Search results: phishing

Identity theft? Your personal information is like gold – it needs to be well secured

22 Apr

Gold is a lot of things, but it’s not the most valuable thing you can own. What could be more valuable than gold, you ask – palladium perhaps? True, but the most valuable thing to you, after your family, is your personal information, that’s what!

When criminals start mining your data they are not hunting for your gold; they’re hunting for your personal information for the purpose of identity theft. The problem is that many people are still unaware of how easily it can happen.

What is identity theft? Identity theft is when a criminal fraudulently uses another’s personal information to make purchases, apply for credit cards, and get loans.

If you have a good credit record and a lost ID, you’re in for a lot of trouble!

Identity theft is easier than you think

Have you ever requested a credit card statement via email and been asked to provide your ID number? Have you emailed a copy of your ID to someone recently? Did you know that all an identity thief needs is your ID number along with some of your personal info such as your address and mobile number, to create fake IDs, paperwork, and complete various online applications?

Identity theft is so serious in South Africa that Carte Blanche did a feature piece on how it happens. And according to the TransUnion credit bureau, identity theft in South Africa is on the rise and consumers need to do more than they are currently doing to protect themselves.

How does identity theft work?

We hear about identity theft from time to time, but how do the criminals actually get it right?

Identity thieves can sell your ID and personal details, along with your credit profile for as much as R3 000.

When an unscrupulous individual wants to buy a luxury car, open a cell phone contract, buy groceries, or apply for an instant cash loan, they will need to prove a good credit rating, provide proof of address, copies of bank statements, and have a positive ID. Thank you Mr Smito – all of this can be created by simply acquiring your ID number. It’s a scary reality!

What to do when your identity is fraudulently used

If you detect that fraudulent purchases are being made on your behalf, here’s what to do:

  • Contact the South African Fraud Prevention Service to start an active investigation.
  • Write an affidavit detailing the situation and open a case at your local police station.
  • Get in touch with the companies that the criminal has racked up bills with. Explain the situation to them and ask them to investigate the purchases made.
  • Check your credit profile to ensure that none of your details have been changed. You can also ask the bureau to make a note on your profile that there is a suspicion of identity theft.

How to treat your personal information like gold

Want to ensure that your personal particulars never fall into the wrong hands? Here are a few tips:

  • Never leave your ID, driver’s license, mail, or statements lying around.
  • Shred all documents containing your personal details before you throw them in the bin.
  • Ignore those “Congratulations! You’ve won a prize!” text messages.
  • Don’t provide personal information to anyone that makes an unsolicited call to you. If you need the service, but don’t trust the contact you have received, contact the company directly yourself.
  • Check your bank accounts regularly to ensure that no unusual purchases have been made.
  • Don’t be caught out by phishing and digital banking fraud – no bank will ever ask for your password along with your personal details.

The time to take better care of your own identity is now. Follow the above tips to minimise the risk of becoming an identity theft victim and be sure to backup all your personal data securely, online.

Digital banking fraud is on the rise! What’s the solution?

4 Mar

Absa has recently warned the public that digital banking fraud is on the rise – and they are right!

To come up with a viable solution to the problem, we need to fully understand how the fraud is being committed. Simply put, social engineering is to blame.

Social engineering and data security

“Social engineering” in terms of data security is a process of using deception to manipulate people into sharing their confidential and sensitive information. This information is then used for fraudulent activities with phishing being one of the most prevalent forms of social engineering.

Absa has noticed that more customers are falling victim to the process and end up sharing their card PIN, One Time PIN (OTP), CVV (last 3 digits on the back of your card), online banking username and password with third parties that are posing as legitimate financial and banking institution employees. There was a whopping 64% increase in digital banking fraud in South Africa over 2018.

The problem is not merely data security

Your digital banking profile and the money that it represents are only as safe as your data is. Unfortunately, mid-2018, 4.5 billion consumer data records had been exposed in various types of data breaches, phishing attempts, and spam email.

The fact of the matter is that the problem is not simply limited to the level of security that a person has. For instance, a spam email containing compromising hyperlinks would be useless if it’s ignored. For that to happen, consumers need to be able to tell the difference between a spam email and a legitimate email.

Education is a part of the problem. Consumers need to be more aware of what is considered acceptable and secure correspondence, versus potentially risky communications via the internet, phone, and apps.

