Horror Android and iPhone mistake lets ‘Ghost Tap’ crooks clone your card to go on spending sprees
Without requiring the victims’ actual card or phone, a NEW money scam that targets owners of Android and iPhone devices can drain their bank accounts.
The ‘Ghost Tap’ assault is duplicating cards associated with Apple Pay and Google Pay, according to Threat Fabric’s mobile security experts.
Cybercriminals can send victims’ card information to money mules throughout the world, who can take out cash without even losing a credit card or device.
Last year, a similar strain of malware—malicious software—was discovered.
Researchers at ESET found this earlier virus, called NGate, which allows crooks to make tiny ATM withdrawals and contactless payments.
Experts have cautioned that the current Ghost Tap operation is considerably more hazardous and challenging to identify.
READ MORE ON SCAMS
Ghost Tap thieves can purchase anything they want from any card reader worldwide rather than using ATMs to withdraw money.
In order to accomplish this, criminals first obtain your card details and intercept the one-time passwords required for Apple Pay and Google Pay.
Usually, financial malware that infiltrates your authentic digital payment or banking software does this.
Additionally, phishing scams and spyware can be used to steal one-time passwords.
After that, a vast network of money mules receives your card information.
To make purchases with your hard-earned money, the mules use a relay server to send your payment details to their smartphone, which can imitate your Apple Pay or Google Pay.
Criminals will use “airplane mode” on their gadget to avoid detection.
According to Threat Fabric, this kind of attack has increased significantly in frequency recently, Bleeping Computer was informed.
Smaller transactions could go unnoticed, according to security experts, even though your bank’s anti-fraud procedures might detect these anomalous payments.
ThreatFabric noted, “The new tactic for cash-outs poses a challenge for financial organizations.”
“The ability of cybercriminals to scale the fraudulent offline purchases, making multiple small payments in different places, might not trigger the anti-fraud mechanisms and might allow cybercriminals to successfully buy goods that can be further re-sold (like gift cards).”
Even little amounts, nevertheless, add up.
Read More on The US Sun
Experts worry that victims may suffer large losses as a result of the extensive global network of money mules.
The bank should be able to identify fraud, though, if payments are made that shouldn’t be physically conceivable, like purchases made in New York and Amsterdam within ten minutes of one another.
Note: Every piece of content is rigorously reviewed by our team of experienced writers and editors to ensure its accuracy. Our writers use credible sources and adhere to strict fact-checking protocols to verify all claims and data before publication. If an error is identified, we promptly correct it and strive for transparency in all updates, feel free to reach out to us via email. We appreciate your trust and support!