Hi Guys,

With the holiday season in full swing, so are cyber criminals looking to capitalize on the season’s spending. Today we discovered one of the first new scams, the GW2. It is a clever scam and it can work in a number of ways.

What’s happening:

Scam 1:
The GW2 scam works by sending small or zero amounts to bank accounts for pre-authorisation. Once the pre-authorisation is confirmed they can then charge different amounts to the bank card. They generally tend to take small amounts from the card so they don’t set off the card fraud red flags. Giving them lots of time to withdraw funds from your account and without you really noticing. How much attention do you pay to 2.99 here and .99c there? Often months can pass before you check or it is noticed on a bank statement.

Scam 2:
The GW2 pre-authorisation request is sent to identify if a card is active. Once the request is approved they either try to withdraw a large sum from the card which can sometimes be tricky thanks to the card fraud teams. Or, they list your card details on the dark web for sale. Either way your money is at risk.

How to Protect Yourself:

Diligence. There is no software or app that exists to protect your cards from this kind of scam. The card fraud teams work extra hard this time of year, and cybercriminals work equally hard to evade them and their algorithms. So it’s down to you.

  • You can start by putting an extra step between your purchase and your card. By this I mean use paypal or another similar service. Paypal is very secure and while there can be fees for purchases there is an extra layer of safety.
  • Don’t leave all of your money in the account attached to your card, move it to accessible savings so it’s out of reach if your card is affected. Some of the new online banks offer ‘vaults’ or ‘spaces’ where you can save or assign your money. Like mini savings accounts, their value is that your money is not available to the card so it keeps it safe from potential fraud activity. (Ensure you choose an accredited institution authorised by a banking regulator and that they offer deposit protection.)
  • Assign a dedicated card/account for online purchases and only use that for your online spending.
  • Don’t save your card details on websites.
  • When making a purchase ensure the company is legit.
  • Use a service that gives instant spend notification, so you are notified immediately when an amount is charged to your card. Fast response to fraud can get you your money back.

Let me know if you need any help with this or with anything else.

All the best,

Max Roberts,
Incognito Privacy Care Team.