Pathomporn Kaenkrachang reports:
Four tourists from Romania have been accused of perpetrating an ATM credit card scam that stretched from London to Latvia and on to Thailand, delivering them 100 million baht and involving the theft of about 7000 credit card details.
The four appeared today at Phuket’s Tourist Police HQ. One, Bogdan Constantin Ene, 23, demonstrated how the group had used a card reader and a hard-drive to buy expensive goods, gold and watches, and to send a treasure trove of items back to Romania.
And in reserve, they held the details in a hard drive of thousands of others whose details had been ripped off in Europe.
[…]
More alarmingly, said Pongsit Chaichut Pornsuk, executive vice president of Siam Commercial Bank, the gang had a stockpile of details from 5000 people in Britain and another 2000 from Latvia that they could use as they pleased.
The gang had access to all the personal information provided by those people in Europe when they signed up for their credit cards, Khun Pongsit told Phuketwan.
Read more on Phuket Wan Tourism News.
So which bank(s) in Britain were breached? This suggests that it was when people signed up for credit cards – not swiped them. How did they cybercriminals actually get these details?