Absa’s advice to digital bankers

Ulrich Janse Van Rensburg, the Head of Fraud Strategy for Absa, has released useful tips for the public regarding safe digital banking. In summary, here are the pointers:

  • Never approve transactions via mobile banking apps if you are not personally transacting.
  • Only make use of reputable and safe banking systems such as the Absa (or other bank’s) Mobile Banking Application.
  • Never provide your personal details (PIN, password, CVV etc.) to anyone via the phone or email. A bank will never request these details from you on these platforms.

What can you do?

Consider removing your auto-saved banking data from your devices. One-touch sign in to digital banking apps on your mobile device can result in substantial financial losses, especially if you lose your phone. Avoid making use of new, unknown apps that require your banking details or credit card details. And you should also make sure that you change your passwords regularly.

Have you had a disastrous situation with a digital banking app? We’d love to hear your stories – good or bad!

2019 Cybersecurity threats and opportunities

18 Feb

2019 is no longer a retype or an afterthought. It’s happening and with the new year comes a variety of new Cybersecurity threats and opportunities.

Our lives and lifestyles seem to become more digitised each year. You can do almost anything online, and you can control almost anything from your smartphone. Life has changed, and technology has become a part of our everyday existence. Because of this, the topic of Cybersecurity is (or should be) always a conversation piece and top of mind.

From the many surveys and reports released at the start of the year, it is apparent that cybersecurity is a number 1 risk factor for businesses as well as the public.

While it seems that most people are aware that there are risks, a very low percentage of businesses actually take the time to train and educate their staff on the topic. And when we say low, the stats show as little as just 11% of global organisations providing cybersecurity training to their people.

In an attempt to get business owners more actively interested in cybersecurity risks and educating employees, we take a look at the top cybersecurity threats and opportunities expected in 2019.

  • Increased sophistication

Cybercriminals have always been quite advanced in their methods, but it seems things might get even more complicated as criminals up their game. Already, 55% of all gross bank losses in South Africa relate back to cybercrime. Without educating staff and perhaps training highly-skilled cyber security expects to fight the war against cybercrime, this already shocking figure could rise.

  • The entire nation could be inconvenienced or negatively impacted

Cybercrime is no longer targeting account holders, investors, and business owners. Cyber criminals are turning online crime into a matter of national security. This year, cyber criminals plan to target entire electricity supply grids, government grant payment systems, banking systems, and even tax collection systems. This could affect you…and the entire economy!

Phishing attempts have been fairly effective to date, but now with social engineering improvements and better data correlation, phishing will be far easier to pull off. Prepare for some sleepless nights over this one – especially if you run a business with uneducated staff (when it comes to cybersecurity that is).

  • A new trend toward targeting vulnerable SMEs will be seen

Large enterprises have been a focus for quite some time and this year, cyber criminals are likely to target small to medium enterprises that haven’t felt too much at risk. SMEs typically have limited security systems. They also have access to cash flow. This makes them an attractive target for opportunistic criminals.

It’s not all bad news!

It’s easy to think that 2019 is going to bring about a plethora of new cybersecurity threats… because it will. But what’s the good news? Are there any opportunities for cyber security improvement? Yes! There most certainly are.

As new technologies emerge and cyber security professionals enhance their skills and tools, cyber criminals can expect to enter into a good fight. Machine learning and AI (Artificial Intelligence) is being designed to analyse data and search for potential breaches and vulnerabilities, which will make the task of cybersecurity for us mere mortals a great deal simpler and more effective.

Are you ready for 2019? You need to be!

If you need cybersecurity advice or products to protect your business or personal devices, give us a call or send us an email at Soteria Cloud today.

Is the heart of democracy really data security? You decide!

4 Feb

When experts in the field of data security start saying things that imply military systems can be easily hacked, one starts to realise just how vulnerable we are to cyber criminals.

Unfortunately, the opportunity for cyber criminals abounds as their skills seem to surpass the expertise and efforts of the world’s cybersecurity pros. It’s not just a fighter jet being hacked and taken control of by opportunistic terrorists that one should fear though. Hacking and cybercrime can go beyond even the threat of a skyjacked jet and have an effect on entire nations on a global basis.

Suppose a hacker was to breach the security protecting the national tax collection system? Such an act could cripple the economy and leave millions starving. And this is just the start to the type of terror that online crime can result in.

Just how resilient is South Africa’s cyber security?

