worszand shines barkleigh
Melissa Hassel
Alert: Your Debit Or Credit Card Can Be Hacked Only In 6 Seconds
Do you think your debit or credit card is safe from hackers? Think again. According to a recent study by researchers from the University of Newcastle, it takes only 6 seconds for hackers to crack your card details using a simple technique called Distributed Guessing Attack (DGA).
DGA is a method of guessing card information by systematically trying different combinations of card number, expiry date, and security code across multiple websites. The hackers use bots or automated programs to speed up the process and avoid detection. By exploiting the fact that different websites have different security checks, the hackers can quickly narrow down the possible values for each field until they find the correct ones.
How DGA works
The researchers explained how DGA works in a paper published in the journal IEEE Security & Privacy. They said that the hackers start by generating random card numbers that match the format of a specific issuer, such as Visa or Mastercard. Then they use these numbers to make online purchases on various websites that accept card payments.
Some websites will ask for the expiry date and security code of the card, while others will only ask for one or none of them. The hackers use this information to eliminate the wrong values and keep track of the valid ones. For example, if a website rejects a card number with an expiry date of 01/23, the hackers will know that this expiry date is incorrect and try another one.
By repeating this process across multiple websites, the hackers can eventually find the correct expiry date and security code for each card number. The researchers estimated that it takes about 6 seconds on average to crack a card using DGA.
How to protect yourself from DGA
The researchers suggested some possible countermeasures to prevent DGA from happening. One of them is to implement a centralized system that monitors the number of failed attempts across different websites and blocks the card after a certain threshold. Another one is to require additional verification methods such as SMS or email confirmation for online transactions.
However, these solutions may not be feasible or convenient for all parties involved. Therefore, as a cardholder, you should also take some precautions to protect yourself from DGA. Here are some tips:
- Check your card statements regularly and report any suspicious or unauthorized charges to your bank or card issuer.
- Use strong passwords and change them frequently for your online accounts that store your card details.
- Avoid using public or unsecured Wi-Fi networks when making online purchases.
- Use reputable and secure websites that have HTTPS encryption and display a padlock icon in the address bar.
- Use a virtual or disposable card number that expires after one use or a short period of time.
- Use a payment service such as PayPal or Apple Pay that does not share your card details with the merchant.
DGA is a serious threat that can compromise your debit or credit card in a matter of seconds. By being aware of how it works and following some simple steps, you can reduce the risk of becoming a victim of this cyberattack.