Customers in Cork pub targeted in contactless payment scam, says cyber security expert

A NEW wave of criminals known as “cyber pickpockets” are believed to be operating in Cork with shoppers advised to take extra caution during a period of online cyber deals ahead of Christmas.

Dr Paolo Palmieri, a cyber security expert who lectures on the subject in the Department of Computer Science at University College Cork, said a publican recently confided in him after customers found records of purchases they never made. 

While the sums taken were as little as between €10 and €20, Dr Palmieri said that a number of punters were targeted resulting in significant profits for the criminal responsible.

The digital thefts - which occurred in recent weeks - were achieved with card readers exploiting contactless technology through bags, wallets and pockets. Crowded areas are particularly attractive to thieves intent on gathering as much cash as possible in a short period.

Dr Palmieri explained how people can now find themselves in close physical proximity to their cyber attacker.

“There are things happening offline that can fall into the category of cyber security,” he said. 

“If someone’s contactless credit card is charged by a hidden mobile device that is a cyber security attack because it is using the technology of the contactless card without the knowledge of the victim. In a crowded space the criminal will be able to get close enough to the person’s wallet with the device and initiate a transaction. It happens a lot and quite recently I spoke to a pub owner about what happened to his customers. 

"The customers had believed that the pub owner had some responsibility when in reality it didn’t have anything to do with them. The person responsible had been in the pub with a hidden, but malicious, point of sale. 

"It was well hidden but also close enough to activate a transaction if the credit card was in their pocket. This is something that happens regularly in Cork.” Dr Palmieri said that people tend to avoid contacting Gardaí due to the minor financial losses.

“Each individual will make their own decision. However, the reality is scammers know what they are doing. They will never repeatedly charge the same person or charge very large amounts. They will charge between €5 and €20 (maximum). People are not going to take an hour of their time to fill out a police report for that amount of money.” He said that some may never realise they were the victim of a theft.

“Some won’t even notice as they will have made many transactions throughout the day. It was only the regular customers who hadn’t been out shopping and made few transactions that realised.” The cyber security expert emphasised the importance of reporting such crimes.

To find out more about how to stay safe from cyber-crime visit www.garda.ie.