New fraud! Young white-collar workers wake up with tens of thousands of savings and return to zero.

 New fraud! Young white-collar workers wake up with tens of thousands of savings and return to zero.

New Telecom fraud! Young white-collar workers wake up late at night with text messages and tens of thousands of savings have evaporated (Source: ~)

It sounds like a high-level martial art in a novel, but it actually happens to us. This time, criminals are eyeing hundreds of thousands of deposits in bank cards.

These two stories are true stories.

Late night SMS: all deposits evaporated overnight.

Miss Ding, a young white-collar worker from a foreign company near Xintiandi, Shanghai, woke up at 7 a.m. and saw two text messages from banks and mobile operators on her mobile phone, which were sent at 3:43 a.m. and 4:12 a.m.

At first she thought it was wrong and didnt care, but when it came to the bank, Ms. Ding checked her account for insurance purposes. Who knows, the balance of more than 100,000 Yuan went to zero overnight.

Mr. Chen is a senior executive of state-owned enterprises. He was transferred to 280 thousand overnight. 10 thousand of this is wages, and 270 thousand is just due to finance.

They both told the Knews reporter that they usually pay special attention to the safety of using cards, cards never leave, passwords never leaked, transfers are U shield, Internet access is also a professional version of the Internet silver. So how did the money disappear?

Secret deception: two text messages two times fall

Miss Dings nightmare is not over. After the balance was stolen, she also suffered credit card theft, and even was applied for a $70,000 Pudong Development Bank multi-purpose loan, and these debts, of course, were counted on Miss Dings head.

All of these started with two strange messages from the wee hours of the morning. After more than a year of follow-up interviews and investigations, Knews reporters have finally figured out a new trick that is more subtle and harmful.

The first message from the bank shows that the criminal has logged into Miss Dings bank account. Then how was the bank account broken?

Criminals find some hackers, write their own software to sweep all kinds of websites, batch generated phone numbers to sweep in, the phone number corresponding to the login password swept out. This is known as hit the library in the industry. This simple and crude method, directly get the users most critical login information, equivalent to stealing the users network identity.

The crash database is also fast enough to run 1,000 runs per minute, with a success rate of more than 50%, according to police.

After using the password to break the library to log on to the Internet bank, to transfer money, there is still one step that can not be bypassed - random authentication code.

To get the verification code, you naturally need to break your cell phone and read your message. At this point, do you think your mobile phone account is still safe? Dont be silly.

After logging into your mobile phone store, criminals usually do a few things: open SMS filtering and SMS custody.

Self changing card: easy access to second keys

At the alarm of the police, the operators found security loopholes and turned off the related SMS filtering and storage functions. Originally thought that the criminals can be put to rest, but who expected them to develop a new method of crime: change cards.

After breaking through the victims online business hall, criminals applied for 4G card exchange business in the name of the victim.

Criminals use the victims mobile phone number and password to log into the business hall and apply for upgrading the SIM card. Operators generally default logon to the cardholder himself, plus random dynamic code verification, so skipping more authentication links can directly express the card to the designated address. This was originally a convenient service, but it is not known, at this time the cardholders login password has been broken, authentication code and SMS notification has also been intercepted, so the new card in the cardholder did not know the situation, was sent to the hands of criminals. Once the new card is activated, the card on the real cardholder will automatically fail.

Shivers: 320 million pieces of information were broken down.

Knews reporters who looked at the news in the interview learned that the police intercepted 320 million cracked user information from criminals. If the average person in our country has a cell phone number, 320 million pieces of information mean that one in four peoples information has been leaked or cracked, the number is chilling. Fortunately, the Huangpu police promptly cracked the case and prevented the leakage of data, otherwise the consequences would be unthinkable.

The police brought four suspects from Hainan to Shanghai. It is said that some people were still hitting the library when they were arrested. When reporters interviewed, these people are still denying, do not know, forget, is their most common words. But how can they deny the stolen goods and the many tools of crime that have been seized from their homes?

Recently, four suspects in this case were sentenced to 4-16 yearsimprisonment by Huangpu District Peoples Court for infringement of citizens information and credit card fraud.

Precautions: users, operators and banks need to be careful.

Knock on the blackboard!!!!

Look at the news Knews reporter summed up some of the warning tips, hope that everyones hard money will not be forgotten by thieves.

For users --

1, ensure that the password is complex enough, and safeguards properly to prevent leakage.

2, the website password should not be the same.

3, once the cell phone is found to be useless, report the loss of the bank card immediately.

4, set the transfer limit and lower the credit card quota.

For operators,

2, close unnecessary value-added services such as short message filtering and short message custody.

For banks,

1, the responsibility of authentication can not be passed on to mobile operators. It is suggested to strengthen the safety measures such as U shield and cipher.

2, when issuing loans, it must be confirmed with the cardholder himself.