November 20, 2024 at 11:45AM
Cybercriminals are exploiting a method called ‘Ghost Tap’ to cash out stolen credit card details via mobile payment systems, using money mules worldwide. This tactic, more sophisticated than past methods, enables remote cash outs at multiple locations, making detection difficult for financial institutions. Consumer vigilance is essential to prevent losses.
### Meeting Takeaways: Ghost Tap Tactic Overview and Implications
#### New Cybercrime Method: Ghost Tap
– **Description**: Ghost Tap is a method used by cybercriminals to illegally cash out from stolen credit card details associated with mobile payment systems (Apple Pay, Google Pay). It utilizes NFC (Near Field Communication) technology and connects money mules across various locations.
– **Relation to Previous Tactics**: This new approach builds on the NGate malware method identified by ESET, which similarly relayed NFC signals from payment cards.
#### Key Features of Ghost Tap
– **Detection Challenges**: Ghost Tap is more sophisticated than its predecessor, NGate, as it doesn’t require the victim’s device or continuous interaction.
– **Operation**: Involves a relay server that directs stolen payment data to a network of money mules, complicating the tracing of fraudulent activities and the primary attackers.
– **Methodology**:
– Attackers steal payment card details and intercept OTPs for enrolling in virtual wallets.
– Options for stealing data include banking malware, phishing, and social engineering.
#### Differences from NGate
– **Types of Transactions**: Unlike NGate, which focused on small ATMs withdrawals, Ghost Tap primarily conducts point-of-sale cash outs across multiple locations using small transactions, making tracking more difficult.
– **Risk Distribution**: Ghost Tap minimizes risk to direct attackers by dispersing transactions among multiple mules.
#### Detection & Prevention Challenges
– **Recognition**: Financial institutions struggle to identify Ghost Tap transactions, as they appear legitimate, often consisting of numerous small payments across various locations.
– **Threat Fabric Insights**: The scale of fraudulent offline purchases poses significant challenges for anti-fraud mechanisms, allowing larger amounts to be stolen despite individual transactions being small.
#### Recommended Protective Measures
– **Bank Protocols**: Banks should flag transactions that occur in locations that are not feasible to reach within the given time frame.
– Example: A purchase in New York and another in Cyprus within ten minutes should raise red flags.
– **Consumer Alerts**: Consumers are encouraged to monitor bank statements for unauthorized charges and report any suspicious activity immediately to minimize potential losses.
### Conclusion
The Ghost Tap tactic emphasizes the evolving nature of cybercrime, creating new challenges for financial institutions and users alike. Proactive measures from banks and vigilant monitoring by consumers are crucial in combating this threat effectively.