The World Cup Poses Payments Risks

Hundreds of thousands of people are in Brazil for the World Cup football tournament. While Brazil poses risks for payment crime, there are things payment companies and issuers can do to help their customers mitigate danger, such as communicating preventative measures.

Consumers will need plenty of cash to buy food, drinks and other items at the event. ATM skimming (where the card magnetic stripe is copied and PIN number is collected) is common in Brazil, and there are some very sophisticated attacks that have been attempted. Skimming at the ATM may range from a reader on the card acceptor slot and a PIN pad camera, to an entire overlay that covers up the whole ATM (and everything in between), and sometimes even fake ATMs that dispense no money.

There are several tips to reduce risks for ATM skimming. Only use Bank ATMs, in well lit, secure and highly monitored areas. Try to avoid non-bank ATMs, ATMs with spelling or grammar mistakes or other tell-tale signs that the ATM may be risky. When approaching an ATM, consumers should check to see that there are no unusual looking or extraneous pieces, discolored or loose components on the card reader. The user should cover his or her PIN with their other hand as the numbers are entered. Users should also be sure that everyone in line keeps a bit of distance when the ATM is in use, and consumers should also use the mirror to be sure that the next person behind is a safe distance away. And if the card gets stuck, the consumer should have the card cancelled immediately.

Using online banking for transfers and bill payment is also risky. The most likely way to get compromised is by malware like Zeus,  a virus that can record keystrokes at a bank’s login page. Public computers can be highly risky, as they may have picked up any number of spyware programs. Consumers should avoid logging into sensitive sites when using public computers.

There are other risks to personal information at the point of access. Consumers should bring their own computer or device and should not perform any online banking from internet cafes, coffee shops, or third party/public computers.  Also, computers and mobile devices should be recently updated and have the latest patches, operating system, and security settings turned on. Red flags include new fields at login, or a session that asks consumers for more information than normal. Consumers should also be advised to check balances for unknown or unexpected charges, and to notify their bank if traveling, including information such as destination and the duration of the trip.

Seth Ruden is a Senior Fraud Consultant at ACI Worldwide.