Kuwaiti banks are facing a rise in hacking incidents where fraudsters exploit legitimate e-commerce platforms to drain customers’ bank accounts. The scheme involves compromised online transactions, leading to unauthorized withdrawals often from overseas. Banks hold customers accountable for security breaches, while victims contend that the infected websites are at fault. This ongoing issue emphasizes the importance of vigilance in online transactions.
In a troubling incident, Kuwaiti banks report an increase in customer complaints regarding a sophisticated form of bank card hacking. This method targets legitimate local e-commerce sites, enabling fraudsters to extract funds through unauthorized transactions, frequently originating from abroad.
The new scam specifically preys upon users of popular Kuwaiti shopping sites. Victims initially make legitimate purchases but later find their accounts depleted due to unauthorized withdrawals, often from locations like Italy, despite the cardholders remaining in Kuwait. The scam operates as follows:
1. Customers attempt to make contactless payments on compromised websites.
2. They receive a prompt to enter a one-time password (OTP), only to see a message indicating the transaction failed.
3. Subsequently, they are asked to re-enter their card information to finalize the purchase.
4. Days later, unauthorized withdrawals are detected, corresponding to purchases made overseas.
This innovative hacking technique exploits flaws within local e-commerce platforms, allowing unscrupulous individuals to clone the card data stored on customers’ devices. This compromised information is then used to extract funds, often reaching the card’s limit before the victim notices the issue. By the time the victims alert their banks, substantial amounts have been illegally withdrawn.
In the aftermath, a contentious debate arises between victims and banking representatives. Banks assert that customers are at fault for compromising their security by revealing their OTPs. These banking sources contend that banks and the Central Bank of Kuwait have no obligation to reimburse victims or recover lost funds, as corresponding banks validated the transactions based on legitimate OTP usage.
Conversely, victims maintain that they adhered to all necessary protocols for contactless payments and were unaware of the compromised status of the websites they utilized. They argue that some sites falsely advertised compatibility with payment services such as Apple Pay or Google Pay, raising concerns about the presence of malicious code. This, they assert, indicates that the compromised websites hold responsibility for the breaches.
This insecurity in e-commerce platforms continues to pose a challenge. It is imperative for consumers to remain vigilant and adopt safer practices when engaging in online transactions. Individuals should ensure that websites are secure, confirm that payment methods are genuine, and monitor account activities regularly to detect any unauthorized transactions promptly.
In summary, the recent rise in bank card hacking incidents among Kuwaiti shopping sites highlights significant vulnerabilities in local e-commerce platforms. Victims have reported unauthorized withdrawals that arise after seemingly legitimate transactions. While banks attribute responsibility to customers for sharing OTPs, victims argue that compromised websites are to blame. These complexities illustrate the critical need for consumers to safeguard their financial information and for banks to enhance security protocols to mitigate such incidents.
Original Source: www.arabtimesonline.com
