The use of credit and debit cards has become a common practice to make purchases online or in commercial establishments. However, the risk of financial fraud remains a major concern for consumers and financial institutions.
Credit and debit card cloning is one of the most common scams, and it is important to know how it is carried out in order to prevent it.
In Mexico, the National Commission for the Protection and Defense of Financial Services Users (Condusef) recently warned about a "modus operandi" used to clone credit and debit cards without the consumer realizing it.
This method is carried out through Point of Sale Terminals infected with malware. The fraudsters pose as bank personnel and trick the establishment's staff into allowing them access to the payment terminal, claiming they need to perform a system update.
Once they have access, they install malware on the computer that allows all credit or debit card information to be copied each time it is used at the terminal.
Malware has crept into retail terminals
This type of fraud is known as "infected terminal" and is carried out without the owners of the establishments realizing that they have been victims of hacking to clone credit and debit cards. Financial authorities have indicated that when a card enters an infected terminal, several important pieces of information are captured, such as account number, card number, expiration date, card type, among other cardholder data.
Once the fraudsters have this information, they use it to create a copy of the card that is known as a "pigeon card" – a device that stores customer information from various financial institutions. Due to the malware installed by fraudsters, any number can be considered valid along with the PIN, which allows it to be used to make purchases at Point of Sale Terminals or online.
How to prevent credit and debit card cloning?
It is important to be alert and take preventive measures to avoid credit and debit card cloning. Condusef recommends not to lose sight of your card during transactions in stores. This way, you will be able to prevent someone from manipulating it without you realizing it.
It is also important to verify that the stores where you make your purchases are trustworthy and that they have security measures in place to prevent card cloning.
You should also be careful with phishing, that is, fake e-mails or text messages that seek to obtain personal information, such as passwords or card numbers. Never share your personal information with strangers or on untrusted websites.
Finally, it is important to regularly review your account statements for any unrecognized charges or suspicious activity. If you find any charges that you have not made, contact your bank immediately to report them and request the cancellation of the card.