Theogenes De Montford, 29, of Blandford Way, Hayes has been sentenced to four and a half years for his role in one of the UK's biggest chip and pin scams. The gang put card cloning equipment on pin entry handsets at petrol stations around the country. De Montford was caught with 35,000 card details when arrested. An amazing 7, …
And nobody noticed?
How do you put card skimming kit in a garage without the staff being fully aware of what's going on?
Here in Cheltenham the Tamils running some of the garages are in on the whole scam. Had my card cloned at the garage just up the road from my house... they no longer get any trade from me.
I had the same problem in a Spar grocery shop/Post Office in Central London
A while ago I used my Visa debit card to buy some postage stamps from the Spar grocery store/Post Office located on Westminster Bridge road in Central London and then lo and behold after a couple of days several suspect overseas transactions from a Canadian Tyre shop started withdrawing several hundred pounds worth of money directly from my current account which put me in to overdraft straight away.
Thankfully my bank were quick on the ball and refunded the stolen money and sent out a new card and PIN with no questions asked, I was probably one of many who had been affected by this.
After this I've never used my debit card in any small grocery shops now.
People turned up with with a new Chip-n-pin card unit (they were just being introduced) and told the part-timer behind the desk that they had to be changed. The new unit read all the details from the chip (which is enough to reproduce the mag-stripe, together with the PIN that was typed in. The units that I am aware of then sent batches of numbers by SMS to a mobile registered somewhere in the East, so impossible to trace.
Bogus cards could be made for cash machine use, and together with the snaffled pin gave free money...
My point entirely
Not sure about the Tamil connection but somebody had to be in on it
Just turn up with a van labelled, say, Oakwood Security Electronics (fictitious name I just made up, I hope), a couple of guys with white coats and a clipboard, and (even better) an order form for the garage attendant to sign, and a box of electronic gadgets, and the underpaid part-timer behind the desk isn't going to argue. And if they do, it's check the clipboard and "Oh, sorry mate, should have been the XXX garage down the road. See ya".
Police/CC Company = Useless
I reported the exact time and place my card was cloned* to the CC company and the Police on the day I became aware it had happened (About 2 weeks after the cloning).
Nothing was done about it for a YEAR!!
Then I had a letter from the Police asking me to confirm which garage it was.
* It was the only place in the UK I had used the card.
I was lucky, the card had a £20,000 limit, but I noticed the problem and stopped it after only £2,500.
Theogenes De Montford......
Surely that a was a villain from a Sherlock Holmes story........
Garages are a favoured target for card scammers - ...
Because the pay and hours are crap and they will take anyone with a heartbeat. You often work alone so no problem setting up your skimmer.
I don't understand. This was chip-n-pin. It is totally safe man. All fraud must have been done by the card holder...
Not sure if I need the troll or joke icon...
"Not sure if I need the troll or joke icon..."
Then use the Penguin, patron saint of uncertainty.
You will have noticed that they could only reproduce the magstripe and had to do the actual fraud in non-chip and pin areas.
I thought you Brits called them "Phish-n-Chips"!
Chip and Spin
I'm sure APACS will still be telling us just how "safe" Chip and Pin really is...
You are right - this is impossible. We have been repeatedly told by the Banks that chip & pin is totally safe - which must be true. (sic)
Why don't they use fingerprint confirmation, like ATM's in Brazil? Unless someone steals your finger, it's going to be pretty hard to break, and the cost of fingerprint scanners is very low (lower than the cost of these scams, I'm sure....).
"Unless someone steals your finger", I suspect that for a good number of potential scammers this would make the whole exercise much simpler than using high tech hacked PIN terminals or beating a pin out of a victim!
"Why don't they use fingerprint confirmation, like ATM's in Brazil?"
Simple. They *pay* for the scanners, but at present in the UK *you* have to prove it was theft. And the only people you can report the theft too is..
The CC company.
Upgrading their hardware would mean spending *their* money to help *you*.
In the UK you do no have to prove that it was theft, the burden of proof is on the banks. This is explicitly stated in law. Please stop trotting out this myth again and again every time anything to do with card fraud comes up.
As for fingerprints - you can't use fingerprints as a proof of ID because they are trivial to copy and impossible to change.
They *did* steal someone's finger
It was reported here in "The Register" some years ago. A South African businessman with a fingerprint-coded Mercedes was car-jacked. Never, ever, am I going to secure anything of value with a bit of my anatomy.
Where's the three-fingered thumbs-down icon?
Aren't they the places where we should only use those brown or purple foldy bits of paper and give them back their security problem, instead of letting businesses outsource their theft risk to us.
Im really upset that this incident cost the business 25%. Im sure that makes everything good for the real victims here.
For all anyone will ever know unless you guys have police that look outside the box is if this was an inside job.
Here in the states, I can't imagine this ever being done since gas stations are usually always being patronized and it would seem fishy having people changing these devices.
If they did it lying as to who they were it's still the service stations fault for not confirming their identity.
Doesn't sound like you guys pay your attendants much either and this is the end result; employees that could give a crap.
Keep going well...
It's funny that I knew that it would be a Shell petrol station before I even read the story, as something similar happened to my Dad at a local Shell station and the credit card company said that it happens a lot to their customers.
There could be an obvious reason for that...
...like there being more Shell stations?
- 'Windows 9' LEAK: Microsoft's playing catchup with Linux
- Infosec geniuses hack a Canon PRINTER and install DOOM
- Game Theory Half a BILLION in the making: Bungie's Destiny reviewed
- Review A SCORCHIO fatboy SSD: Samsung SSD850 PRO 3D V-NAND
- Was Earth once covered in HELLFIRE? No – more like a wet Sunday night in Iceland