Beware of the 'Jet Frog' on your bank statement—here's why it could cost you big time!
By
Seia Ibanez
- Replies 15
Financial scams have become increasingly sophisticated, and Australians are urged to stay vigilant.
A new scam has emerged involving a mysterious entity known as 'Jet Frog' appearing on bank statements.
This seemingly innocuous name could be a harbinger of major fraudulent transactions, leaving Aussies out of pocket and potentially compromising their financial security.
A Sydney resident recently took to social media to share their experience with a suspicious pending transaction from 'Jet Frog' on their online banking statement.
The transaction was for zero dollars, a ‘hold’ attempt used by fraudsters to verify card details before making larger, unauthorised transactions.
'Never heard of them, nor had ordered anything at the time of the charge,' the user wrote.
'Googled it, and the first result was a scam…they test your card, and if it works, start blasting charges to it.'
The individual promptly contacted their bank, leading to the cancellation and reissuing of their card.
The 'Jet Frog' scam appears to be a recent phenomenon in Australia, with no registered companies under that name.
Described as a third-party payment processor, there are few indications that 'Jet Frog' is a legitimate operation.
Victims of the scam have reported charges as low as 14 cents, followed by multiple attempted transactions for services such as Uber. Others have reported charges of 99 cents, followed by a fraudulent purchase of a necklace for $1000.
While most reports of 'Jet Frog' charges date back to late 2021 and seem primarily from the United States or Europe, Australians are not immune.
Major Australian banks are aware of the scam and have flagged any future attempted transactions involving 'Jet Frog', reducing the likelihood of major fraud.
It is understood that major banks are aware of fraudulent activities involving Jet Frog and have flagged future attempted transactions.
However, the threat is not entirely eliminated.
'At ING, we continually monitor accounts for suspicious and fraudulent activity,' an ING spokesperson said.
'While we do everything we can to protect customers from fraud, we also encourage customers to diligently review their transaction records and contact us immediately on 133 464 if they ever spot anything that doesn’t seem right.'
In the past, criminals relied on physical skimming devices attached to ATMs or EFTPOS machines to steal credit card details and PIN codes.
Hackers also infiltrated legitimate websites to steal stored payment details, which were sold on the dark web in bulk.
This was the case of cyberattacks on Australia’s popular brands, such as Guzman y Gomez, Dan Murphy's, Binge, and Event Cinemas, which left thousands of customers' personal details compromised and fraudulent transactions carried out in their names.
The victims were customers who had saved their credit card details on the company website or had gift cards or store credit for online purchases. You can read more about the story here.
However, an emerging trend in financial fraud doesn't involve skimming or hacking. Instead, it uses 'brute force' efforts, where computing technology essentially guesses card details in seconds.
NordVPN recently conducted an analysis of four million credit cards listed for sale on the dark web and found most were obtained via brute force.
'That means that criminals basically try to guess the card number and CVV,' Marijus Briedis, Chief Technology Officer at NordVPN, said in a report.
‘The first six to eight numbers are the card issuer’s ID number. That leaves hackers with seven to nine numbers to guess because the 16th digit is a checksum and is used only to determine whether any mistakes were made when entering the number.’
Briedis added that guessing those nine digits requires a computer to run through one billion possible combinations, which can be done on a typical computer with simple software.
This method can be executed in about a minute on a standard computer, which is capable of running 25 billion combinations over the course of an hour.
‘However, depending on the card issuer, a criminal may need only seven digits to make a correct guess. In this case, six seconds would be enough.’
Once cybercriminals have the correct combination, they can sell verified card data for as little as $10 on the dark web.
‘And hackers have millions of these ready to sell,’ Briedis said.
Of the four million stolen cards available for sale analysed by NordVPN, more than 419,000 belonged to Australian victims.
Visa cards were most commonly found among caches of stolen card details, followed by MasterCard and American Express.
‘Debit cards were more common than credit cards in the markets the independent researchers surveyed. Hacked debit cards put their victims at greater risk because there tend to be less protections in place for debit.’
If you notice a transaction from 'Jet Frog' on your bank statement, it is crucial to contact your bank immediately so your card can be cancelled and reissued.
Those affected are also encouraged to report the incident to ScamWatch, a division of the National Anti-Scam Centre.
‘If you’ve lost money or personal details to a scammer, you’re not alone,’ ScamWatch stated.
Hundreds of thousands of Australians are scammed out of their money or personal information every year.’
‘Contact your bank or card provider immediately to report the scam. Ask them to stop any transactions.’
‘Once you have secured your details, you can help us try to stop the scam or warn others by reporting the scam to us.’
You may also visit our Scam Watch forum to get the latest updates.
Have you encountered the 'Jet Frog' scam or any other similar scams? Share your experiences and tips for staying safe in the comments below.
A new scam has emerged involving a mysterious entity known as 'Jet Frog' appearing on bank statements.
