Home » Business » ATM, a sophisticated scam is spinning: beware of contactless payments

ATM, a sophisticated scam is spinning: beware of contactless payments

Not just phishing. Even the ATM card can fall victim to new technologies, if these are applied illegally.

Photo © AdobeStock

The use of ATMs is the most frequent one can affect the life of consumers. Especially in recent times, given that it has been chosen to favor the way of traceable payments as much as possible and, consequently, the use of electronic forms of transactions. Both on the side of the buyer and the seller, the aim is to encourage the use of cards, wire transfers and indeed ATMs, with the hope of being able to progressively reduce the use of cash and, consequently, illegal practices such as evasion and money laundering. Not a long-term mission, given that stringent regulations have already been introduced and the pandemic has indirectly favored such practices, even remotely.

The problem is that, as much as it undoubtedly makes things easier, technology has discovered our money’s side in attacking web criminals. And, despite the effective security systems adopted by the institutions and platforms that carry online payments, running into a rip-off is far from rare. There is not only phishing but a whole series of fraudulent practices aimed at wedging exactly between the consumer and his payment instrument. The goal is not only to extort money directly but also to obtain personal data useful for carrying out the scam (mostly illicit accesses to current or prepaid accounts).

ATM scam: what can happen is scary

ATMs, scam alarm: theft is also carried out in the subway

The first rule, when making a withdrawal or an ATM card payment, is to cover the numeric keypad. This will prevent anyone from peeking while we type the Pin code. Increasingly, however, merchants invite the customer to touch the POS device for a few seconds with the card, so as to authorize small payments. A possibility granted, according to the legislation introduced in 2021 (the PSD2), only for payments up to 50 euros per day. Apparently very simple operations but which, as they travel on technological channels, can be attacked if on the other side there is someone expert enough to interfere in the so-called two-way communication. Which happens strictly without wires.

T for Scam: they present themselves as Enel operators but then …

In those situations, apparently harmless, the rip-off takes place. In fact, in the most crowded places, a virtual POS would be sufficient, through an app set on the phone, to create a fake transaction. The same could happen during a withdrawal at an ATM or even on the metro. Relative proximity is enough to be able to “connect” the POS with the card and, in fact, authorize illegal payments. The scam could make even 100 euros disappear with a single transaction. Something similar to what happens with prepaid cards with the top-up system, with the difference that, with the ATM, the charge can be contested. A possible remedy could be the use of silver paper to protect the card or the purchase of a special wallet. Constant monitoring of account movements, however, remains the best solution.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.