Translated by
2019/08/13 11:47:45

Fraud with bank cards



Main articles:


Swindlers thought up a new method of deception of Russians by phone from a bank name

On August 12, 2019 it became known of a new method of fraud with bank cards in Russia. Malefactors do not ask the victims of personal data and by that do not cause suspicion.

According to Rossiyskaya Gazeta, malefactors in telephone conversation are represented by employees of the bank and announce users that their means try to display illegally from the account in other region.

Data of the smartphone force to transfer by deception people. After that malefactors get access to confidential information
Data of the smartphone force to transfer by deception people. After that malefactors get access to confidential information

Swindlers say to the victim that they blocked attempt of write-off of money, and suggest to verify devices which have access to a personal account. Then they learn  whether the client uses the device with the Android operating system or iOS. After that malefactors suggest to help to disconnect a system which the client, using the program of delegation of access TeamViewer does not use.

This software allows to be connected to the smartphone by special number (ID) and to make any transaction on behalf of the owner. Chances to prove attempt of cracking are minimum as the user provides access voluntarily.

The correspondent of Rossiyskaya Gazeta  did not begin to install the third-party application, and  instead submitted the application for  suspicion for  fraud to  the Main thing investigative  upravleniyemvd. In three days the address of the journalist was redirected to Bureau of special technical events of General Directorate of Ministry of Internal Affairs. Still several days later a certain employee contacted the reporter for refining of a residence address.

Messages about  new schemes of fraud appear regularly, and  in most cases criminals try to use carelessness and  trustfulness of citizens. According to the Central Bank of the Russian Federation, almost in  every third case Russians  lose means on  the accounts because of own carelessness  at the address with  Internet services and  mobile devices.[1]

The Central Bank told about new fraud at money transfer via the ATM

On July 5, 2019 the Central Bank of the Russian Federation told about a new type of fraud at money transfer via the ATM. This method is based on "imperfection of scenarios of processing of transfers" and connected with money transfer from the card on the card, said in  an obzorecentre of monitoring and response to the computer attacks in the credit and financial sphere (FINTSERT — structural division of the Bank of Russia) for 2018. 

The Bank of Russia detected a new method of fraud with canceling of transactions from the card on the map with use of ATMs
The Bank of Russia detected a new method of fraud with canceling of transactions from the card on the map with use of ATMs

The person selects from the ATM transfer from the client to the client (P2P) then he dials the card number of the receiver. Then the bank sends messages on authorization to bank receiver and bank sender. To the client the notification about approval of transaction from both banks practically at the same time comes.

Then the actual transfer when the balance on the card of the receiver increases is executed. On the card of the sender at this moment amount of transfer is frozen.

Then the ATM "asks" the sender about consent to write-off of commission charges for transaction. The sender does not agree therefore the bank initiator sends the message about return to bank sender and bank receiver  — the Central Bank explains.

The means frozen on the card of the sender will be unblocked, however by this moment the receiver manages to withdraw the funds sent it.

For risk minimization of the attacks of the Central Bank recommended to check correctness of scenarios of operation of ATMs, first of all sending the message about return of means to bank of the sender of means should happen only after a successful completion of transaction of return towards payee bank.

In the report of FINTSERT it is also said that in 2018 hacker the Cobalt groupings ( also FIN7 is also known as Carbanak)  and Silence was succeeded to steal more than 58 million rubles from the Russian banks. It is more than 17 times less  than results of the 2017th — then FINTSERT reported on losses of the Russian banks in the amount of more than 1 billion rubles.[2]

In Khabarovsk the swindler stole money from bank cards by an unusual method

In May, 2019 information that the staff of Regional Office of the Ministry of Internal Affairs of Russia across Khabarovsk Krai delayed the 23-year-old native of Nikolaevsk - on - Cupid appeared, suspected of participation in a series of thefts from bank accounts of citizens[3].

According to the message[4] of the press service of department, the malefactor acted in different districts of the city, generally in large shopping centers and in shops. He selected ATMs where there were small queues, and then using the proximity bank card transferred money for the phone number, but did not complete operation and departed. The person following the swindler inserted the bank card and a system automatically completed the previous operation and charged the specified amount off an account of the victim.

