Fraudsters fail in attack on KB Kookmin CardAbout 2,000 KB Kookmin Card users fell victim to a randomized credit card number attack last month, the card company confirmed on Wednesday.
Rather than a sophisticated hacking attempt, KB Kookmin Card was the victim of a BIN attack - a scatter-gun approach where fraudsters try to rapidly generate random credit card numbers using a bank’s identification number and a random number generator in the hope that some of the numbers created are correct and can be used.
The affected users suffered no financial damages as KB Kookmin Card managed to reverse the transactions. The fraudsters had attempted to use the randomly generated numbers to make $1 test transactions on the Amazon website to see which ones were valid.
A Bank Identification Number is the first six digits of a credit card number and is typically identical for a certain type of card. The fraudster randomly generated the remaining digits to make potentially valid credit card numbers.
“It is true that the attack occurred, but our system detected the attempt and dropped off the transaction approval,” said a spokesperson at KB Kookmin Card.
At the time of the incident, users of KB’s ROVL Signature Visa card reported an unauthorized $1 payment on different online communities.
The card issuer said that it had provided new numbers for the affected users.
This is not the first such attack in Korea; Citibank’s debit card users fell victim to a similar scheme back in 2016 and 2017.
Citibank Korea’s A+ Check Card came under attack between January 2016 and April 2017, causing damages in the tens of millions of won. Citibank compensated customers who suffered losses.
BY PARK EUN-JEE [email@example.com]