T
載入中...
載入中...
- There we go. - It starts with a simple text.
好了。一切從一則簡單的簡訊開始。
Urgent message. You have an unpaid toll. It's important that you take care of this fine over the next 12 hours, or your vehicle will be impounded.
緊急訊息。你有一筆未付的通行費。重要的是你在接下來 12 小時內處理這筆罰款,否則你的車輛將被扣押。
This is probably very similar to a text message that you've received.
這可能和你收到的簡訊非常相似。
Americans received an-all time high of over 330,000 toll scam messages in a single day in September.
美國人在九月的一天內收到了創紀錄的超過 33 萬條通行費詐騙訊息。
Federal investigators say that crime groups in China are behind the scam, and they've made more than $1 billion over the past three years.
聯邦調查人員說,中國的犯罪集團是這個騙局的幕後黑手,他們在過去三年賺了超過 10 億美元。
And it all links back to these toll road texts that everybody's getting.
而這一切都與每個人收到的這些通行費簡訊有關。
It's a major annoyance and it's a major source of revenue for Chinese organized crime.
這是一個主要的煩惱,也是中國有組織犯罪的主要收入來源。
I've been reporting on these scam messages for months and have worked with a cyber threat researcher to set up a fake phishing page and show you exactly how it works.
我已經報導這些詐騙訊息好幾個月了,並與一位網路威脅研究員合作建立了一個假的釣魚頁面,向你展示它是如何運作的。
- So this is the fish that Bob's going to be getting that we made.
這就是 Bob 將收到的我們製作的釣魚頁面。
- So it looks like I'm supposed to be paying a $6.69 fine, but if I go any further here, much worse things are gonna happen.
看起來我應該付 6.69 美元的罰款,但如果我繼續下去,會發生更糟糕的事情。
The phishing page is now asking me for my contact details, my name, my address.
釣魚頁面現在要求我提供聯絡資訊、姓名、地址。
They're just basically trying to steal all my credit card details, which is the point of this scam.
他們基本上就是想竊取我所有的信用卡資訊,這就是這個騙局的目的。
- Bob is currently entering his data, and here we just got the first piece of it and we've got his credit card details here.
Bob 正在輸入他的資料,我們剛得到第一部分,我們這裡有他的信用卡資訊。
We'll put them in the wallet here, and that's going to prompt an authorization code.
我們把它們放進錢包裡,這將觸發一個授權碼。
So that'll be the last piece of getting the card on this phone.
所以這將是把卡片加到這支手機的最後一步。
It's sending an authorization code to Bob's email.
它正在向 Bob 的電子郵件發送授權碼。
- Gary has all of my card details, but my bank, like most banks, has protections and needs to verify that it's actually me.
Gary 有我所有的卡片資訊,但我的銀行,像大多數銀行一樣,有保護措施,需要驗證是否真的是我。
The scammers need the authorization code. It tells your bank to trust the phone, so they ask you for the code, saying it will let your overdue toll payment go through.
詐騙者需要授權碼。它告訴你的銀行信任這支手機,所以他們要求你提供碼,說這會讓你的過期通行費付款通過。
The message is saying, please follow these last steps for Google Pay.
訊息說,請按照 Google Pay 的最後步驟操作。
Now, that would be a warning to some people, but this scam is very effective.
現在,這對某些人來說可能是個警告,但這個騙局非常有效。
Okay, I've entered my code and it's been accepted.
好,我輸入了我的碼,它被接受了。
That means, according to this website, that my toll has been paid, my record has been cleared, a receipt will be sent to my email.
這意味著,根據這個網站,我的通行費已經支付,我的記錄已經清除,收據將發送到我的電子郵件。
I'll look for that. Once the scammers put your code in, you are cooked.
我會找找那個。一旦詐騙者輸入你的碼,你就完蛋了。
Your card is on their smartphone wallet. - The last piece was we had to get that authorization code.
你的卡就在他們的智慧手機錢包裡了。最後一步是我們必須獲得那個授權碼。
We've entered the authorization code, and now it has our credit card loaded on the wallet.
我們輸入了授權碼,現在錢包裡已經載入了我們的信用卡。
We're ready to go. It's time to go shopping.
我們準備好了。是時候去購物了。
- When the scam happens in the real world, the criminals in China, they don't wanna shop there because it will raise red flags with the credit card company.
當這個騙局在現實世界中發生時,中國的犯罪分子不想在那裡購物,因為這會引起信用卡公司的注意。
So they've developed software that lets them tap their phone in China and transmit your authenticated credit card information to a second phone.
