IGCSE ICT 0417 - Safety and Security

8. Card Fraud

Card fraud is a serious crime involving the unauthorized use of someone else's payment card for financial gain. It encompasses various methods, which we will explore in detail below. Understanding these methods is crucial for implementing effective security measures.

Types of Card Fraud

There are several common types of card fraud:

• Shoulder Surfing: This involves a fraudster discreetly observing a person entering their PIN at an ATM or point-of-sale terminal.
• Card Cloning: This is the process of creating a counterfeit card using the information from a genuine card.
• Keylogging: This is a type of malware that records every keystroke made on a computer, potentially capturing card details entered online.

Shoulder Surfing

Definition: Shoulder surfing is a social engineering technique where a fraudster secretly watches someone entering their PIN or password.

How it works:

1. The fraudster positions themselves close to the victim.
2. They feign interest in something to distract the victim.
3. While the victim is distracted, the fraudster glances at the PIN or password being entered.

Prevention:

• Shield the keypad with your hand when entering your PIN.
• Be aware of your surroundings, especially in crowded areas.
• Avoid entering your PIN in public places where it can be easily observed.

Card Cloning

Definition: Card cloning is the process of creating a counterfeit card by copying the information from a genuine card onto a blank card.

Methods of Card Cloning:

1. Magnetic Stripe Cloning: Using a device to read the magnetic stripe on a card and copy the data to a blank card.
2. Chip Cloning: More advanced methods involving reading the data from the chip on a card and transferring it to a new card.

Prevention:

• Use chip-based cards, which are more secure than magnetic stripe cards.
• Be cautious when using ATMs or card readers in unfamiliar locations.
• Regularly monitor your bank statements for unauthorized transactions.

Keylogging

Definition: Keylogging is a malicious software (malware) that records every keystroke made on a computer. This includes usernames, passwords, and credit card details.

How it works:

1. The keylogging software is installed on the victim's computer, often without their knowledge.
2. It records every key pressed, sending the information to the attacker.

Prevention:

• Use reputable antivirus and anti-malware software.
• Be careful about clicking on suspicious links or downloading attachments from unknown sources.
• Keep your software up to date, as updates often include security patches.
• Consider using a hardware keylogger detector.

Fraud Type	Description	Prevention Methods
Shoulder Surfing	Secretly observing PIN entry.	Shield keypad, be aware of surroundings.
Card Cloning	Creating counterfeit cards by copying data.	Use chip cards, be cautious at ATMs, monitor statements.
Keylogging	Malware recording keystrokes.	Antivirus, avoid suspicious links, keep software updated.

By understanding these different types of card fraud and implementing appropriate preventative measures, individuals and organizations can significantly reduce their risk of becoming victims.