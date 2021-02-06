Fraudsters have several ways to find out the balance of a stranger’s bank card, and not all of them can be protected. Interviewed RIA News the experts described situations in which sensitive information for citizens may end up in the wrong hands.

Yaroslav Babin, Head of Web Applications Security Analysis Department, Yaroslav Babin, called the main vulnerability in banking applications. According to his estimates, in recent years, problems have been encountered in every third application, and a year earlier they could be found in two out of three.

Because of them, cybercriminals can often view the amount of accounts of other customers or gain access to statements, transaction templates and previous transfers.

Sometimes it is not even about vulnerabilities, but about critical errors in the principles of work. For example, one of the card-to-card transfer services developed by the bank displayed a message about the lack of funds on the card for transfer before requesting any other data. That is, anyone could enter the card number and find out more or less funds on it. In this case, the client could not at all somehow affect the safety of his data.

Dmitry Ferapontov, senior lecturer at the Department of Banking at Synergy University, noted that social engineering also remains an effective method. Fraudsters rub into the trust of a person and manipulate him. Although, before that, they must obtain some information about the bank’s client, and this happens as a result of leaks.

Various sites provide data to criminals – delivery, taxi, car sharing, marketplaces. Unscrupulous bank employees can also trade personal data, although the latter cases, the expert emphasized, are less and less frequent. As a rule, each of them ends with a massive exodus of clients, even loyal ones, so that credit organizations are increasingly concerned with security.

The simplest, but working method, Ferapontov called peeping from behind at the ATM screen or smartphone while using it in crowded places. Because of this, banks began to introduce the “hide balances” function.

Earlier, the Central Bank warned of a new fraudulent advertisement, in which citizens are promised payment on behalf of the regulator. To do this, he is offered to go to the site with the Central Bank symbols and enter all the details of his card, including the CVC code.