所以他們開發了軟體,讓他們可以在中國點擊手機,並將你經過驗證的信用卡資訊傳輸到第二支手機。
That phone is used by a shopper they've recruited in your area to make purchases.
那支手機被他們在你所在地區招募的購物者使用來進行購買。
We worked with a researcher in Amsterdam who had recreated this remote tap-to-pay trick and let us use it for our demo.
我們與阿姆斯特丹的一位研究員合作,他重建了這種遠端感應支付的技巧,並讓我們在演示中使用。
I tapped my smartphone wallet to a phone with special software that sent my card information from San Francisco to his phone in Amsterdam.
我把我的智慧手機錢包感應到一支裝有特殊軟體的手機上,它將我的卡片資訊從舊金山發送到他在阿姆斯特丹的手機。
- The signal's being sent from the west coast of the US over the Atlantic to a server that we created to this phone, and in real time, we're gonna do a payment
信號從美國西海岸跨越大西洋發送到我們創建的伺服器,再到這支手機,我們將即時在這裡的咖啡館的
at a point of sale device in the cafe here.
銷售點設備上進行支付。
- In the demo, we bought an apple juice just as a proof of concept, but criminals are buying everything from iPhones to luxury handbags to gift cards.
在演示中,我們買了一杯蘋果汁只是作為概念驗證,但犯罪分子正在購買從 iPhone 到奢侈手袋到禮品卡的一切。
- They purchase it and then put it on sale on Alibaba or eBay for a greatly discounted rate, but some of it is just being shipped overseas.
他們購買後然後在阿里巴巴或 eBay 上以大幅折扣價出售,但有些只是被運往海外。
- On November 12th, Google sued one of the makers of the fishing kits used in these scams, saying they had duped over a million people in at least 121 countries.
11 月 12 日,Google 起訴了這些騙局中使用的釣魚工具包的製造商之一,稱他們在至少 121 個國家騙了超過一百萬人。
The best way to avoid being scammed, stay alert.
避免被騙的最好方法是保持警惕。
- If somebody says, I'm going to impound your vehicle because you have a $6 fine, that doesn't make sense.
如果有人說,因為你有 6 美元的罰款我就要扣押你的車,這不合理。
Slow down and think it through, and you'll save yourself from a lot of losses.
慢下來想清楚,你會省下很多損失。
點擊句子跳轉到對應位置
- There we go. - It starts with a simple text.
好了。一切從一則簡單的簡訊開始。
Urgent message. You have an unpaid toll. It's important that you take care of this fine over the next 12 hours, or your vehicle will be impounded.
緊急訊息。你有一筆未付的通行費。重要的是你在接下來 12 小時內處理這筆罰款,否則你的車輛將被扣押。
This is probably very similar to a text message that you've received.
這可能和你收到的簡訊非常相似。
Americans received an-all time high of over 330,000 toll scam messages in a single day in September.
美國人在九月的一天內收到了創紀錄的超過 33 萬條通行費詐騙訊息。
Federal investigators say that crime groups in China are behind the scam, and they've made more than $1 billion over the past three years.
聯邦調查人員說,中國的犯罪集團是這個騙局的幕後黑手,他們在過去三年賺了超過 10 億美元。
And it all links back to these toll road texts that everybody's getting.
而這一切都與每個人收到的這些通行費簡訊有關。
It's a major annoyance and it's a major source of revenue for Chinese organized crime.
這是一個主要的煩惱,也是中國有組織犯罪的主要收入來源。
I've been reporting on these scam messages for months and have worked with a cyber threat researcher to set up a fake phishing page and show you exactly how it works.
我已經報導這些詐騙訊息好幾個月了,並與一位網路威脅研究員合作建立了一個假的釣魚頁面,向你展示它是如何運作的。
- So this is the fish that Bob's going to be getting that we made.
這就是 Bob 將收到的我們製作的釣魚頁面。
- So it looks like I'm supposed to be paying a $6.69 fine, but if I go any further here, much worse things are gonna happen.
看起來我應該付 6.69 美元的罰款,但如果我繼續下去,會發生更糟糕的事情。
The phishing page is now asking me for my contact details, my name, my address.
釣魚頁面現在要求我提供聯絡資訊、姓名、地址。
They're just basically trying to steal all my credit card details, which is the point of this scam.
他們基本上就是想竊取我所有的信用卡資訊,這就是這個騙局的目的。
- Bob is currently entering his data, and here we just got the first piece of it and we've got his credit card details here.
Bob 正在輸入他的資料,我們剛得到第一部分,我們這裡有他的信用卡資訊。
We'll put them in the wallet here, and that's going to prompt an authorization code.
