Xossip

Go Back Xossip > ChitChat> Life, Lifestyle, Personal Advice & Tips > How is Debit Card fraud done without OTP

Life, Lifestyle, Personal Advice & Tips Post your questions and problems on any subject. Fellow members will try to help you.

Reply Free Video Chat with Indian Girls
 
Thread Tools Search this Thread
  #11  
Old 2 Weeks Ago
coconutpalm's Avatar
coconutpalm coconutpalm is offline
www.FilesFlash.net
 
Join Date: 10th April 2006
Location: Aruba
Posts: 24,876
Rep Power: 56 Points: 11422
coconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universe
UL: 84.11 gb DL: 40.21 gb Ratio: 2.09
Quote:
Originally Posted by tobermory View Post
To add, if that sheds any light. Some minutes after I had received the SMS for fraud transaction of Rs.9,999 I received another SMS from bank. This second SMS was giving OTP for a Rs.19,999 transaction this time. I immediately blocked the debit card. A few hours later, I received an SMS from the bank stating that a transaction has failed because the card is blocked.
Strange case. I'm not able to think of a plausible explanation, one that is convincing enough. Someone at the bank might have a better clue as to what went wrong.
______________________________

Reply With Quote
  #12  
Old 2 Weeks Ago
tobermory's Avatar
tobermory tobermory is online now
 
Join Date: 2nd May 2014
Posts: 840
Rep Power: 9 Points: 1234
tobermory is a pillar of our communitytobermory is a pillar of our communitytobermory is a pillar of our communitytobermory is a pillar of our communitytobermory is a pillar of our communitytobermory is a pillar of our community
Quote:
Originally Posted by coconutpalm View Post
You can get rid of the SMS message entirely if you change your SBI account settings to use State Bank Secure OTP.

I don't know if it's any more secure, but this app will allow you to use OTP, without SMS, and even when the phone is not connected to the internet.
Hmmm... offline generation of OTP ... now that is interesting

Google Play description:
Quote:
Offline OTP in which OTP is generated in the absence of Wi-fi, Mobile network or SIM card
______________________________
Jack n' Jill went up the Hill
God knows what went up there
Jill came down screaming i-pill i-pill

Reply With Quote
  #13  
Old 2 Weeks Ago
Just a Salesman Just a Salesman is online now
 
Join Date: 26th March 2017
Posts: 158
Rep Power: 1 Points: 62
Just a Salesman is beginning to get noticed
To find more how this is done contact ur travel agent or trekking agent and travel to these villages and have a chat with the villagers over a cup of tea....


Giridih in Jharkhand has earned the sobriquet of "Cyber Zone", as have Deogarh and Jamtara in that state.

But the appellation does not signify digital revolution; it reflects the emergence of these places as the hubs of cyber crime.

For instance, in Giridih, Binsmi village has 1,000 dwellings and is home to about 900 cyber cheats.

Cyber cell officials of the Ahmedabad crime branch had recently searched these areas to nab Mohammed Jilani Ansari who had cheated people across 15 states using a couple of cellphones. Ahmedabad cops were bemused when local police
personnel assisting them announced that they were entering the Cyber Zone. "We had kept the operation a top secret," a senior Ahmedabad Police official said. "However, when we were about to enter Binsmi village, a Jharkhand cop asked us
whether we were looking for an online scamster. When we said yes, the Jharkhand cop murmured, "Cyber Zone mein aur kis ko khojo ge? (Who else will you look for in the Cyber Zone)."


For Ansari, Gujarat was the favourite hunting ground. But he has also extracted money from people in Rajasthan, Maharashtra, and Punjab. "He made about 200 calls a day. Every 10 to 15 calls, he managed to persuade the victim to give
the ATM card number, the CVV number, and the onetime password," said a crime branch official. "He used the information to transfer money from the victim's bank account to one the 34 ewallets he had created with 10 different email
IDs."

According to crime branch officials in Ahmedabad, Jilani has revealed that the kingpin of the online fraud racket in Jharkhand is Tiku Mandal, who heads a gang of 14. "He provides them sim cards and transfers money from their ewallets
to his bank account. He then gives them cash after deducting his commission," a cyber cell official said. However, it will be tough to nab Mandal, officials said. "No one knows where he lives. He pays a visit once a week to his gang members to
collect money and then vanishes," the crime branch official said. "We are planning a major operation in Jharkhand to nab
him."

Reply With Quote
  #14  
Old 2 Weeks Ago
Amitwithhotwife.83 Amitwithhotwife.83 is online now
 
Join Date: 19th March 2017
Posts: 457
Rep Power: 1 Points: 455
Amitwithhotwife.83 has many secret admirersAmitwithhotwife.83 has many secret admirers
Quote:
Originally Posted by coconutpalm View Post
Amit ji, maybe if they have the right tools, they can clone the SIM card, but that would require physical access to the SIM card, noh?

How likely is it that a SIM card has been cloned remotely? Maybe even that is possible if the right app/malware is installed on the phone? I don't know.

But we're talking of pretty far-fetched scenarios.
If there was someone here who had worked for a telecom company in developing their software for sim card generation/ copy/ activation - will tell you how secure these are(sarcasm)!

