Electronic crime takes on epidemic proportions as gangs specialize in stealing PINs and passwords
Forty-five-year-old cardiologist K.S. told Kathimerini: «A few months ago, I was in Vancouver on vacation. While I was there I used credit cards for purchases and payments. When I got back to Greece, I had a call from my bank telling me that my card had been used for purchases in Tokyo. Purchases to the value of 8,000 euros had been made in the space of 24 hours. They asked me if I could remember where I had used my card and later invalidated the sale. I hadn’t a clue what was going on. «After an investigation, they established that my data had been stolen after a payment at a well-known clothing store. Luckily, the bank undertook to cover the loss.» K.S. is just one of the thousands of victims of gangs that make huge profits from unsuspecting consumers. The police and the facts themselves confirm that «cloning» of credit cards and the theft of e-banking passwords have taken on epidemic proportions. In Greece, gangs have swindled millions of euros from tens of thousands of victims, and banks and businesses seem to have no defenses against the perpetrators. A typical example was the theft of credit card codes from a large supermarket chain in Greece, which was never made public. Sources told Kathimerini that the supermarket’s management kept a file with shoppers’ credit card codes so as to individualize their marketing and promotion strategies. So far so good. But due to lax security precautions, the list with the codes of more than 10,000 customers got into the hands of fraudsters who managed to hack into the company’s computer system. Then came cash withdrawals, payments and purchases of thousands of euros’ worth of goods in the name of the legitimate credit card holders. In the end the affair was hushed up, and the bank and the supermarket chain covered the cost in order to avoid the consequences of adverse publicity. «Banks and businesses choose to handle the problem internally, without resorting to the options provided by law. They take the view that publicizing the matter will harm their commercial credit and that they may lose clients,» attorney Marinos Papadopoulos told Kathimerini. In similar cases abroad, data stolen from client lists may end up being sold on the Internet. The usual price for five credit card codes is 100 euros. You pay the money, then forge credit cards and spend thousands of euros on purchases, observers say. A similar but unprecedented case came to light recently in the US, Canada, Ireland and Puerto Rico, where persons unknown managed to hack into a chain-store database and steal the codes of 45.7 million credit cards. The most common method of cloning is to install in an ATM a microscopic chip similar to those used in cell phones. «When you make a transaction, the data recorded on the magnetic strip are transferred to the bank but also to the swindler, who then clones the card and makes transactions on the other side of the world,» an Electronic Crime Squad official told Kathimerini. Such a crime took place at a popular Kolonaki restaurant, netting more than 2,000 victims. Those who paid by credit card fell prey to a gang that cloned their data and later performed transactions in Australia. There are two common methods of stealing online banking access codes. In the first, the fraudsters send the user an e-mail with a virus that enables them to observe and record his keystrokes. When the victim accesses the bank’s website to make a transaction, the criminals copy his access codes and transfer his money to an account of their own. Just last week, a 30-year-old Ukrainian member of a Russia-based crime ring was arrested in Athens. He had used Trojan software to gain illegal access to the banking data of scores of people throughout Europe and transfer large sums of money. From one German alone he stole 6,000 euros. The second method, known as phishing, which uses misleading messages to collect data, is still popular. In this scam, swindlers send e-mails purporting to be from banks asking recipients to fill in forms with details that include their bank account number. Although the first case was reported back in 1996, a survey by The Guardian newspaper showed that 58 percent of Internet users were still unaware of the danger. In Greece, 22 cases of phishing were investigated between September 2006 and February 2007. International gangs target ATMs. So far this year, two such gangs who specialized in cloning cash cards and siphoning off some 1 million euros from their victims have been busted in Greece. One gang, whose members were tracked down in Thessaloniki in February, used miniature cameras and magnetic tape to steal the data of ATM users and clone their cards with phone cards. In an investigation that involved Interpol, five French citizens and one Italian were arrested in Thessaloniki with 300 forged cash cards. They had been making cash withdrawals with cards cloned in Britain and France. The members of another international gang whose activities came to light a few weeks ago employed a similar technique. They had interfered with dozens of ATMs in Ambelokipi, stealing 500,000 euros from the customers of one bank alone.