我們把它們放進錢包裡,這將觸發一個授權碼。
So that'll be the last piece of getting the card on this phone.
所以這將是把卡片加到這支手機的最後一步。
It's sending an authorization code to Bob's email.
它正在向 Bob 的電子郵件發送授權碼。
- Gary has all of my card details, but my bank, like most banks, has protections and needs to verify that it's actually me.
Gary 有我所有的卡片資訊,但我的銀行,像大多數銀行一樣,有保護措施,需要驗證是否真的是我。
The scammers need the authorization code. It tells your bank to trust the phone, so they ask you for the code, saying it will let your overdue toll payment go through.
詐騙者需要授權碼。它告訴你的銀行信任這支手機,所以他們要求你提供碼,說這會讓你的過期通行費付款通過。
The message is saying, please follow these last steps for Google Pay.
訊息說,請按照 Google Pay 的最後步驟操作。
Now, that would be a warning to some people, but this scam is very effective.
現在,這對某些人來說可能是個警告,但這個騙局非常有效。
Okay, I've entered my code and it's been accepted.
好,我輸入了我的碼,它被接受了。
That means, according to this website, that my toll has been paid, my record has been cleared, a receipt will be sent to my email.
這意味著,根據這個網站,我的通行費已經支付,我的記錄已經清除,收據將發送到我的電子郵件。
I'll look for that. Once the scammers put your code in, you are cooked.
我會找找那個。一旦詐騙者輸入你的碼,你就完蛋了。
Your card is on their smartphone wallet. - The last piece was we had to get that authorization code.
你的卡就在他們的智慧手機錢包裡了。最後一步是我們必須獲得那個授權碼。
We've entered the authorization code, and now it has our credit card loaded on the wallet.
我們輸入了授權碼,現在錢包裡已經載入了我們的信用卡。
We're ready to go. It's time to go shopping.
我們準備好了。是時候去購物了。
- When the scam happens in the real world, the criminals in China, they don't wanna shop there because it will raise red flags with the credit card company.
當這個騙局在現實世界中發生時,中國的犯罪分子不想在那裡購物,因為這會引起信用卡公司的注意。
So they've developed software that lets them tap their phone in China and transmit your authenticated credit card information to a second phone.
所以他們開發了軟體,讓他們可以在中國點擊手機,並將你經過驗證的信用卡資訊傳輸到第二支手機。
That phone is used by a shopper they've recruited in your area to make purchases.
那支手機被他們在你所在地區招募的購物者使用來進行購買。
We worked with a researcher in Amsterdam who had recreated this remote tap-to-pay trick and let us use it for our demo.
我們與阿姆斯特丹的一位研究員合作,他重建了這種遠端感應支付的技巧,並讓我們在演示中使用。
I tapped my smartphone wallet to a phone with special software that sent my card information from San Francisco to his phone in Amsterdam.
我把我的智慧手機錢包感應到一支裝有特殊軟體的手機上,它將我的卡片資訊從舊金山發送到他在阿姆斯特丹的手機。
- The signal's being sent from the west coast of the US over the Atlantic to a server that we created to this phone, and in real time, we're gonna do a payment
信號從美國西海岸跨越大西洋發送到我們創建的伺服器,再到這支手機,我們將即時在這裡的咖啡館的
at a point of sale device in the cafe here.
銷售點設備上進行支付。
- In the demo, we bought an apple juice just as a proof of concept, but criminals are buying everything from iPhones to luxury handbags to gift cards.
在演示中,我們買了一杯蘋果汁只是作為概念驗證,但犯罪分子正在購買從 iPhone 到奢侈手袋到禮品卡的一切。
- They purchase it and then put it on sale on Alibaba or eBay for a greatly discounted rate, but some of it is just being shipped overseas.
他們購買後然後在阿里巴巴或 eBay 上以大幅折扣價出售,但有些只是被運往海外。
- On November 12th, Google sued one of the makers of the fishing kits used in these scams, saying they had duped over a million people in at least 121 countries.
11 月 12 日,Google 起訴了這些騙局中使用的釣魚工具包的製造商之一,稱他們在至少 121 個國家騙了超過一百萬人。
The best way to avoid being scammed, stay alert.
避免被騙的最好方法是保持警惕。
- If somebody says, I'm going to impound your vehicle because you have a $6 fine, that doesn't make sense.
如果有人說,因為你有 6 美元的罰款我就要扣押你的車,這不合理。
Slow down and think it through, and you'll save yourself from a lot of losses.
慢下來想清楚,你會省下很多損失。