Martin Lee @ Sg
Sharing is Caring!

Fraudulent Credit Card Transactions

After the recent DBS ATM fraud incident, one of my readers wrote in to share his experiences with credit card fraud.

Before I share that with you, here is an interesting piece of news about a highly sophisticated banking fraud.

New PC virus steals your money and then creates fake online bank statements

Apparently, there are computer virus that not only can steal the passwords to your banking account, but they can also create fake online statements so that you do not know that your money has been stolen.

Now, that is something to be worried about!

Anyway, the email about the credit card fraud can be found below:

“About 10 years ago because of work, I go to Malaysia every week. I typically use my company card to charge at hotels and restuarants during my busines trip. Then one day, I received a statement from xxx credit card with an unknown S$6,000 expenditure. The transactions were done in Mid Valley upscale shopping mall. Fortunately they were done on a Saturday and I was able to prove that I was already back in S’pore on Friday through my immigration records.

These kind of unauthorized transactions went for another few months and xxx has to keep changing my credit every month or so, The problem did no go away even after the frequent change of credit cards. It means the syndicate is really super high tech. Finally, xxx came out with a system that whenever my card is used in Malaysia, their staff will came my mobile phone immediately to verify if I was the user. Only when I approved it, they will allow the transaction to go through. It was very troublesome for both me and their staff. But this proves to be an effective4 method and the problem disappear.

Now my experience in USA. 3 years ago, I encountered the same problem. This time I was using a credit card issued by a U.S bank. The syndicate used my card to spend US$5,000+ in about 80 small transactions at petrol kiose and convenient stores all in two days. Amazing. Fortunately, I was able to prove that I was working in Southern California at that time but the transactions were in Northern California.

Those two incidents had caused me great stress and inconvenience over quite a period of time. In both of those experiences, I had my credit cards in my possession all the time and they were never lost ! So my conclusion is no matter how high tech and secured a bank claims they and their technology are, I never believed them.

I had at one stage about 10 credit cards because all were given to me free with no subscriptions. I was so proud to have so many cards but never though of the risks that they carried. After the first incident 10 years ago, I cancelled all except one. Until today, I still have only 1 ATM card with limit $$$ inside and 1 credit card with a small limit. They are sufficient for me to spend for a month but will not hurt me financially in any unfortunate situation.

In fact, the bank finds me a bit weird as most people wants as high a credit limit as possible but instead I asked for only a small fraction of what they are willing to offer. Free credit cards are still very tempting to me today, but I had to be disciplined to decline the offer. I also wonder about so many Singaporeans like to have so many credit cards and ATM cards in their wallet. Are they necessary? Have they thought about the risks? But it is up to each individual; it’s their money. I just hope to share my experiences to create awareness and leave the decisions to individuals.”

Leave a Comment:

Notify me of followup comments via e-mail. You can also subscribe without commenting.

5 comments
sender says 7 years ago

Breaking News!

Two Malaysian men believed to be part of ATM skimming syndicate arrested by police
08:15 PM Jan 13, 2012
Two Malaysian men, aged 27 and 39, believed to be members of a transnational ATM skimming syndicate were arrested by the police yesterday.

Police officers seized an assortment of paraphernalia used for ATM skimming, including a customised panel with a pin-hole camera and a simulated Foreign Device Inhibitor (FDI) believed to have been fitted with a card skimming device when they raided a hotel at Lorong 22 Geylang. Police investigations are ongoing to determine the involvement of the two subjects in the spate of ATM skimming cases reported in the Bugis area recently.

The two Malaysians, who are on social visit passes, will be charged in Court on January 14 for possessing equipment for making a false instrument with intent to induce prejudice under Section 473B of the Penal Code which is punishable with imprisonment of up to 10 years, or a fine, or with both.

Police would like to remind members of the public to be vigilant in safeguarding their personal financial information, including their Personal Identification Numbers (PINs) and other security passwords. If they find any discrepancy in their financial statements, they should notify the relevant financial institutions immediately.

They should also observe ATMs for signs of tampering before making cash withdrawals, and notify the financial institutions or the Police immediately if they detect anything unusual. The Police will continue to work closely with financial institutions and other strategic stakeholders in safeguarding Singapore’s banking system.

Reply
Singaporean says 7 years ago

I think the recent incident involving over 400 atm card holders is not a result of skimming as it is too time consuming and labour intensive to skim so many card holders. A much easier way is for an insider, probably a foreigner with good I.T. programming skills, to do a copy of sensitive information and then passing the downloaded program to an accomplice in Malaysia who can then fabricate duplicate cards with the relevant data to withdraw cash enmass.
We are now beginning to see the folly of saving a few dollars hiring cheaper foreigners but paying the price of losing much more when foreigners with different values and no loyalty and no qualms about damaging Singapore’s reputation built up over decades for personal gains. The sooner we see this link, the earlier we can put things right as the branding of Singapore, that cost us billions to built up, is slowly but steadily being eroded if we continue our mass import of cheaper foreigners. The cost of nonconformance will be simply too high for Singapore to pay and only time will reveal our follies if we continue on this road of doom.

Reply
    Martin Lee says 7 years ago

    Dear Singaporean,

    I think they isolated the problem to an ATM at Bugis. Apparently, all the cards that were affected had used that machine in a particular period of time last year.

    So, it is very likely to be skimming.

    Reply
sender says 7 years ago

It is easy to fake a credit/debit card as data stored on magnetic can be easy stolen. The credit card industry previously has in mind a more secure, less easy to duplicate feature using embedded microchip on card but it was subsequently abandon as merchants find it too costly compared to the very cheap magnetic type. So, it is cheap now but someone has to pay if the card is compromised.

On your the other article about PC creating new virus and then fake the account online. It says it was detected in some cases in the US and UK. My understanding is that in the UK, US, and even HK, the banks there do not require a second factor authentication to do online transactions, which make it easier for cyber criminal. Also, there are customers in UK and US who use website aggregator for all their financial transactions which can further compromise their accounts.

In Singapore, MAS has made it compulsory to have 2-factor authentication with another more-beefed up token soon by end of the year. All these additional security costs money but worth it if it assure security and give us confidence to use it. As in any security matter, the weakest link is usually the end user. End user must also play their part to find out more and learn what can and cannot do while online and being alert and watchful. This is not to absolve the banks. Both must play ball.

Cyber criminals are always poking to find holes in any security system. So, it is a never ending cat-and-mouse game. Banks and the MAS just have to ensure our banking system stays a step, or two, ahead of cyber criminals.

Actually, i have more immediate concern with all the SAM, AXS, and other payment kiosks that accept ATM cards. Many of these machines do not have anti-skimmer devices installed. Is this itself another loophole for criminals to exploit??

Reply
    Martin Lee says 7 years ago

    Dear Sender,

    You are right. Those could be easier targets for skimming.

    Reply
Add Your Reply

Notify me of followup comments via e-mail. You can also subscribe without commenting.