South Africa, and the world seem to be have been up in arms last year with data and security breaches abounding at every turn. The importance of highly-effective cybersecurity policies in the public sector is an area that has been highlighted.

The main objective is (and should be) to protect public institutions from falling prey to disruptions and the pillaging of cyber criminals. A call to protect the following public institutions has been heard, and the government will have to do something about it if they want stakeholders to feel more confident:

  • Revenue collection
  • Military defence
  • Freight handling
  • Social grant distribution

As the country, and the world seamlessly merges into new technology, the worry that essential public and government services will be faced with cybercrime related havoc increases. Just because South Africa is developing in terms of technology and the IoT (Internet of Things) a bit slower than its peers, doesn’t mean that it has escaped the risk. The risks are the same…and they are looming!

The South African Government Takes Cyber Security Risks to Heart

The South African government seems to have come to the party in this instance and appears to be taking a serious interest in the cyber security of its systems and people.

The Department of Telecommunications and Postal Services has set up the Cybersecurity Hub, which is designed to create a greater awareness of cyber risks and help South African’s share information regarding cybercriminal activity.

Educating the people of South Africa about cybercrime and the risks (and what to do) is probably the first step that the SA government should take. A security system is after all, only as strong as its weakest link. And if people aren’t aware or don’t understand the risks, they are indeed a weak link!

Cyber Security is Everyone’s Responsibility, for the Sake of Our Democracy

If democracy is important to South Africa and its people, surely educating the hundreds and thousands of employees and the public sector about the reality of cybersecurity – and how to play a part in preventing it, should be a major focus? By educating the public, the country can ensure that service delivery and essential services never fail its people, because everyone is doing their bit to protect the democratic lifestyle that we so love and value.

Of course, it’s not just the government’s responsibility. Businesses should be training their employees and ensuring that they have knowledge of risks and defence strategies when it comes to cybersecurity.

Where we are Failing

Recent surveys have shown that a whopping 1/3rd of the world’s public sector companies say that they aren’t sure their employees are able to identify an identity impersonation in action or a phishing scam unravelling. A further worrying statistic showed that even though these companies are doubtful of their staff members’ abilities, only 14% of them provide training on the different types of cyber threats and how to avoid becoming a victim!

How government and public sector companies can do more:

  • Provide ongoing awareness training to increase knowledge and insight into cybercrime.
  • Be proactive rather than reactive by ensuring that effective cyber security measures are in place (instead of only scrambling to find cyber security solutions when an incident occurs).
  • Design and implement plans and processes to keep emails and business operations up and running, even in the midst of a cyber-attack.
  • Make sure that data can be recovered after a security breach. Cloud backups are often a viable solution here.

For an ongoing, beneficial South African democracy, it seems that more care must be taken to involve the people of the country in the overall cyber-security efforts. Education is the starting point and implementing the correct processes and procedures should be a main objective for all.

Need some advice on how to play your part in protecting yourself, the company you work for, and others from cybercrime that threatens our democracy? Get in touch with us or consider our data backup packages today.

Simple Cybersecurity Measures that Work!

27 Nov

If you have been a victim of cybercrime, chances are that there was no serious plot to target you and your account specifically. By nature, cybercrime is an opportunistic business. This means that a hacker might come across your password or send out spans of emails and you’re the one who falls for it and…yes…clicks the link. The truth is that there are a few basic cybersecurity measures that you can take to ensure that you don’t become a victim.

Don’t Want to be Hacked? Make These Security Measures Your Online/Device Mantra!

These tips are for individuals as well as businesses, so listen up and take note!

Make your password strong and regularly update it

We could all stand to be a little more mysterious with our passwords. If you’re the type of person who uses the same password for all applications and accounts, STOP! Mix things up. Use an upper case letter, lower case letter, number, special character and you must avoid using anything that is easy to guess (think ID number, partner’s name, child’s name, pet’s name – you get it!).

Log out when you leave

If you access accounts on public devices or even work devices, always log out when you are finished. To be even more secure, you can clear the device history and cache so that you are certain the log in information will no longer be valid.

Get in the habit of doing regular encrypted data backups.

The cloud is there for a reason. Make sure that you don’t leave any sensitive information saved to your device. You can do a data backup and secure your information from hackers. We can help you with this at Soteria Cloud.

