In a disturbing evolution of financial fraud, cybercriminals are leveraging advanced techniques to exploit mobile payment systems such as Apple Pay and Google Wallet.
Once reliant on magnetic stripe card cloning, fraudsters have adapted to breakthroughs in card security technology like chip cards and one-time passwords, exploiting vulnerabilities in contactless payments and digital wallets.
By phishing sensitive payment data and linking stolen card details to their own mobile wallets, hackers have turned smartphones into sophisticated tools for laundering funds obtained through digital scams.
.png
)
Industrial-Scale Phishing and Card Linking
The scam begins with meticulously crafted phishing techniques. Cybercriminals set up networks of fake websites resembling trusted platforms like delivery services, online stores, or government payment portals.
Victims are lured into entering card credentials and authorizing transactions via one-time passwords (OTPs).
Unbeknownst to them, the credentials are instantaneously transferred to attackers who link the stolen details to a mobile wallet such as Apple Pay or Google Wallet.
Sophisticated software replicates the card details for seamless integration into the wallet, enabling scammers to make contactless payments in stores or at ATMs.
To streamline operations, fraudsters often purchase numerous smartphones preloaded with payment apps and digital wallets.
Software tools accelerate the card-linking process, generating perfect replicas of the stolen cards.
Even incomplete form entries on phishing sites are siphoned for additional data, allowing cybercriminals to phish multiple cards from a single victim.
Advanced NFC Relay Techniques and Dark Web Sales
Once linked, stolen cards are stored in mobile wallets that are resold on the dark web to minimize direct exposure.
Weeks or months may pass before criminals monetize the stolen credentials, using NFC-enabled smartphones for direct payments at luxury retail outlets or withdrawals at ATMs.
A more sophisticated technique, known as “Ghost Tap,” involves NFC relay systems.
Using legitimate apps like NFCGate, attackers transmit wallet data from one smartphone to another in real-time, enabling accomplices (“mules”) to perform transactions at payment terminals without direct connection to the original stolen card data.
This layered approach ensures that any incriminating evidence remains with a mastermind operating remotely, while mules perform payment tasks that appear legitimate.
Goods purchased or cash withdrawn are often untraceable, facilitating the laundering of stolen funds.
A newer variant of this scheme emerged in late 2024, particularly targeting users in Russia and rapidly scaling globally.
Instead of phishing card credentials directly, hackers socially engineer victims into installing malicious apps disguised as government, banking, or utility tools.
According to the Report, these apps prompt users to hold their NFC-enabled card to their smartphone for “verification,” capturing and transmitting card data and PINs to attackers.
Fraudsters then remotely authorize ATM transactions or utilize the card data for unauthorized payments.
In another deceptive tactic, victims are persuaded to deposit funds into “safe accounts” via ATMs under the pretense of theft risk.
By deploying NFC relay apps during these transactions, attackers redirect funds to their own accounts while masking the fraud as legitimate ATM activity.
As these sophisticated attacks evolve, technology providers like Apple and Google, alongside financial institutions, must implement stringent security protocols to safeguard mobile payment systems.
Biometric authentication and location-based transaction verification may offer additional layers of protection to counter such fraud.
Users, too, can take preventive measures to minimize risks:
- Use virtual cards for online payments and offline alternatives for contactless purchases.
- Verify the authenticity of apps before installation, avoiding software from untrusted sources.
- Install reliable security solutions on devices to detect phishing attempts and malicious activities.
- Enable instant transaction notifications to identify suspicious activity promptly.
The rise in fraud involving mobile wallets highlights the need for vigilance in adopting emerging financial technologies.
While these systems offer undeniable convenience, the increase in cyber risks requires robust security measures to preserve trust and safeguard consumer assets.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