Further the suspect through electronic payment systems transferred the stolen funds to the account or for the card of the acquaintance and cashed.

During a search at the place of residence of the suspect bank cards, electronic media of information, SIM cards and also mobile phones were withdrawn. The preliminary amount of damage is estimated at 50 thousand rubles. Concerning the young man criminal case according to Part 3 of Article 158 of the Criminal Code of the Russian Federation ("Theft") is brought. Article prescribes the maximum punishment up to 6 years of imprisonment.

2018: Plunder from bank cards became separate crime

The bill toughening punishment for theft of funds from bank cards, the State Duma accepted in the second, final reading. Theft of funds from bank cards will be considered from now on as fraud — the relevant amendments will be published in the Criminal code of the Russian Federation. For such crime threatens violators up to 6 years of prison[5].

To avoid severe penalty till this day malefactors wrote off money the small amounts, however, the total amount of plunder becomes comparable to serious crimes in this connection deputies decided to toughen punishment and to make it criminal.

Besides, if swindlers at theft of means use someone else's electronic payment instrument, for similar act will threaten them up to three years of imprisonment.

2017: The State Duma will increase term of deprivation of freedom for embezzlement from bank cards

The State Duma of the Russian Federation in October, 2017 at a meeting on Wednesday adopted in the first reading the amendments in the Criminal Code (CC) setting separate punishment for embezzlement from the bank account and electronic money. According to the bill, punishment for such crime can be changed from these four months to three years of imprisonment.

The relevant bill was entered by group of deputies headed by the Chairman of the Committee of the lower house of parliament on the financial market Anatoly Aksakov (Just Russia).

The document provides entering of additions into  Article 159.6 of the Criminal Code of the Russian Federation (Fraud in the field of computer information) the qualifying signs — embezzlement from the bank account, and equally electronic money and also introduction of amendments to  Article 159.3 of the Criminal Code of the Russian Federation (Fraud using electronic payment instruments).

In particular it is offered to enshrine  in the Criminal Code of the Russian Federation responsibility for "the plunder of someone else's property committed using counterfeit or the electronic payment instrument belonging to other person, including credit, account or other payment card, by deception of the authorized employee of credit, trade or other institution". The maximum punishment for this crime should be enhanced from the operating four months to three years of imprisonment

The initiative also provides decrease in threshold values of the amounts of large and especially major damage for the crimes provided by these articles (250 thousand rubles and 1 million rubles respectively). According to the existing penal legislation, the maximum punishment for embezzlement from the bank account in especially large size makes 10 years of imprisonment.


Thefts from bank cards are afraid of 65% of Russians

By data VCIOM of 65% of Russians with a concern treat a possibility of theft of their means and personal information from electronic accounts and bank [6]

Specialists of the All-Russian Public Opinion Research Center also found out that users of "plastic" are afraid to face loss of money because of information distributed by malefactors through SMS or by e-mail (56%).

Besides, every third Russian faced the illegal acts connected with cellular communication and Internet services. Are highest a share of such cases among youth (36% 18-34-year-old), Muscovites and Petersburgers (37%), active Internet users (38%) and residents of the average cities (43%).

When using bank cards only 36% of respondents have feeling of security, 58% feel the vulnerability rather.

Prices of cracking of bank cards

The Dell SecureWorks company which specializes in assessment and the analysis of information security of computer systems published in the summer of 2016 "price list" of service prices of hackers worldwide.

"Services" considerably fell in price by cracking of bank cards. So access to the Visa and Master Card cards of the American bank will cost $7, European Bank – $40. Cracking of the Premium Visa and MasterCard credit card will cost $30-80.

Scales of unauthorized bank card transactions impress – for 2015 in Russia more than 260 thousand fraudulent transactions for the amount of 1.14 billion rubles were perfect.

See Also: Quotations of user data in the market of cybercriminals


Fraud on credit cards in Britain grew

According to Experian in Britain fraud level on the current accounts in 2015 grew more than twice: with 73 on each 10,000 requests in January to 156 on 10,000 requests in December. Growth of fraud on the current accounts also promoted change of a ratio between fraud of the first person and plunder of personal data. At the beginning of 2015 51% of the requests on all financial products recognized fraudulent and rejected were classified as fraud of the first person, and 49% – as attempt of theft of personal data (fraud of the third party). By the end of the year — it the ratio considerably changed – in December 59% fell to the share of plunder of personal data.