Password protect your network

This should be the first step in anyone’s cyber security strategy. It might seem like it’s “just your home Wi-Fi”, but you won’t be feeling the same when someone realises your network is unsecured and uses it to access personal information which can be used against you. Identity theft and fraud is a lot easier than you think. It’s all about protecting your personal information.

Password protect your devices

Ever lost a phone and wondered what would happen if it fell into the hands of the wrong person. With banking apps, Zapper and NFC functionality, your phone can be your worst enemy (when in the hands of a criminal, that is). Make sure that your protect your device with a secure password, just in case.

Get choosy with the apps you use

Apps are great. They’re fun and convenient. What happens when the app you are using is hacked? You guessed it! Your personal information is at risk. If you are going to download an app, make sure that it offers sufficient security and that the company or brand it is linked to offers protection against cybercrime too. You should also encrypt your most commonly used accounts.

Avoid “dodgy” emails and messages

If you don’t know where the email is coming from and it’s asking for personal information or requires you to click a link, avoid it! Phishing is a top cybercrime trick. Don’t know the email sender? Don’t open it!

These simple cyber security tips can help you avoid cybercrime victim status. Thwart the efforts of opportunistic cyber criminals with our help! Got any more security tips of your own to add? Share them with us!

How Big is the Human Error Element when it comes to Cyber Risk – Time to do a FAIR?

30 Oct

According to a recent report released by Verizon, 17% of data breaches originated from social engineering, mostly emails. The report uncovers that 17% of the breaches are a result of human error, such as employees sending sensitive emails to the incorrect recipients. This report is making industry professionals wonder just how big the human element is when it comes to cyber risks and what can be done about it.

If you ask a company what percentage of their risk is owed to human error, they probably won’t know how to answer that. That’s because over time, most of the attention, when it comes to cyber risk, has been given to the more obvious concerns such as misdirected emails and phishing, instead of what can happen along the attack chain. Not knowing where to start can lead to the stats being a little inaccurate.

Assessing the Human Element

If you really want to assess how big the human element is in cyber risk in an organisation, there is a simple 2-step analysis process to follow.

The two elements that can be used for such an analysis are:

  • Frequency – How likely is it that an employee will become victim to phishing or accidentally forward sensitive information a second or third time?
  • Impact – How likely is it that such a negligent act of an employee will result in data breach or disruption and what could this potentially cost the business.

The FAIR Method of Analysis

Using the Standard Factory Analysis of Information Risk (FAIR) model, one can determine probability and cost of incidents. FAIR is a digital system that allows one to use critical thinking in identifying risks and measuring them. Such a system allows for greater insight into frequency and impact.

Being able to gather valuable data in this manner means that results can be translated accurately and potential outcomes predicted.

Benefits of the FAIR method of analysis:

  • The risk from data breaches can be thoroughly considered.
  • Multiple assets at risk can be carefully identified.
  • Security teams can get a better concept of the frequency of such risks and if similar risks will present in the future, and what impact they will have.

This can be done by considering the following in each of the two analysis factors:


  • How often are emails containing sensitive information sent?
  • Just how often do employees send emails to the incorrect person or attach the wrong information?
  • Is the email content being sent encrypted?


  • How much does it cost for experts and customer relations to rectify the email problem?
  • What it may cost if legal action is taken against the company or if you have to offer some form of compensation for the mishap.

The FAIR analysis system can use the solid data gathered to generate a whole host of potential outcomes. Often, using this method can uncover the possible dangers of overlooking seemingly low-impact events.

With the results provided by FAIR, you can tweak the impact of different factors and rerun the analysis to see what outcomes there are with alternative controls in place. FAIR makes it possible to assess the human element easily and more accurately.

By effectively assessing just how big the human element is in your cyber risk, you can cut back on occurrences that cause losses for your business. While you cannot change human nature, you can identify risks better and implement strategies to safeguard against potential catastrophic fallout.

Cybercrime attacks costing more than $1,1m per minute

2 Oct

Did you know that every 60 seconds, $1,1m (R16,6m as @ 7/09/18!) is lost to cybercrime attacks? That amount of money is almost impossible to fathom, but it’s a reality! It is estimated (by RiskIQ) that a whopping 5 518 records are leaked in data breach incidents every minute. That’s hard to keep up with.

The security efforts in place, which are costing the companies that incorporate them, just aren’t working (or so it seems)!

