Recently, the Internet Security Office (OSI) has made a publication that alerts about the type of scam known as 'carding', in which criminals take advantage of stolen card information.

Cybercriminals use different techniques to obtain data from victims' cards. One of the most widespread is phishing or smishing. In this case, as we have explained on so many other occasions, the criminal takes advantage of an email or an SMS - even, in some cases, of telephone calls - in which he submits to a third party, usually to a company or a public institution, for the user to deliver the information without notice.

There are also cases in which they resort to malicious code capable of stealing information from the affected devices and even taking the data by capturing the pulsations that the user performs on the keyboard.

Turn off this mobile option and avoid upsets before they hack you

In addition, criminals can take advantage of databases with some security failure, fraudulent websites or readers with RFID or NFC wireless communication capable of obtaining card data. In the latter case, “they approach the victim’s card at a distance of less than 15 centimeters and in a matter of seconds, the data are saved”, explained from OSI.

After obtaining the card data, cybercriminals try online shopping in order to verify that the card information is correct: “Usually, they start buying products or services that have a low amount and will increase them to try to determine the card’s available balance”.

As OSI points out, in general, the carding increases in the periods of major commercial campaigns, taking advantage of the overload of transactions due to purchases, so special attention must be paid at these dates to prevent them from making economic charges that we have not consciously performed.

In addition, at times of the year such as Christmas, Black Friday or sales it is easier to trick the user into delivering their information. For example, by supplanting a trade and offering products at derrib price via email messages.

Tips for not falling into the trap

1. Ignore spam messages or emails with unknown senders.
2. Regularly monitor your banking operations and transactions. Place special emphasis on dates when you make more online shopping.
3. Turn off your mobile device's NFC system while you don't use it or use a card theft guard to keep it in your pocket.
4. When shopping online, make sure the store is trustworthy, and uses a payment gateway or accepts secure payment methods.
5. Use the wallet or virtual cards offered by the bank for online payments.
6. Disable the NFC and RFID option in your bank application if you do not use this payment mode.
7. Under no circumstances do telephone banking data increase.
8. Don't use public computers for shopping.
9. Update the programs and applications you often use.
10. Activate the double authentication factor for card payments and distrust any email asking you for card data or credentials.