CUNA Mutual reported that card numbers not blocked or canceled in association with the Heartland Payment Systems breach continue to be targeted for card fraud. Recent events indicate that fraudsters are still testing and successfully accessing these cards and committing fraud. If your credit union has experienced a loss and you are a CUNA Mutual member, contact their Credit Union Protection Response Center at 800.637.2676.
If your credit union made a business decision to only monitor the impacted card numbers associated with the Heartland Payment Systems breach, beware. Fraudsters are committing fraud on cards that were not blocked or cancelled. Over the holidays, several credit unions experienced card fraud within accounts where cards were not blocked and reissued, but were part of the Heartland Payment Systems breach. Here’s a summary of two different scenarios that occurred this week:
· A credit union that did not block and reissue cards noticed a fraud trend on the monitored cards. Cards on a specific BIN were being targeted. Their fraud management system indicated a trend on their cards, which was also identified on their posting report. Initially, the fraud was focused in the Midwest, but migrated to the West, as well as some International locations. The fraud appears to be concentrated at superstores, supermarkets, and gas stations. Because of this additional fraudulent activity, this credit union is now taking immediate action to block and reissue the cards.
· Recently, a credit union that chose to block and reissue cards stemming from the breach noticed an increase in card testing – with fraudsters testing these cards for an authorization within seconds of each other. Because the cards were blocked and reissued, they were not authorized, and the credit union did not suffer any further fraud.
If your credit union opted to monitor the card numbers listed on Visa CAMs or MasterCard alerts rather than blocking and reissuing them, CUNA Mutual strongly recommends that you block and reissue any active cards that have not yet expired from the Visa CAMs or MasterCard alerts. The fraud ring continues to be extremely active and it is anticipated that the fraudsters will continue to target these cards until they no longer provide approved authorizations. If you’ve seen very little or no fraud, stay alert to the fact that the fraudsters may find a BIN of card numbers that provide an approved magnetic stripe authorization. If you performed a block and reissue of your cards, you should not see subsequent magnetic stripe fraud related to the Heartland Payment Systems breach; the reissued cards have new CVV/CVC values and card expiration dates.
Posts
0 comments:
Post a Comment