The research carried out by RiskIQ has also uncovered the following shocking stats:

  • 1 861 individuals are scammed every 60 seconds
  • 1.5 organisations fall victim to ransomware ever 60 seconds
  • When incidents of ransomware, malware, phishing and leaked records are combined, the stats show that 2.7 million people are affected by cybercrime every 60 seconds.

The real danger comes in when organisations don’t even know that they are running vulnerable third-party code. Four vulnerable web components are discovered every 60 seconds, according to the RiskIQ stats.

An Example of how Vulnerable Third Party Code Causes Losses

A fine example of this happening is the Megacart hack. This was third party code used to access hundreds of e-commerce websites. What consumers didn’t know was that when inputting their credit cards details to make payment, their card details were being sent to a third party.

Unfortunately, there’s no way for a user to know that they are a victim to such an attack. So, what can you do to protect yourself?

  • Only make online payments via sites that you know to be reputable.
  • Always check the security of an e-commerce site before you pay.

While the cybercrime industry remains as lucrative as it is, it is expected that such cyber-attacks will only increase. Being aware of the risks and ensuring that you have various insurances in place to protect yourself from the potential losses of online payments are steps in the right direction.

Have you lost money as a result of cybercrime? Let us know about it. We would love to share stories of cybercrime to create further awareness.


 3 Lesser Known Online Scams

31 Jul

The internet has changed. Scams and tricks that caught people out years ago just wouldn’t work these days…or would they?

The internet is a wonderful place. It can simplify our lives and provide exceptional convenience, but that doesn’t mean that it’s not flawed. Along with the convenience comes the risk. Online scams exist and millions of people around the world have found themselves victims of these scams. It would be irresponsible to believe that the internet is a safe place.

Data scavengers

One thing is for certain, online scams and hoaxes are all designed around one basic need that hackers and criminals have, and that’s to collect data.

Once the personal data of an individual or business is obtained, that’s when purchases can be made, identities can be stolen and losses sustained. Without the right data protection and security mechanisms in place, it’s not a case of “if your data is hacked”, its more a case of “when your data is hacked”.

Phishing and Malware scams are a major problem for young and old, there’s no discrimination. It’s easy to fall victim to this when you shop online, read your email, or access your social media accounts.

It can be hard to keep track of all the online scams and hoaxes that go around each and every year, but we hope that this list provides a bit of insight into some of the lesser know. Some are old, some are new…but all of these are still highly prevalent in the online community.

Here’s our top pick of three scams that you might not have heard of yet:

Greeting Card Scam

It’s Christmas or Easter and you might be expecting a greeting card or two. With the digital age upon us, it’s not unusual to receive a greeting card in your email inbox. You open the email, click on the card and before you know it, a secret program is downloaded to your computer. You don’t think much of it and go on with your life. Maybe pop-ups appear now and then or your system is slow.

Behind the scenes, the downloaded software is quietly gathering your personal and financial information and sending it back to the criminals behind the hack.

A decent computer security system should be able to protect you against this kind of hack. Remember though, unless you personally know and recognise the sender of an email, don’t open it or click on any links and attachments.

‘You’ve Won the Lottery’ Scam

We all want to win the lottery so you will be forgiven if you find yourself falling for this one. This scam usually presents itself in the form of an email informing you that you have won a chunk of change. The initial excitement of being able to quit your job could make you overlook the fact that you haven’t bought a lottery ticket and the fact that you have to pay a processing fee to collect your prize.

You can protect yourself from this type of scam by being realistic. You should never have to pay money for a prize and if you haven’t entered a competition, don’t open emails or even respond to an SMS claiming that you have won!

Hitman Scam

Ever had your life or the life of a loved one threatened? That’s what the Hitman scam is all about. You receive an email stating that you or a family member will be kidnapped/killed if a ransom is not paid. These emails are believably threatening as they are often filled with your personal details which the criminals will have retrieved online.

You can protect yourself from this scam by limiting how much personal information you give out online and ensuring that you don’t converse with fake ransom emailers.

Many Other Online Scams Await You

Unfortunately, these three scams are just the tip of the iceberg of scams that are out there. Other popular scams include phishing email scams, Nigerian scams, bank loan and credit card scams, romance scams, fake antivirus software scams, Make-Money-Fast scams, travel scams, Bitcoin scams, fake shopping websites, and many more.

Avoid being a victim of scams. Store all your personal particulars in an off-site, data encrypted cloud account and ensure that you are always suspicious of potential threats. If something seems too good to be true or doesn’t quite sit right with you, avoid it at all costs.

