these details exist and if in doubt, contact the Charity Commission to confirm that they are authentic. Call the helpline on 0845 300 0218 or check the online charity register by visiting charity-commission.gov.uk.

Cases of cash machine fraud, where a device is used to trap money inside the ATM machine, have increased more than 15-fold in London in the past three months. Reported incidents have risen from 150 across the UK in May, to 2,500 in London alone in August, according to figures from Link and London's Dedicated Cheque and Plastic Crime Unit (DCPCU).

Criminals insert a device called a cash claw behind the guard on the cash drawer of an ATM. The device is undetectable to the public, who use the machine as normal until their cash fails to eject.

"The machine goes out of service and then the criminal comes along, forces open the drawer using a pair of pliers or a screwdriver, forces the device out of the cash machine, bringing the customer's money with it," explains Detective Chief Inspector Dave Carter, head of the DCPCU.

Customers are advised to immediately report any banknotes undelivered from cash machines.

Rogue property developers selling land that they claim has great investment value, when there is little or no chance of it ever being developed, are on the rise again this year. Investigations have lead to a number of convictions in 2012, yet consumers are warned to be remain wary of this big money scam.

Land banking involves plots of land offered for sale, often online, with the promise of sizable returns when planning permission is approved for housing or other development. Yet often the land is located in areas protected from development by planning law.

The companies involved soon disappear with investors' money and as the firms are not protected by the Financial Services Authority, their funds are not covered by the Financial Services Compensation Scheme.

In October, PhonepayPlus (the UK's premium rate telephone regulator) fined two firms a total of £450,000 for running a series of voucher scams on Facebook.

The scams, which claimed to offer free vouchers and supermarket gift cards for Tesco and Asda, resulted in members of the public signing-up for expensive premium-rate phone services.

The scams relied on Facebook users innocently sharing or liking the voucher promotions on their status, which included the promise of a voucher worth up to £250 for major retailers. After clicking on the promotion consumers were duped into participating in premium rate competitions, which involved questions sent to their phone at a cost of £5 each.

HIDE CAPTION
SHOW CAPTION
of
SEE ALL
BACK TO SLIDE

More stories
Read Full Story

FROM OUR PARTNERS