The Code Has Been Cracked !

[Nirvana 4]

source: moneycontrol.com - 2006-05-24

well, you never know what can happen... read on...

Credit card fraud is rampant and without you quite knowing how it is done, you could be cheated out of your money. One swipe is all it takes. A gadget, no bigger than the size of your palm is wreaking havoc across the globe. When you hand over your credit card to make a payment or insert it into an ATM machine, you stand the risk of being the next victim of an international crime called skimming. Once your card is cloned, you could be drained of your money in a foreign land.

What's more, this fraud has hit Indian shores and threatens every consumer who owns a credit card. One such criminial was already operating in Chennai, around the vicinity of the HDFC Bank, which has 17 ATM machines across Chennai. Every day, thousands of people walk in and out of these centres with cash in their hands. But the night of May 12 was different.

The Chennai police had been watching for him and finally they snared their man. He is a 38 year old Burmese national, Gunasekaran, who had been withdrawing money from one such ATM. When arrested, he had 43 international credit cards on him, through which he planned to withdraw Rs 4 crore.

Gunasekharan's game was audacious to say the least. Every day after sundown, he would make several withdrawals using multiple international credit cards. The transactions would come within a span of seconds of each other. It seemed as if a single person was using an array of cards to withdraw money from the ATM, which was more than enough, to put the fraud cell of the bank on alert.

Head of Risk Control, HDFC Bank, Mahesh Rajaraman told CNBC-TV18, "We have an inbuilt mechanism in the bank, that moitors a customer's transactions. The moment we find something unusual in the activity, we immediately put it on scrutiny."

Even as bank officials considered calling the police, the transactions continued. All the amounts withdrawn were well within limits for a day - Rs 15,000 - but when it reached Rs 5 lakhs, bank officials decided they had waited long enough and they called the police. To not take any chances, the police asked security guards at all the ATM centres in the area, to be on alert for someone who came in at night and stayed on for longer than required at the machine.

San Thome Road is a half-hour drive from the main city, on the outskirts of Chennai. On the night of May 12, Gunasekaran walked into this ATM and began what had become for him a daily exercise - withdrawing money with first one card and then another. The police caught him redhanded with 40 cloned credit cards.

But Gunasekaran told the police he was just following instructions. The international nexus was wider than the police had imagined. He claimed, he had been given the cards by a gang based in Britain and Apac is an anti-fraud expert group in the UK, and knows exactly how the cards had been faked.

Corporate Communications Executive, Apac, Mark Bowerman explains, "The fraudsters use a gadget that fits in over the ATM machine card slot. The moment your credit card passes through it, a chip in the device reads the magnetic strip. At the same time, there is a pinhole camera placed over the area, where you type in your pin number. After a substantial number of people have swiped their cards the fraudsters remove the device and they then go back to their factory and create clones of the original credit cards."

This showed that Gunasekaran was merely the middleman and the Chennai police believe he might not have been the only one. An alert has been sent out for more nocturnal visitors. Most banks have a monitoring system, that tracks customers credit card usage and any abnormal behaviour alerts them.

General Manager, ICICI Bank, Rajiv Sabharwal says, "We are always on the lookout for unusual activity. If we find that someone has spent Rs 25,000 at a grocery store, then immediately that would qualify as unusual." But security experts feel, crimes of this nature are worrisome because of the ease with which the operations are run.

IT expert, Vijay Mukhi agrees, "What is worrisome is that I hand my card not to someone at the level of a general manager but to a waiter. Now it takes him just a minute to swipe my card and there is no way I can trace where the crime actually happened."

Till now, we had heard reports of how gangs abroad were running fake credit card rackets but now India is fast turning into their prime hunting ground. The deal is to forge cards abroad and encash them in India. This was proved when two days later, Mumbai was hit by a similar fraudster.

A Malaysian national Khoo Kee Sheng was arrested by police in Mumbai.

Sheng had been on a shopping spree in the city. He had shopped at five star hotels, malls and jewellery stores using cloned credit cards. No one knows exactly when the 38 year-old Sheng arrived in India. The only records available to the police and bank officials begin from the day he made his first purchase using the fake credit cards.

DCP Mumbai Police, Amitabh Gupta says, "We found forty fake credit cards on this person and along with it, the gold jewellery that he had bought in the city. Sometime after he arrived in Mumbai, Sheng checked into the Hyatt Regency with an accomplice Che Ling Kim and then the duo set their plan into action. They hit jewellery stores, shopping malls, five star hotels. Within a short period of time, they had run up a shopping bill of Rs 17 lakhs.

They were smart enough to ensure their purchases were below the maximum credit limits. The minimum purchase that Sheng and his accomplice made was for Rs 40.000. Sheng's favourite on his shopping list was jewellery, something that would lead the police to him. On May 9th, Khoo Kee Sheng headed for a popular jewellery store in a Mumbai suburb. He picked a gold chain that was worth Rs 70,000. When the salesperson swiped the card, the payment was rejected. Unfazed, Sheng produced another credit card and this time it worked. but unknowingly Sheng had made a mistake.