Fraud on credit cards in January, 2015 made in Britain 36 on each 10,000 requests, however within a year increased to 55 by 10,000 requests. The same way, fraud according to insurance policies made 37 on each 10,000 requests at the beginning of a year, but grew to 68. As well as in a case with fraud on the current accounts, fraud on credit cards was substantially connected with plunder of personal data.

"Fraud on the current accounts moved to the forefront in 2015. The leading role in it was played by the criminals stealing personal data. The positive aspect consists that promulgated digits belong to the revealed and prevented fraud, i.e. demonstrate reliability of the systems protecting financial products, - Frolova Natalia, the marketing director of Experian, Russia and CIS comments. – However, all of us nevertheless need to be vigilant and to try to follow not it and to difficult rules of preserving of security of the personal data".

How to secure itself against theft of personal data

  • Always tear or otherwise destroy the documents which became unnecessary containing your personal data, do not throw out them entirely at all.
  • Do not react at all to "cold calls" and electronic messages in which account details, PIN codes, passwords or personal data ask to provide you.
  • Do not report about yourself too many data on social networks, for example, of a nickname of pets which you can use as passwords.
  • Regularly trace mail that the nobility when to expect important finance or other documents which may contain your personal data and take measures in case of their absence.
  • When moving be not too lazy to reach mail and to warn them about need of readdressing of your mail.
  • Always use reliable unique passwords for the greatest possible quantity of accounts on the Internet, and ideally – the individual password for each of them. As a last resort think up unique passwords for each type of service providers, such as financial institutions, online stores and e-mail.
  • You do not store the login and the password on the smartphone: in the electronic message, in the form of a note or for "automatic filling" when opening the website or the application. This information will become a pot of gold for swindlers in case of loss or theft of your phone.
  • You are not lazy to check statements on bank accounts and cards regarding suspicious transactions.
  • Regularly check the Credit history: there all your actions on the credits so you will be able to reveal the expenses which do not have relations to you are specified.

2013: Russia is in the lead on growth rates of losses from fraud with bank cards (+27% in a year)

Russia won first place in Europe on growth rates of losses from fraudulent transactions with bank cards in 2013. The volume of these losses in Russia in 2013 grew by 27.6% in comparison with an indicator the previous year and, respectively, by 10 times in comparison to data of 2006, and for 365% – 2008.

On the volume of these losses which increased by 22.5 million euros and reached 104.1 million euros last year Russia is in the fourth place among 19 European countries. It is advanced:

  • Britain (534.9 million euros),
  • France (428.9 million euros) and
  • Germany (116.3 million euros).

The data provided on the interactive map developed by FICO "Evolution of card fraud in Europe 2013" are like that.

At the same time, in Russia fraud with cards by the so-called method Card Not Present is much lower, than in countries of Western Europe (in our country its share of only 3% of losses). One third of the Russian losses (1683.8 million rubles) is the share of Counterfeit Cards and about the same (1599.4 million rubles) – of Lost and Stolen. Fraud by method ID Fraud in Russia yielded losses in the amount of 685.2 million rubles.

"FICO notes that in those conditions when the market is not saturated yet and distribution of cards in Russia continues, the threat of fraud is not so obvious – but the speed with which losses from it increase guards. Specialists of FICO warn that when growth rates of the card market are aligned, and losses will increase, the solution on implementation of developments on counteraction to fraud can be overdue – on installation and obtaining result can leave from six to eight months", - the head of FICO in Russia Shtemanetyan Evgeny says.

In 2013 cumulative losses from fraud with cards in 19 European countries made 1.55 billion euros, having even a little exceeded an indicator of 2008 when the last peak value was observed.

See Also


  1. You are called from bank
  3. In Khabarovsk the swindler stole money from bank cards
  4. In Khabarovsk it is delayed suspected of a series of thefts of money from bank cards
  5. Plunder from bank cards became penal crime: State Duma
  6. kartopros the VCIOM was carried out on December 10-11, 2016, in it 1.6 thousand people took part in 130 localities in 46 areas, edges and the republics of 8 federal districts of Russia. The statistical error does not exceed 3.5%.