The funds being laundered have been pilfered from US bank accounts

Self-checkout systems in UK supermarkets are being targeted by hi-tech criminals with stolen credit card details.

A BBC investigation has unearthed a plan hatching online to loot US bank accounts via the checkout systems.

Fake credit cards loaded with details from the accounts will be used to get cash or buy high value goods.

The supermarkets targeted said there was little chance the fraudsters would make significant gains with their plan.

With the help of computer security experts the BBC found a discussion on a card fraud website in which hi-tech thieves debated the best way to strip money from the US accounts.

The thieves claim to have comprehensive details of US credit and debit cards passed to them from an American gang who tapped phone lines between cash machines and banks.

‘Cashing out’

The gang plans to copy card details onto the magnetic stripes of fake cards and then use them in UK stores. In the discussion on the card site those co-ordinating the fraud say they are seeking places to “cash out”, meaning strip funds from the bank accounts using fake cards.

In the forum they are asking for information about Asda and Tesco stores in which it is possible to use self-service systems that mules could visit with the fake cards to get at the cash.

The fraudsters are looking for self-service systems to avoid contact with store staff who may spot the fake cards.

Over the period of a month from mid-August the ringleader claims he will have details from 2300 cards to handle.

In the forum he declares: “Its (sic) shopping spree guys help me out and I will take care of you.”

It’s not difficult to take compromised cards from one country and exploit them in another Andrew Moloney

The information found by the BBC has been passed to the Dedicated Cheque and Plastic Crime Unit so it can investigate the ongoing fraud.

Andrew Moloney, security evangelist at RSA, said the gang were involved in “classic” card fraud by cloning details on to magnetic stripes.

He said it was an example of a long observed trend in fraud.

“We’ve seen a shift from card-present fraud to card-not-present to fraud abroad,” he said.

“The internet is the global marketplace,” he said. “It’s not difficult to take compromised cards from one country and exploit them in another. It’s a simple and routine procedure for these guys these days.”

Jacques Erasmus, from security firm Prevx, agreed that cashing out abroad was a well established method. “They do not normally cash out in the same country,” he said, “just because it makes the law enforcement job that much harder.”

He said many criminal gangs even offer their fraudulent services via the web.

“They will do it for you in India and China,” he said.

Sweeping up

Armed with fake cards and a list of shops and supermarkets that can be hit the fraudsters could make £5-8000 per day, according to Mr Erasmus.

The funds would be split between the mules who actually carry out the transactions, those organising the mules and the hi-tech thieves who stole the original card numbers.

Representatives from both Tesco and Asda argue that payment systems automatically contact the banks when a card is swiped instead of using chip-and-pin. The banks must authorise the acceptance of a signature.

“If the card has not been reported as having been cloned, yes, it can go through,” said a spokeswoman for Tesco. However, she pointed out that swipe and sign transactions represent a tiny fraction of the supermarket chain’s trade.

“We would hope this will bring further pressure on the States to introduce chip-and-pin,” said Jemma Smith of the UK payments organisation Apacs. “Until that happens we will still see fraud on US cards happening in our shops and our cash-machines and also fraud on our cards happening in the US.”

The funds being laundered have been pilfered from US bank accounts

Self-checkout systems in UK supermarkets are being targeted by hi-tech criminals with stolen credit card details.

A BBC investigation has unearthed a plan hatching online to loot US bank accounts via the checkout systems.

Fake credit cards loaded with details from the accounts will be used to get cash or buy high value goods.

The supermarkets targeted said there was little chance the fraudsters would make significant gains with their plan.

With the help of computer security experts the BBC found a discussion on a card fraud website in which hi-tech thieves debated the best way to strip money from the US accounts.

The thieves claim to have comprehensive details of US credit and debit cards passed to them from an American gang who tapped phone lines between cash machines and banks.

‘Cashing out’

The gang plans to copy card details onto the magnetic stripes of fake cards and then use them in UK stores. In the discussion on the card site those co-ordinating the fraud say they are seeking places to “cash out”, meaning strip funds from the bank accounts using fake cards.

In the forum they are asking for information about Asda and Tesco stores in which it is possible to use self-service systems that mules could visit with the fake cards to get at the cash.

The fraudsters are looking for self-service systems to avoid contact with store staff who may spot the fake cards.

Over the period of a month from mid-August the ringleader claims he will have details from 2300 cards to handle.

In the forum he declares: “Its (sic) shopping spree guys help me out and I will take care of you.”

It’s not difficult to take compromised cards from one country and exploit them in another Andrew Moloney

The information found by the BBC has been passed to the Dedicated Cheque and Plastic Crime Unit so it can investigate the ongoing fraud.

Andrew Moloney, security evangelist at RSA, said the gang were involved in “classic” card fraud by cloning details on to magnetic stripes.

He said it was an example of a long observed trend in fraud.

“We’ve seen a shift from card-present fraud to card-not-present to fraud abroad,” he said.