This seemingly innocuous name could be a harbinger of major fraudulent transactions, leaving Aussies out of pocket and potentially compromising their financial security.
A Sydney resident recently took to social media to share their experience with a suspicious pending transaction from 'Jet Frog' on their online banking statement.
The transaction was for zero dollars, a ‘hold’ attempt used by fraudsters to verify card details before making larger, unauthorised transactions.
'Never heard of them, nor had ordered anything at the time of the charge,' the user wrote.
'Googled it, and the first result was a scam…they test your card, and if it works, start blasting charges to it.'
The individual promptly contacted their bank, leading to the cancellation and reissuing of their card.
The 'Jet Frog' scam appears to be a recent phenomenon in Australia, with no registered companies under that name.
Described as a third-party payment processor, there are few indications that 'Jet Frog' is a legitimate operation.
Victims of the scam have reported charges as low as 14 cents, followed by multiple attempted transactions for services such as Uber. Others have reported charges of 99 cents, followed by a fraudulent purchase of a necklace for $1000.
While most reports of 'Jet Frog' charges date back to late 2021 and seem primarily from the United States or Europe, Australians are not immune.
Major Australian banks are aware of the scam and have flagged any future attempted transactions involving 'Jet Frog', reducing the likelihood of major fraud.
It is understood that major banks are aware of fraudulent activities involving Jet Frog and have flagged future attempted transactions.
However, the threat is not entirely eliminated.
'At ING, we continually monitor accounts for suspicious and fraudulent activity,' an ING spokesperson said.
'While we do everything we can to protect customers from fraud, we also encourage customers to diligently review their transaction records and contact us immediately on 133 464 if they ever spot anything that doesn’t seem right.'
In the past, criminals relied on physical skimming devices attached to ATMs or EFTPOS machines to steal credit card details and PIN codes.
Hackers also infiltrated legitimate websites to steal stored payment details, which were sold on the dark web in bulk.
This was the case of cyberattacks on Australia’s popular brands, such as Guzman y Gomez, Dan Murphy's, Binge, and Event Cinemas, which left thousands of customers' personal details compromised and fraudulent transactions carried out in their names.
The victims were customers who had saved their credit card details on the company website or had gift cards or store credit for online purchases. You can read more about the story here.
However, an emerging trend in financial fraud doesn't involve skimming or hacking. Instead, it uses 'brute force' efforts, where computing technology essentially guesses card details in seconds.
NordVPN recently conducted an analysis of four million credit cards listed for sale on the dark web and found most were obtained via brute force.
'That means that criminals basically try to guess the card number and CVV,' Marijus Briedis, Chief Technology Officer at NordVPN, said in a report.
‘The first six to eight numbers are the card issuer’s ID number. That leaves hackers with seven to nine numbers to guess because the 16th digit is a checksum and is used only to determine whether any mistakes were made when entering the number.’
Briedis added that guessing those nine digits requires a computer to run through one billion possible combinations, which can be done on a typical computer with simple software.
This method can be executed in about a minute on a standard computer, which is capable of running 25 billion combinations over the course of an hour.
‘However, depending on the card issuer, a criminal may need only seven digits to make a correct guess. In this case, six seconds would be enough.’
Once cybercriminals have the correct combination, they can sell verified card data for as little as $10 on the dark web.
‘And hackers have millions of these ready to sell,’ Briedis said.
Of the four million stolen cards available for sale analysed by NordVPN, more than 419,000 belonged to Australian victims.
Visa cards were most commonly found among caches of stolen card details, followed by MasterCard and American Express.
‘Debit cards were more common than credit cards in the markets the independent researchers surveyed. Hacked debit cards put their victims at greater risk because there tend to be less protections in place for debit.’
If you notice a transaction from 'Jet Frog' on your bank statement, it is crucial to contact your bank immediately so your card can be cancelled and reissued.
Those affected are also encouraged to report the incident to ScamWatch, a division of the National Anti-Scam Centre.
‘If you’ve lost money or personal details to a scammer, you’re not alone,’ ScamWatch stated.
Hundreds of thousands of Australians are scammed out of their money or personal information every year.’
‘Contact your bank or card provider immediately to report the scam. Ask them to stop any transactions.’
‘Once you have secured your details, you can help us try to stop the scam or warn others by reporting the scam to us.’
You may also visit our Scam Watch forum to get the latest updates.
Key Takeaways
- Australians are being cautioned to remain vigilant for a scam involving ‘Jet Frog’ transactions on their credit and debit cards.
- A zero-dollar pending transaction from a non-existent company named Jet Frog is likely a card verification check criminals use to test card details for later fraudulent activities.
- Major Australian banks are aware of Jet Frog's fraudulent activity and have taken steps to flag and prevent future attempts.
- Victims of such scams are urged to contact their banks immediately and report the suspicious activity to both their financial institution and ScamWatch for further assistance.