It wouldn’t be the holidays without someone trying to rip you off, and if you don’t watch your bank account, someone just might.
The holidays can mean lots of things, from great food to spending lots of money, but if you don’t pay close attention to your bank account, you may find a scammer stealing your money to buy great food, and then some.
It’s not only the most wonderful time of the year, but also potentially the most lucrative, as cybercriminals aim to waste your money by spending it for you.
You can expect plenty of phishing attempts with scammers pretending to be a bank and asking you to reset your credentials with a dodgy link, but that’s not the only way to get scammed.
While phishing plays a pretty hefty role in how Australians can get scammed, you can also still get scammed even by doing nothing, all as criminals guess your card details and use them accordingly.
Using a combination of guesstimation and knowledge about how credit card numbers work, criminals can actively work to find a sequence of credit card numbers, test whether they’d be legitimate, and then seemingly use them to buy goods and services. In short, a scammers doesn’t need to actively see your card or even know your details to actually use them.
Called a “BIN attack”, it’s a fraud operation where scammers try to guess the Bank Identification Number (BIN) using the commonly used Luhn algorithm and other number sequences to correctly guess a bank card, and then use those numbers to buy goods and services. CommBank calls a BIN attack random card number generation, and it may as well be that, with scammers creating numbers seemingly out of nothing connected to an account, and then using them to buy things.
To put it simply, your card never has to leave your side or premises for a criminal to work out that you have something worth using, and that’s bad.
How do you stay on alert for a guess attack
It happened to this journalist as the holidays kicked off, and a random charge came into his account. He picked it up quickly, locking the card and watching what happened next.
Quickly, the criminal added more charges. Two for a little over $200. Another for $410. Another two for $355. The scammer was going shopping on a card that doesn’t get used, racking up almost a thousand dollars in the space of 20 minutes.
Fortunately, a good bank should be an able to pick up on these transactions and alert you that something is wrong.
Use your bank’s app
Where you’re ordering from and the location of the purchase is often the dead giveaway, helped in part because purchases at secure sellers will often connect with a bank’s security system, but it doesn’t always.
When the check doesn’t occur, a bank will alert you to something going on. You can choose to lock the card and dispute the transaction, or just outright cancel and get a new card.
Monitoring those purchases can occur in real-time if you use your bank’s app, with financial institutions letting you know just what is going on when it does.
Keep your bank’s app installed and you should get a notification about something when it happens. If slash when it does, make sure to act on it quickly. Not only can you put a stop to it quickly, but you can file a transaction dispute immediately and make sure you get your money back as fast as possible.
Look over bank statements regularly
Bank check systems aren’t going to pick up everything, and you might miss out on preventing a BIN attack at the right time. Alternatively, it could happen while you’re sleeping and a scammer could fleece you out of money in the background.
So consider going over your bank statements regularly, every month, glancing over the details to determine if all the purchases look right.
Scammers may try to get small purchases under the radar, but if it works, they could end up going for much bigger ones, as well. Keeping tabs on what’s coming out of your account regularly will give you an idea of whether your card has been compromised, allowing you to dispute the purchase, get it refunded, and get yourself a new card.