Limitless credit card manipulations
Criminals have defrauded a credit card company of $11 million by manipulating credit card limits, as security expert Brian Krebs reports. According to Krebs, the criminals have defrauded the company on two occasions so far – on Christmas Eve of last year and a second time prior to New Year's Eve. This caused Visa to warn US credit card issuers as more instances of this type of fraud are expected.
It is currently not known which payment card company was affected, but Visa has stated that the criminals definitely had access to the card issuer's authorisation systems. By gaining access to the company's systems, the criminals were able to withdraw large amounts of money with a relatively small number of prepaid cards in a short amount of time. Usually, cards feature a daily drawing limit to prevent such fraud. The criminals changed these limits and were able to withdraw amounts of their choosing at approximately 1000 different ATMs around the world over a period of several hours. This included up to $500,000 on one single card.
According to Krebs, this technique is not new. In 2011, the financial services provider Fidelity National Information Services (FIS) lost approximately $13 million when criminals gained access to the computer systems of WildCard Systems who sold similar prepaid cards and counted FIS among their customers. In this incident, the fraudsters cloned the prepaid cards to defraud the company. Allegedly, RBS WorldPay fell victim to a similar scheme in 2008. The crime also has some similarities to the highly organised Ocean's 14 high-speed bank fraud.