5 reasons your money is harder to access and easier to steal

29 October 2008

Hands up if the password for your email account is password? Yes? You fool! I will steal your identity and all your money! What about your debit card pin number? Same as the year you were born? ? You fool! I will steal your identity and all your money! I don't suppose you use the same password to login into all your social websites, do you? You fool! I will steal your identity and etc etc.

We're meant to live our digital lives bound by a plethora of passwords that are long sequences of seemingly random numbers and letters without pattern or relevance. In reality... well, most of us can't remember a dental appointment, never mind three dozen individual ten character sequences. And then there's the medium through which we share personal data, the internet and our computer, chock full of malware, hackers and scams.

There are a lot of bad people out there who want to steal your money, and it means the world of personal banking is becoming darker and more complicated than ever before. Here's the proof:

1. Banks are planning to increase password protection for their online services: senior management at Lloyds TSB are now working under the assumption "that the vast majority of home machines are compromised" and are predicting that banks will begin to use one-use passwords, generated offline and sent to the customer by SMS or phone call. Some banks already use up to three passwords to verify users; Natwest requires a a unique customer number and randomly selected characters from both a pin number and a password.

2. There's the seemingly mandatory use of Verified by Visa being introduced by some banks. This is the third party window that pops up when making a payment online, requiring you to entire yet another password before the transaction can be completed. Problem is, there's growing concern that this system is open to phishing scams, and once details are obtained it makes it easier for thieves to make purchases online while simultaneously making it harder for consumers to deny responsibility for a fraudulent transaction.

3. There's this chap, called Chao. Doesn't he look friendly? He developed a high-quality ATM skimmer and PIN pad to covertly fix to certain models of cash machines, capturing account numbers and pin details. In this kiddie-friendly cartoon available on YouTube, Chao explains how to use a card skimmer without drawing too much attention from the public:

Ah, cute little Chao. His real name is Cagatay Evyapan, and he was captured by authorities after reportedly kidnapping and torturing a police informant. But where was the not-so-lovable rogue Chao selling his high-spec skimming devices? On DarkMarket, an online market where thousands of identity thieves, hackers and credit card swindlers traded data.

4. DarkMarket was closed down after its illegal activities had continued undetected for nearly three years. Except the authorities knew all about them; DarkMarket was a sting operation operated by the FBI. It's not unreasonable to assume that if you've been the victim of identity fraud, the FBI provided the forum within which your details were used.

5. That shifty-looking server at your local can still skim data from your card before you've finished your complimentary After 8 mint. Watch them like a hawk.


  • Oli
    I think number 5 is a bit racist....
  • Paul S.
    What's racist Oli? The fact that Indian restaurants have waiters or that some waiters in Indian restaurants are capable of stealing? Replace the example with any type of restaurant and their waiting staff and it's equally applicable. I used that particular example because a waiter at my local Indian restaurant did once steal my card details.
  • steve
    Have to agree with Oli on this one. In the article you're not clear in refering to an individual restaurant and a singular event, but to any/all local indian restaurants. The impression is that Indian resturants in particular are more likely to have dishonest staff. Sorry you had card details stolen, but it really doesn't come across that you were referring to 'any type' of restaurant unless you'd written something some generic like "at your local takeaway". No matter what you're intention, it reads badly and boarders on racism I'm afraid.
  • Paul Nikkel EDITOR
    Hi Oli/steve, We've edited the bit in question. Obviously we don't want to be offensive and while we're not here to be un-opinionated we also need to be responsible if something which is meant to be an innocuous remark doesn't come off as such. Thanks!
  • VISA B.
    [...] the way every website payment system works at the moment. And it seems to go head to head with Verified by Visa, so presumably that’ll be phased out to prevent a Betamax vs VHS farce (replace with a [...]

What do you think?

Connect with Facebook, Twitter, or just enter your email to sign in and comment.

Your comment