SAPS warns of online scams

5 Jun

Recently the Newcastle SAPS thought it necessary to issue a public warning about online scams after noting an increase in the number of incidents where individuals were paying for cars online and never receiving the vehicles. While you might think this is a “no-brainer”, there are some who clearly don’t think the same way.

You should never pay over any money for a vehicle until you have actually seen it, but there are those who are still caught out in this way. And it’s not just the purchase of vehicles where this happens. Many have been caught out paying for items online that they just never receive, ranging from a car to a gift or even an item of clothing. The risk is real and South African’s need to be more careful when transacting online.

Tips issued by the SAPS

In an attempt to help South Africans protect themselves, the SAP have issued a few tips as follows:

  • Be smart to phishing attempts. Know without a doubt that your bank or credit card company will never contact you by telephone or email to ask you to update your personal details. If you are requested to click a link to update details, you are putting yourself at risk. Your personal information can be collected and used for fraudulent activity. Online competitions are also a great way of phishing. If you have to complete forms with your personal particulars in order to win money or an impressive prize, you might become a victim of phishing.
  • Never share or write down your PIN, password or online ID as these can be stolen and used to carry out fraudulent purchases in your name.
  • Do not save your internet banking profile and password details on your computer, and try to avoid doing online banking on any public computers.
  • Make use of the limits on your cards and accounts. This can save you major financial losses should a criminal access your accounts.
  • Only transact with reputable companies online. If you find a product that is too good to be true, it usually is. Be careful.

Newcastle SAPS Corporate Communications Officer, Captain Jabulani Ncube urges all South African’s to be aware of the risks and to take the necessary safety precautions to avoid becoming part of the statistic.

Digital tech crime in the spotlight: Interesting tricks used by card fraud criminals

22 May

At the end of 2017 the statistics on card fraud were made available to the public and how interesting they were. A quick review of the stats provided by SABRIC (South African Banking Risk Information Centre) shows that over the course of 2017, credit card fraud increased by 1% while debit card fraud actually decreased by 8.5%!

Why did debit card fraud decrease so much?

According to Kalyani Pillay, the CEO of SABRIC, debit card fraud events took a steep decline as a result of fewer lost and stolen cards. There were also fewer counterfeit cards on the market.

This doesn’t mean that fraud isn’t happening, it’s just that criminals have adjusted their tactics in order to take advantage of innovations in the banking landscape.

Here are the latest fraudsters’ tricks

SABRIC released a list of 7 of the latest tricks used by card fraudsters in South Africa at the moment.

#1. Lost and stolen card fraud
The easiest way for criminals to acquire cards is when they interfere with the physical transaction process. This usually happens at the ATM by opportunistic criminals offering to help people, or devising a way to acquire the card PIN. Cash is then drawn from the card at various machines until the daily limit is reached.

#2. Issued card not received fraud
This is when the criminal collects or intercepts a card before it is delivered to the right person. While most banks ensure that cards are delivered by courier direct to the client’s home, or that the customer personally collects the cars from their branch, some cards are sent by mail. These credit cards, loan cards, clothing and merchandise account cards and similar are then collected by the criminal.

#3. Card falsely applied for fraud
Here, the criminal gathers information on an individual and applies for credit and cards in their name, with their details. The card is then issued and used, racking up a bill which must then be paid for by the innocent party.

#4. Counterfeit card fraud
Criminals with the right equipment and software can steal information from the magnetic strip of an existing card. The information can then be used to create a false card. This is often called “card skimming” and can be done at ATMs.

#5. Speedpoint card skimming fraud
This is when criminals steal legitimate Point of Sale (POS) devices from merchants and then convert them into card skimming machines. This usually goes unnoticed as speed point machines can be replaced with similar machines that don’t belong to the actual company.

#6. Replacement card fraud
Again, theft of personal information plays a role in this type of card fraud. Criminals gather all the relevant information on an individual and then apply for a replacement card which is then handed over to them, ready to use and abuse.

#7. Card not present fraud (CNP transactions)
Certain transactions such as online purchases or mobile purchases don’t require a physical card at the point of purchase. Data breaches, phishing, and malware can be used to gather card information from various sources. This information is then used to complete online and mobile purchases and transfers.

Always make sure that your personal information is protected and that your data is securely backed up to the cloud. If you are looking for peace of mind and a secure backup option, check out the online backup system features at Soteria