Reply With Quote
  #15  
Old 2 Weeks Ago
coconutpalm's Avatar
coconutpalm coconutpalm is offline
www.FilesFlash.net
 
Join Date: 10th April 2006
Location: Aruba
Posts: 24,876
Rep Power: 56 Points: 11422
coconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universe
UL: 84.11 gb DL: 40.21 gb Ratio: 2.09
Quote:
Originally Posted by Amitwithhotwife.83 View Post
If there was someone here who had worked for a telecom company in developing their software for sim card generation/ copy/ activation - will tell you how secure these are(sarcasm)!
OK, let's assume that somehow the SIM card was cloned. What next?

If a SIM and its clone are both registered with the phone network, there won't be a problem? Both the SIM cards will have the same identifier, so the authentication may run into problems for the second SIM card, noh? I don't know enough.
______________________________

Reply With Quote
  #16  
Old 2 Weeks Ago
coconutpalm's Avatar
coconutpalm coconutpalm is offline
www.FilesFlash.net
 
Join Date: 10th April 2006
Location: Aruba
Posts: 24,876
Rep Power: 56 Points: 11422
coconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universe
UL: 84.11 gb DL: 40.21 gb Ratio: 2.09
Quote:
Originally Posted by tobermory View Post
Hmmm... offline generation of OTP ... now that is interesting

Google Play description:
I think you should consider the physical security of the phone. Given the phone to a stranger in recent days? Or taken the phone to a repair shop?

There was a movie called Non-Stop, starring Liam Neeson. In that movie, one guy says that he will send a specially-constructed JPEG image to any phone, and the recipient phone will start ringing even if it was set to silent mode (ringer off). So he sends the JPEG, and the other phone starts ringing.

That's movie stuff. But sometimes there's some or the other vulnerability that can be exploited, especially if the OS is unpatched or too old.
______________________________

Reply With Quote
  #17  
Old 2 Weeks Ago
Amitwithhotwife.83 Amitwithhotwife.83 is online now
 
Join Date: 19th March 2017
Posts: 457
Rep Power: 1 Points: 455
Amitwithhotwife.83 has many secret admirersAmitwithhotwife.83 has many secret admirers
Quote:
Originally Posted by coconutpalm View Post
OK, let's assume that somehow the SIM card was cloned. What next?

If a SIM and its clone are both registered with the phone network, there won't be a problem? Both the SIM cards will have the same identifier, so the authentication may run into problems for the second SIM card, noh? I don't know enough.
Companies have abilities to issue clone SIM cards but they never use this feature for security purposes. Such cards have a lifetime for a few hours only and that is all they need. I am not assuring that the fraudster used a copy sim rather I am proposing that it can be one way how he got the OTP. I also insist that first and foremost security is your debit/Credit card number and its CVV. Once u give them such details the ball goes out of your court!

Peace to all!

Reply With Quote
  #18  
Old 2 Weeks Ago
pokhat's Avatar
pokhat pokhat is offline
NatWest T20 2017 Predictions
Visit my website
 
Join Date: 6th September 2009
Location: In Dreams
Posts: 50,095
Rep Power: 330 Points: 304135
pokhat has hacked the reps databasepokhat has hacked the reps databasepokhat has hacked the reps databasepokhat has hacked the reps databasepokhat has hacked the reps databasepokhat has hacked the reps databasepokhat has hacked the reps databasepokhat has hacked the reps database
UL: 49.57 mb DL: 317.32 mb Ratio: 0.16
somebody called and he gave away card number + cvv !!!
no point in ranting about fraud now
______________________________
Visit All My 700+ Threads and add REPPs

Reply With Quote
  #19  
Old 2 Weeks Ago
Just a Salesman Just a Salesman is online now
 
Join Date: 26th March 2017
Posts: 158
Rep Power: 1 Points: 62
Just a Salesman is beginning to get noticed
Every 10 to 15 calls, he managed to persuade the victim to give him the ATM card number, CVV number, and one-time password,“ said a crime branch official. “He used the information to transfer money from the victim's bank account to one of the 34 e-wallets he had created with 10 different email IDs.“


Read more at:
http://economictimes.indiatimes.com/...campaign=cppst

Reply With Quote
  #20  
Old 2 Weeks Ago
coconutpalm's Avatar
coconutpalm coconutpalm is offline
www.FilesFlash.net
 
Join Date: 10th April 2006
Location: Aruba
Posts: 24,876
Rep Power: 56 Points: 11422
coconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universecoconutpalm is one with the universe
UL: 84.11 gb DL: 40.21 gb Ratio: 2.09
Check all the apps on the phone, and see if you can find any suspicious ones.

If a surveillance app is installed on the phone, it is simple to remotely read text msgs. It needs no special technical skills. The SMS msgs are all forwarded to a remote address.

Installing a surveillance app is simple if you have physical access to the phone.

Surveillance apps can also be installed remotely, but this is more complicated.

It's quite an industry actually. Intelligence agencies (NSA, for example) specialize in these things. Jealous lovers are another group that uses surveillance apps. And, of course, cyber criminals who want to do fraud.
______________________________

Reply With Quote
Reply Free Video Chat with Indian Girls


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +5.5. The time now is 10:13 PM.
Page generated in 0.04609 seconds