Alerted by the activity on the credit cards being used by Sheng, HSBC had placed the accounts on watch. Bank officals made a call to the jewellers, saying the transaction was void as the credit card used was suspect. Then the police set a trap for Sheng. They spoke to the jewellers and asked them to be on the alert in case sheng returned in the next few days and they didn't have to wait long.

On May 10, at 3 o clock in the afternoon, Sheng was back. This time to a jeweller next door to the previous one. Sheng was arrested but his accomplice managed to escape. The police found credit cards belonging to German, Canadian and British nationals in Sheng's posession, which makes them suspect, he had commmitted similar crimes in other countries.

So, just how did Sheng get hold of these credit cards. Under interrogation, Sheng revealed his modis operandi. Sheng worked as a manager in a hotel in Malaysia, which is a favourite haunt for international tourists. Most tourists would make payments through their credit cards and it was there, that Sheng began his plans. He kept with him a tiny device that would serve his purpose within a minute. In the world of new age credit card fraud, experts call it a skimmer.

Bowerman explains the 'skimming' process. He says, "Compared to the previous mode of operation, this is far easier. The credit card is passed through a skimmer, which is a tiny gadget that fits in the palm of your hand. The moment you run the card through the skimmer, a chip in the gadget reads the magnetic strip at the back of the card and you can then later upload it to your PC and make a clone of the original."

So, everytime an unsuspecting tourist would hand over a credit card to him, Sheng would slide it through the skimmer. Within a month, he had built himself a collection and then it was time for him to take a vacation and visit India and it was this trip to India, that brought about his downfall.

But experiments with a skimmer have only just begun in India. Experts say international crime of this nature will reach Indian shores in just a matter of days and banks are now beginning to face the heat. Especially, when Indians like Kuljeet have cracked the code.

Kuljeet ran a travel agency called 'Lucky Travels' from Lucknow but he was involved in more than travel plans. Kuljeet and his accomplices would receive IDs for international credit cards from operators abroad.

Kuljeet used these cards to book plane tickets. He would then cancel the tickets and direct the refund to his current account. The sudden spurt of transactions alerted the bank officials, who in turn alerted the police. In 18 days, Kuldeep's bank account had accumulated Rs 15 lakhs. He was arrested on April 2 and police are yet trying to find out if Kuldeep had actually managed to skim credit cards of unsuspecting tourists in India, while they were in his shop.

It's difficult for fradusters to actually tamper manned ATM machines in India. But it just takes a swipe to compromise the security of your card. A foreign vacation to Malaysia or Europe and your card could be exposed. Risk assessors say that, after a fraud is discovered, what measures can the Indian consumer take, is an area where much needs to be done.

Sabharwal of ICICI Bank says, "We have been facing a few cases of credit card cloning in the country already. Although the cases are not as rampant as it is in the West, but they have begun to crop up in India as well." But estimates and the extent of the crime vary, as security experts say all banks are not as open to revealing the occurrence of these crimes.

Partner, Ernst & Young, Sunil Chandiramani says, "A lot of banks already have mechanisms in place to alert themselves, the moment any suspect activity hapens but having said that, there are still many banks who are yet to do so."

He adds, "Today the onus of proving the fraud is on the customer. He needs to prove that the transaction that took place was actually fraudulent."

But here's how you can minimise your chances of being hit by a fraudster:

1) Do not let your credit card out of your sight.

2) Do not give your pin number to any other person.

3) If you carry out transactions on the internet, then make sure you do it from a card that has a very low credit limit.

Edited June 5, 2006 by Nirvana

[cracker 0]

Avoid using credit card

[ani_meher 42]

Ya, but it also mentions about ATMs. I am sure many of us just can't part with the ATM facility.

[adwait 0]

hmm.....about 8-9 months back a guy who used to be in my jr college got caught for this. He had bribed some waiter who used to swipe customers cards in his machine before the hotels machine and then they used to make credit cards with the same details and use them.

[Arun 795]

For ATM card theft, hopefully video cameras would be installed in all ATMs, that should discourage them from doing so. Trivandrum City Police launched an initiative for the same recently.

Surveillance cameras to be installed in ATMs

The Hindu, Tuesday, May 30, 2006

THIRUVANANTHAPURAM: The city police commissioner has written to various banks asking them to install surveillance cameras at ATM counters. The cameras should be such that they are able to record continuously for 48 hours. According to the Commissioner's letter, the step is intended to identify those who steal misuse the ATM cards accidentally left behind by genuine users. Many such instances have come to the attention of the police. The banks have been asked to install the cameras as soon as possible.

[KingofKalyan 0]

ICICI and CITIBANK has given facility for customers to have a diffrent CREDIT CARD.. for using online.