• Two men were indicted on Friday, suspected of having set up a new kind of credit card scam.

  • According to the first elements of the investigation, the system made it possible to withdraw cash when the victim dialed his code on a booby-trapped box a few kilometers away.

  • A judicial inquiry has been opened.

Imagine: you are in a car park in Créteil or at the checkout of a laundromat in the Paris region.

You insert your credit card into the terminal to pay.

So far, nothing out of the ordinary.

Except that when you type your code, the data is immediately duplicated in an ATM a few kilometers away, allowing a thug to use your bank account without difficulty.

This is the scenario of a new kind of credit card scam, brought to light in early April by the means of payment fraud brigade of the Paris police headquarters.

"This is the first time that this type of fraud has been detected on our territory, but a similar alert was issued in mid-March in London", specifies a police source.

According to our information, two Bulgarian nationals aged 41 and 43 were indicted on Friday in Paris, in particular for fraud in an organized gang and fraudulent extraction of data.

They are suspected of having placed pirate boxes in eleven car parks or service stations in the inner suburbs of Paris between February and April.

In total, just over 300 people were victims of this scam, for damage estimated at some 39,000 euros.

“It is believed that the amount of their attempts amounts to 115,000 euros but that they have experienced a number of failures”, indicates a source close to the investigation.

Withdrawals of 400 euros on average

The alert was given on February 18 by the GIE, the organization responsible for managing payment cards, which noticed anomalies in the parking lot of the Henri-Mondor hospital in Créteil, in the Val-de-Marne.

On site, a technician spots a discreet box affixed to the terminal.

The analysis of video surveillance but also physical surveillance makes it possible to identify a small group of men who always act according to the same operating mode in ten places.

A man stands watch next to the hacked device while an accomplice is a few kilometers away, at an ATM to make a withdrawal – of 400 euros on average – thanks to a doctored bank card, when the victim types his code.

The team stays in the neighborhood for a few hours before changing location.

Until now, in the case of hacked payment terminals, “the criminals recovered the data contained on the bank tracks, the 16 digits, the date of validity, the cryptogram, often to resell them, specifies this same source.

What's new is that this time they managed to duplicate the flow of data going in and out of the chip.

“The difference is significant: when you type your code to pay for parking or refuel, it is automatically reproduced in the vending machine in which the accomplice is located.

It is this simultaneity that put the chip in the ear of the GIE.

In addition to alerting the authorities, the organization also implemented new security that helped limit the damage.

Judicial information

The investigations are continuing within the framework of a judicial investigation, opened in particular for fraud in an organized gang, use of counterfeit or falsified payment, fraudulent extraction of data.

The two men indicted, hitherto unknown to French justice, have been remanded in custody, said a judicial source.

Company

“Spoofing”: Beware of this new scam that targets your bank account

Toulouse

Toulouse: She takes advantage of her friend's drunkenness to obtain her bank code and relieve her of 900 euros

  • Scam

  • Scam

  • Fraud

  • Police

  • Paris

  • Bank card

  • Ile-de-France