Financial operations have always been the most vulnerable issues, both online & offline, thus, requiring especially fortified security measures on how to prevent hacking.
Online payments remain a weak spot in the credit card security; what is most distressing and scary is that hackers use mere guesswork while sending requests to numerous e-commerce sites. How come it happens and how not to be hacked? Renowned security experts explain that the technique, dubbed Distributed Guessing Attack, can circumvent all the security features (it’s exactly what has happened recently to Tesco customers in the UK).
Within the Visa card payment system, an attacker can guess and attempt all possible permutations and combinations of data on plethora of websites, thus, employing 2 weaknesses of online transactions verification:
- – Multiple incorrect payment requests across multiple sites are not detected by online payment systems (max 20 attempts are allowed).
- – No regular checks at websites; requested card information varies.
Separate weaknesses are not very dangerous, but exploited together, they represent a brute force attack against e-commerce sites. Instead of attacking one retailer’s website (chance of detection is high), card data guesses are spread out across multiple sites, with each attempt narrowing the possible combinations until real data are determined.
Techniques of how to hack credit cards
The real state of affairs is strikingly unpleasant. Cards numbers can be obtained from black-market websites (for less than $1), or with a near-field communication reader. Once these data are acquired, a brute force attack proceeds – the CVV takes a max of 1,000 guesses to crack it, and the expiry date takes no more than 60 attempts. Thus, the whole attack takes up to 5-7 seconds max: if a single website bot is configured smartly to run on 30 sites, multiple bots get info in a few seconds.
Unfortunately, the Visa card does not detect multiple attempts across its network, while MasterCard detects the brute force attack after less than 10 attempts. The Alexa top-400 online merchants’ payment websites have a payment platform that facilitates the distributed guessing attack. Unfortunately, out of 36 biggest websites contacted, only 8 changed their security systems; 28 made no changes whatsoever.
The burning question is “How to prevent brute force hacking”?
Measures of how to prevent hacking for Visa card holders
If you are a real paranoid who is afraid of surveillance by hackers, governments, aliens or neighbors, and if you are interested in issues of how to prevent hacking, you are welcome to get security tips for all your online and offline activities.
If you are a regular user not security-conscious to such an extent, here are some simple tips on how not to be hacked while using your credit card for online purchasing:
- – Change card type
Avoid using Visa credit / debit card for online payments and change it for more secure MasterCard (it’s locked when someone tries to guess card details multiple times).
- – Develop good economical habits
Be thrifty, careful and cautious, keep an eye on your statements, and keep spending limit on your Visa card as low as possible.
- – Use ATMs carefully
The latest ATM-fraud devices use a tiny, almost invisible camera to record your keystrokes as you enter your PIN, while a “skimmer” in the card slot reads the card information. Cover one hand with the other while performing any operations with ATMs.
- – Resort to cash whenever possible
Use the ATMs more often and carry enough cash for casual purchases. Promiscuous use of credit cards only creates more opportunities for thieves in both digital and real worlds.
- – Avoid online banking
If you prefer checking your account from a phone, use strong passwords for mobile applications. Unfortunately, online criminals are able to run password generators in a few seconds. A less convenient (but more secure) approach is to do all banking from a trusted connection or even at the bank itself.
- – Use online security services
One of the ways how to prevent hacking your credit card is to employ VPN/Tor services that enable you to protect your online activities and personal data from hacking.
[Total: 1 Average: 5]
Interested? Try it!
There are different types of protection against thieves, both real and virtual. Offline, you can use locks and keys, fences […]
Committing digital suicide? Or just going incognito? An average American citizen has more than 130 personal accounts. It means approximately […]
There is much to recommend Privatoria. Most importantly, it keeps no logs at all and is ridiculously cheap. Although it […]