Ghost-tapping attack on mobile payment systems

A new cybercriminal technique called "ghost-tapping" threatens contactless payment systems, allowing Chinese-speaking threat actors to exploit stolen payment card details linked to mobile wallets like Apple Pay and Google Pay. This method uses Near Field Communication (NFC) relay tactics to facilitate retail fraud, enabling criminals to convert digital theft into physical goods through a network of mules.

Ghost-tapping attack on mobile payment systemsGhost-tapping attack on mobile payment systems

Ghost-tapping combines phishing techniques with advanced NFC technology, allowing in-person purchases that evade traditional fraud detection systems. Recent data from Singapore reported 656 cases of compromised payment cards linked to mobile wallets, resulting in losses over \$1.2 million SGD, with a significant number involving Apple Pay.

Ghost-tapping attack on mobile payment systemsGhost-tapping attack on mobile payment systems

Threat actors operate on platforms like Telegram, offering burner phones and ghost-tapping services. Their operations span Southeast Asia, particularly in Cambodia and China.

NPAV offers a robust solution to combat cyber fraud. Protect yourself with our top-tier security product, Fraud Protector.net