New contactless card warning to every person paying this way at any type of checkout

The expansion of mobile payment systems, tap-and-go cards, and wearable devices has grown considerably over the last few years, after a significant shift in how we pay for goods and services due to restrictions imposed by lockdown restrictions. According to the British Retail Consortium, in 2022, card payments made up 90 per cent of all retail spending.

The contactless market continues to expand as more consumers opt for the ease of contactless convenience. However, many people may not realise the dangers lurking at the checkout, as cyber criminals exploit system weaknesses in increasingly more sophisticated attempts to steal personal data and drain bank accounts.

But fear not, as Trevor Cooke, privacy expert at Earthweb, takes a closer look at some of the most common contactless payment scams and explains the simple steps everyone can take to protect their personal and financial information from online criminals.

Four dangerous contactless scams

Skimming Devices

Fraudsters install skimming devices on legitimate payment terminals to capture card information when users make transactions. Trevor said: “These devices can covertly steal card details, including the card number and expiration date, enabling criminals to clone cards or make unauthorised purchases.”

Shoulder Surfing

Trevor explained that this tactic involves criminals lurking near individuals making contactless payments and secretly observing or recording their card details. With this information, fraudsters can easily access the victim's accounts or make fraudulent transactions.

Card Cloning

Criminals utilise sophisticated techniques to clone contactless cards, replicating the data stored on the card's chip. Once cloned, these cards can be used for unauthorised transactions, posing a significant threat to users' financial security.

RFID Readers

Trevor explained that RFID (Radio Frequency Identification) is a technology that uses electromagnetic fields to automatically identify and track tags attached to objects. He continued: “These tags contain electronically stored information that can be read remotely using RFID readers or scanners.

“In the realm of contactless payment scams, criminals may exploit RFID technology by using illegal RFID readers or scanners to intercept data from unsuspecting individuals' contactless cards or devices without their knowledge.”

How to spot red flags and protect your data

Trevor has also shared key tips to identify contactless payment fraud and how to protect your personal information.

  • Regularly monitor bank statements and transaction history for any unauthorised or suspicious activity.

  • Shield PIN entry when making transactions, ensuring privacy and preventing potential shoulder surfers.

  • Verify the security of payment terminals and ATMs before use, checking for any signs of tampering or suspicious attachments.

  • Enable transaction notifications and alerts on mobile banking apps to receive immediate notifications of any unusual activity.

  • Consider using additional security features such as biometric authentication or tokenisation for added protection.

  • Employ protective measures such as RFID-blocking wallets or sleeves, which help shield their cards from unauthorised scanning attempts.

As cybersecurity concerns continue to evolve alongside advancements in technology, Trevor urges consumers to remain aware and prioritise proactive measures to safeguard their financial information.