“The internet is the global marketplace,” he said. “It’s not difficult to take compromised cards from one country and exploit them in another. It’s a simple and routine procedure for these guys these days.”

Jacques Erasmus, from security firm Prevx, agreed that cashing out abroad was a well established method. “They do not normally cash out in the same country,” he said, “just because it makes the law enforcement job that much harder.”

He said many criminal gangs even offer their fraudulent services via the web.

“They will do it for you in India and China,” he said.

Sweeping up

Armed with fake cards and a list of shops and supermarkets that can be hit the fraudsters could make £5-8000 per day, according to Mr Erasmus.

The funds would be split between the mules who actually carry out the transactions, those organising the mules and the hi-tech thieves who stole the original card numbers.

Representatives from both Tesco and Asda argue that payment systems automatically contact the banks when a card is swiped instead of using chip-and-pin. The banks must authorise the acceptance of a signature.

“If the card has not been reported as having been cloned, yes, it can go through,” said a spokeswoman for Tesco. However, she pointed out that swipe and sign transactions represent a tiny fraction of the supermarket chain’s trade.

“We would hope this will bring further pressure on the States to introduce chip-and-pin,” said Jemma Smith of the UK payments organisation Apacs. “Until that happens we will still see fraud on US cards happening in our shops and our cash-machines and also fraud on our cards happening in the US.”

Mr Putin said US citizens were in the area during the conflict

Russian Prime Minister Vladimir Putin has accused the US of orchestrating the conflict in Georgia, possibly for domestic election purposes.

Mr Putin told CNN US citizens were “in the area” during the conflict over South Ossetia and were “taking direct orders from their leaders”.

He said his defence officials had told him this was to benefit one of the US presidential candidates.

The White House dismissed the allegations as “not rational”.

Georgia tried to retake the Russian-backed separatist region of South Ossetia this month by force after a series of clashes.

Russian forces subsequently launched a counter-attack and the conflict ended with the ejection of Georgian troops from both South Ossetia and another rebel region, Abkhazia, and an EU-brokered ceasefire.

Diplomatic wrangling

Mr Putin said in the interview: “The fact is that US citizens were indeed in the area in conflict during the hostilities.

“It should be admitted that they would do so only following direct orders from their leaders.”

Those claims first and foremost are patently false, but it also sounds like his defence officials who said they believed this to be true are giving him really bad advice Dana Perino, White House spokeswoman Meeting Russia’s ‘Number One’ Testing for a new ‘Cold War’ Miliband warns over Russia crisis

Mr Putin added: “The American side in effect armed and trained the Georgian army.

“Why… seek a difficult compromise solution in the peacekeeping process? It is easier to arm one of the sides and provoke it into killing another side. And the job is done.

“The suspicion arises that someone in the United States especially created this conflict with the aim of making the situation more tense and creating a competitive advantage for one of the candidates fighting for the post of US president.”

White House spokeswoman Dana Perino rejected the allegation.

“To suggest that the United States orchestrated this on behalf of a political candidate – it sounds not rational,” she said.

“Those claims first and foremost are patently false, but it also sounds like his defence officials who said they believed this to be true are giving him really bad advice.”

SOUTH OSSETIA & ABKHAZIA South Ossetia Population: About 70,000 (before recent conflict) Capital: Tskhinvali President: Eduard Kokoity Abkhazia Population: About 250,000 (2003) Capital: Sukhumi President: Sergei Bagapsh Profile: South Ossetia Profile: Abkhazia Q&A: Conflict in Georgia

Diplomatic wrangling over Russia’s actions in Georgia continued on Thursday with French Foreign Minister Bernard Kouchner suggesting some EU countries were considering sanctions.

Mr Kouchner insisted France had made no proposals for sanctions itself but, as current president of the EU, would aim to get consensus among all 27 countries of the bloc if sanctions were envisaged.

France has called an emergency EU summit on Monday to reassess relations with Russia.

Russian Foreign Minister Sergei Lavrov described talk of sanctions as the working of “a sick imagination”.

Such talk was an emotional response that demonstrated Western confusion over the situation, he said.

The US has said it is now considering scrapping a US-Russia civilian nuclear co-operation pact in response to the conflict.

“I don’t think there’s anything to announce yet, but I know that that is under discussion,” Mr Perino said.

The White House has also announced that up to $5.75m (£3.1m) will be freed to help Georgia meet “unexpected and urgent refugee and migration needs”.

Rocket test

Earlier on Thursday Russia failed to get strong backing from its Asian allies over the Georgia conflict.

The Shanghai Cooperation Organisation (SCO), comprising Russia, China and Central Asian nations, met in Dushanbe, Tajikistan, and spoke of its deep concern.

The group did not follow Russia in recognising the independence of South Ossetia and Abkhazia.

Russian President Dmitry Medvedev insisted he had the backing of the nations over Moscow’s actions.

Amid the rising tension, Russia announced on Thursday it had successfully tested its long-range Topol ballistic missile from a launch site in Kamchatka in the far east of the country.

Russia says the rocket is capable of penetrating the proposed US missile defence.