November 20, 2024 at 08:52AM
Cybercriminals are exploiting a technique known as Ghost Tap, using near-field communication (NFC) to fraudulently withdraw funds from stolen credit cards linked to mobile payment services like Google Pay and Apple Pay. This method allows transactions without the physical card or phone, complicating detection for financial institutions and retailers.
### Meeting Takeaways – Payment Security / Cybercrime (Nov 20, 2024)
1. **Emergence of “Ghost Tap” Technique**:
– Threat actors are using a new method, known as “Ghost Tap,” to exploit mobile payment systems like Google Pay and Apple Pay.
– This technique allows cybercriminals to conduct fraudulent transactions without needing physical access to cards or devices.
2. **Method of Attack**:
– Victims are often tricked into downloading mobile banking malware through methods like overlay attacks or keyloggers.
– Cybercriminals capture banking credentials and one-time passwords.
3. **Linking Stolen Cards**:
– Once cybercriminals have card details, they link the card to mobile payment services.
– To remain undetected, they utilize mules for making purchases, preventing immediate blocking of cards by issuers.
4. **Use of NFCGate Tool**:
– The legitimate tool NFCGate is being repurposed by criminals to relay NFC information between devices.
– This creates a relay system between stolen cards and retail Point-of-Sale (PoS) terminals.
5. **Transactions and Anonymity**:
– The method allows transactions to appear as if they’re originating from the same device, complicating fraud detection.
– Transactions can occur even if the device is in airplane mode, challenging location tracking.
6. **Scale of Operation**:
– Cybercriminals can perform multiple transactions across different locations simultaneously, using mules to facilitate purchases.
– The approach significantly increases the scale of the fraud operation and poses serious risks to financial institutions and retailers.
7. **Challenges for Detection**:
– The rapid evolution of communication networks, coupled with inadequate fraud detection mechanisms at ATMs and PoS terminals, enables such background frauds to occur unnoticed.
8. **Implications**:
– This technique presents substantial challenges for the security of financial transactions and the integrity of payment systems.
### Next Steps:
– Monitor developments regarding the “Ghost Tap” technique and its implications for security measures.
– Consider enhancing fraud detection mechanisms in response to advanced cyber threats.