Using nothing more than guesswork, hackers can guess all of your credit and debit cards in just six seconds. This includes the card number, expiration date, and the security code of any VISA credit or debit card.
Hackers can automatically generate variants of security data and test them on multiple websites until they hit, and experts warn that such an attack is extremely simple to do.
In a study published in the IEEE magazine, researchers found an attack known as ‘Distributed Divination Attack’, which could be responsible for cyberattack on Tesco, which defrauded consumers several million dollars earlier.
This attack can overcome all the security measures that are used to prevent online fraud, and according to Newcastle University, ‘it’s terrifyingly simple if you have a laptop and the internet’.
In ‘Distributed Divination Attack’ hackers send thousands of attempts to automatically and systematically generated user data through many websites. Once someone hits the target, which can occur in seconds, they can then verify that data.
According to the researchers, the study reveals a major error in VISA’s pay system: neither the network nor the banks can detect the attackers, despite multiple attempts and with the approaching dates, the risk is very high.
“This type of attack exploits two weaknesses that are not very important, but when used together, it is a real risk for the entire payment system,” said one expert.
As the current system can not detect who is ‘guessing’, hackers can do an unlimited amount of guesswork for each data field, he explained.
Each site gives a number of attempts, typically 10 to 20, and hackers use each until they match the appropriate combination. They put together all the pieces each that a ‘riddle’ gives in the correct and this is how they give all the necessary information.
And the worst is that at the moment there is no way to prevent these attacks.
But security experts give some recommendations, like using only a card for online shopping, which has a low limit. If a debit card is used, keep funds low, so you do not miss too many and they also recommend keeping an eye on your account statements regularly, to note ‘rare’ payments.
So, if you liked this article then simply don’t forget to share this article with your friends and family.