The UK moved to chip and pin transactions over a decade ago, and it has accounted for a reduction in millions of pounds of Point of Sale fraud. However, for countries where the magnetic strip is still the predominant form of security, credit card "skimmers" have grown in sophistication and camouflage to be almost impossible to detect with the naked eye.
However, technology continues to advance and even physically perfect imitations of real credit card readers may be too risky for our cyber thieves to risk recovering or accessing, so we have seen a growing rise in remote technologies used to recover the cached and stolen credit card details the skimmers have read and accumulated.
Skimmers can be installed in less than 30 seconds and will accumulate card data for collection. Our diligent cyber criminals can return to collect the valuable data over wireless Bluetooth connection without having to come into direct contact with the skimmer, reducing risk of association with the device or capture by law enforcement.
As the technology for skimmers becomes ever more advanced and commoditised, a £2 Bluetooth module is becoming increasingly relied upon to provide the invaluable criminal capabilities.
Fortunately, counter-hackers have found that the default configuration of the module can itself be hacked and exposes a known password, allowing them to develop equally cheap skimmer scanners.
In the eternal cat and mouse game of poacher and game-keeper, no-doubt our ever innovative organised criminals will move to smaller, more advanced and harder to detect technologies.
The game is afoot!
"IT Crowd" Image courtesy of Channel 4
When 100 credit card numbers can be sold online for $19 a bundle, it's easy to see the appeal for cybercriminals. Credit card information is feeding an entire illicit ecosystem, with some thieves even opening online schools to teach the hackers of the future.