For 2015 the Scam was conducted over 260 thousand transactions issued by Russian banks on plastic cards, the total damage amounted to approximately 1.14 billion of the Central Bank of Russia.
The document notes that, compared with 2014 unauthorized transaction volume decreased by 27%, while the share of fraud transactions in the total volume of card transactions declined gradually throughout 2015. In particular, by strengthening security measures, the scammers almost lost the opportunity to use their Bank cards in the cash points: if in the II quarter of 2014, criminals have managed to get so more than 24 million rubles in April-June 2015 — only 480 thousand rubles.
There was also a decrease in the number of cases where criminals have managed to obtain money from an ATM. In the most successful for them in the first quarter of 2014, the fraudsters managed to steal so more than 202 million rubles, in the fourth quarter of 2015, the volume of theft from ATMs has dropped to 59 million rubles.
The Central Bank attributed this development with a mandatory transition of banks issuing cards equipped with chips. Through this approach, far fewer fraudsters manage to cash a fake map — the share of such transactions in the total amount of fraudulent transactions has decreased from 24% at the beginning of 2014 to 8% in late 2015. At the same time in one and a half times reduction in the number of operations carried out by scammers using stolen from the rightful owners or lost their cards.
At the same time, the share of transactions carried out by fraudsters over the Internet with details of someone else’s “plastic” has increased from 65% to 84%. In 2015 there were more than 190 thousand so-called CNP transactions, that is transactions conducted online or by phone without a physical credit card (Card not present transaction). The volume of such transactions scams amounted to half of all unauthorized card transactions.
“Thus, in 2015 there has been a tendency to the displacement of interest “card” scams contact infrastructure (ATMs, tangible medium of payment cards) in more technological infrastructure of remote access (online banking, e-wallets, online and mobile transactions)”, — stated in the message of the Central Bank.
In addition, in 2015, increase the number of cases of misappropriation of funds of Russians using e-banking systems (DBS, Internet-Bank, SMS-banking, telephone banking). If in the last three months of 2014 there were only about 1.6 thousand such transactions, in the fourth quarter of 2015, that number exceeded 15 thousand in the vast majority of cases (92%) stop charging money from individuals ‘ accounts could not, that one or another operation is carried out by scammers banks in nine cases out of ten can be recognized only after customer complaints.
Activation of card fraud in the field of e-banking and CNP transactions, the authors of the report of the Central Bank associated with the General increase of popularity of Internet services payment of goods and services and payments from mobile devices, and that the fraudsters don’t need to buy special equipment and skills — all necessary information can be obtained from the legitimate holders by using “social engineering techniques”.
“The most common method of gaining unauthorized money transfers using a mobile device is infected with malicious code. In this case, the attacker has the possibility of drawing up instructions concerning the transfer of funds and notice regarding the completion of the transfer of funds may not be available to the owner of the phone. Furthermore, social engineering methods used by hackers in the dissemination of information that encourages the client to disclose information necessary for the implementation of remittances on his behalf, including authentication information”, — stated in the report of the Central Bank.
Often in 2015, who access e-banking fraudsters stole from the accounts of the Russians have quite a modest amount — from 1 thousand roubles to 10 thousand roubles (approximately 9.7 thousand times) and from 10 thousand rbl. to 50 thousand rbl. (almost 13.7 thousand times). However, at least one of the criminals managed to take away from someone else’s account more than 20 million rubles.
In connection with the change in the way card fraudsters, the Bank of Russia recommended credit institutions to actively introduce technologies aimed at confirmation of remotely executed operations, use a system of fraud monitoring, and to inform customers about the risks of using payment cards on the Internet.