Is the debit card really scary? ? I asked people directly who were victims of unauthorized use.

Morita from Beyond, writing a blog for the first time in a while !

Well, the world is experiencing an unprecedented sauna boom . The other day , Drama Sa-Do 2021 reached its final episode, and it seems that this movement will continue to expand. someday there will be a drama focused on heat wave masters (a profession that uses towels to blow hot air inside saunas)

As I was thinking of writing a blog about saunas, I learned that a friend of mine had been the victim of a certain crime I thought this was a serious situation for those of us who work in information security for a living, so I asked a friend to help me out and conducted an interview.

For the purpose of enlightenment activities, I would like to write down the conclusion first.

・Check the debit card function of your cash card and disable it if it is unnecessary.

Please implement!

That's all I want to tell you, but please read on if you'd like.

Unauthorized use of debit card?

---- Thank you for your cooperation in ``so that there will be no more victims like me.'' What should I call you during the interview?

? ? ? ?　 It's fine to stay with Shibahara ( Mr. Shibahara's site )

----Is that so! I was thinking that it would be better to hide the name or something, but...

Shibahara (hereinafter referred to as S) , please do as you like.

----Now then, Mr. S! ! I was surprised to see Mr. S's Facebook timeline, but what kind of damage did he actually suffer from?

I was involved in S　 debit card My bank account has been debited several times that I don't recognize ...

----Well, that's scary.

S During the night of Friday, September 13th, I received three consecutive usage notification emails from a certain online bank. I didn't realize it at the time because it was the middle of the night and I was sleeping.

The next morning I received a call from an unknown number. It was a call from a certain internet bank. It was then that I discovered that my debit card information had been fraudulently used.

According to the operator on the phone, was used somewhere to top up a certain electronic money .

As a result, was suspended and I was unable to use it to prevent further damage

----Does that mean you can no longer withdraw your money?

SThat 's right. He didn't even have a bankbook. Fortunately, it wasn't my main account, and the damage was not large, so my life was not affected.

this was my main account and all the money was gone.

----How did a certain online bank handle this?

a certain internet bank, this is all we can do for now. I was told that nothing could be done until I received payment confirmation data from a certain electronic money side. This time, I called a certain e-money company, but they told me that they couldn't move until they received a request from a certain internet bank, so I was caught in a dilemma

Five days later, the confirmed data arrived at a certain internet bank, and they asked me to send them the format for a request form for investigating fraudulent use. If you describe the damage and submit it, they will investigate. After another 5 days, the format finally arrived. At this point, it has been 10 days since the damage occurred.

We also filed a report with the nearest police station. , I heard that there were other consultations about similar damage on the same day I wonder if debit card fraud is such a common crime

----What happened after that?

S The formalities have ended here, and the investigation is currently underway (the interview was conducted on September 24th). How long will it take? It doesn't seem like the damage will spread, but I'm worried every day.

Lunch didn't go well today either, and I was only able to eat 300 grams of steak

----(No, that's enough.)

SAs expected, I'm too scared to reissue a debit card .

Can even people who are knowledgeable about computer security fall victim to it?

---- Mr. S over 30 years of programming experience and has worked extensively with computers, so also very knowledgeable about security . Moreover, usually a very cautious type.

SWell , because of my job, I pay close attention to security. When using online services, I always make sure to use available security measures two-step authentication and multi-factor authentication Also, all passwords are unique and different.

----Even people with such knowledge can fall victim to it.

S I may say this myself, but I'm very cautious, so I've never shown my debit card to anyone , and I've only taken it out once , when I was making a deposit at an ATM at a convenience store.

Of course, I also set up 3D Secure However, I was really shocked because I had been victimized.

----What does the actual method look like?

SI don't really understand. According to a certain internet bank operator, you can authenticate as long as you have the debit card number, name, and expiration date However, as I mentioned earlier, I have never shown it to anyone, and I only took it out once to deposit money at a convenience store ATM. If someone had been skimmed there, it would have become a bigger problem in the neighborhood, and they would have mentioned it when they went to the police.

However, when I think about it again, it's worrisome that there was a similar complaint on the same day.

I consulted with a colleague who is knowledgeable about security, but since there are multiple keys required for authentication, a random attack would be almost impossible, so I couldn't consider it.

If there was a leak of internal information, it would definitely become a hot topic.

----Did you collect information about debit card damage this time?

S I looked it up on Twitter and the internet. It seems that there are cases in which young people who cannot use credit cards are using debit cards. It seems that there are cases in which people have suffered from expensive fraudulent use.

Unlike credit cards, debit cards are directly linked to bank accounts and can be easily compromised. The scary part is that this will have an immediate impact on your life Even if there is a balance remaining, your cash card will be suspended and you will not be able to withdraw money.

In the case of credit cards, it takes a long time to pay, and if it is determined that the card has been used fraudulently, the amount will not be debited in the first place.

I think this difference is huge.

----Are there any self-defense measures?

To begin with, many people may not be aware that cash cards have debit card functionality . These days, there are some things that are basically included when opening an account. Everyone please check it out. We recommend that you immediately cancel the debit card function if it is no longer needed.

Also, this time I thought about security again. It's sad, but we have to assume that there are malicious people in this world. We will continue to take the security measures we already have in place, but we will be even more careful not to own unnecessary cards or accounts

I guess that's all you can do.

----Certainly, not owning unnecessary things is the best self-defense measure. I am also thinking of organizing my unnecessary cards and accounts. Thank you very much for today! !

summary

There are various types of fraudulent uses, but one of the most frightening is when money is withdrawn directly from your bank account.

again,

・Check the debit card function of your cash card and disable it if it is unnecessary.

I hope everyone will implement this.

From next time onwards, I will write a blog about saunas! !