You may remember Sierra Gosnell. 3 On Your Side profiled her story last week after her Insight Visa Prepaid Card was somehow cloned and her account was wiped out completely of nearly $1,000. It was all taken in a matter of minutes. “It's just scary,” Gosnell told us at the time. “That fast, they (crooks) can rack up and clear out your account that fast and there's nothing you can do,” she said.
[RELATED: Woman's account wiped out by 'cloned' card]
Apparently, someone was swiping a card with her account information and drained her account. Gosnell says she's the only one with her debit card and she still had it in her possession when it was fraudulently being used.
So how does something like this happen? "Let's start with the premise that breaches have become the third certainty in life behind death and taxes," Adam Levin told 3 On Your Side.
Levin is an author and cyber security expert with a company called Cyber Scout. He says there are a few ways Gosnell’s debit card could have been cloned or duplicated. “One is breaches, one is skimming, one is shimming and one is using free public Wi-Fi,” he said.
Let’s start with a data breach, which we hear about all the time in the news. For example, remember when the credit reporting agency Equifax was breached?
Gosnell’s card information could have been stolen and sold on the Dark Web. “Just millions upon millions of credit cards and debit cards have been exposed through breaches over the past few years,” Levin explained. And, once thieves get credit or debit card numbers they can clone or duplicate a card. And once thieves have your credit or debit card numbers, they can clone a card with your identical information.
Then, there's skimming. “Skimming has been around a very long time,” Levin said. “You go to a restaurant or a store and you don't realize when someone takes your card in the back, they're actually making a copy of it and then using that information to create a cloned version of your card,” Levin explained.
Another way your debit or credit card is cloned is through a method called shimming. That's when a small device is secretly inserted into card reader and waits for you to insert your card. “Shimming is a wafer-thin device and it has an embedded microchip and flash storage,” he said. “It appeared in Arizona recently and in Canada and one other place so this is kind of a new thing.”
We may never know exactly how Gosnell’s card was cloned. But it's something that does happen and in this day and age, it will unfortunately continue. “Criminals are getting much more sophisticated. They are very creative,” according to Levin. “They are very persistent, they are armed, they are weaponized and they're coming after each and every one of us.”
Remember, never use a debit card for an online purchase and check your bank statements as often as you can for fraudulent activity. Check daily if you can to stay on top of it.
[Special Section: 3 On Your Side]
Copyright 2018 KPHO/KTVK (KPHO Broadcasting Corporation). All rights reserved.