The attackers are increasingly relying on a novel approach that employs near-field communication (NFC) to pay out victims’ funds at scale. ThreatFabric’s Ghost Tap technology enables fraudsters to cash out money from stolen credit cards related to mobile payment services such as Google Pay or Apple Pay while relaying NFC traffic.
“Criminals can now misuse Google Pay and Apple Pay to transmit your tap-to-pay information globally within seconds,” the Dutch security company stated. “This means that even without your physical card or phone, they can make payments from your account anywhere in the world.”
These attacks usually include deceiving victims into downloading malware for mobile banking, which subsequently uses an overlay attack or a keylogger to steal their banking credentials and one-time passwords. As an alternative, it can include a voice phishing feature.
Once the threat actors get the card information, they proceed to link the card to Apple Pay or Google Pay. However, the tap-to-pay information is sent to a mule, who is in charge of making fraudulent transactions at a business
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: