To Tap or Not to Tap: The Truth About Credit Card Payments
When it comes to making quick and convenient payments, tapping your credit card has become the go-to method for many shoppers. But how secure is it? Cybersecurity expert Christopher D. Bonatti recently spoke with MSBDCN’s RISE Center at Ole Miss Cyber Lead April Williams about the potential risks of tapping your credit card—and what you should know before your next purchase.
The Hidden Risk of Tapping Your Card
Bonatti explained that when you tap to pay in a busy store, both the card and the reader emit a signal. With the right equipment, this signal can be intercepted from as far as 8-10 feet away. Hackers use a specialized antenna and signal amplifier connected to a cell phone to capture this information. While there are off-the-shelf tools available to perform this kind of theft, they typically require a hacker to be much closer to the cardholder. (For security reasons, we are not disclosing the names of these devices.)
Banks claim that tapping is more secure than traditional swipe transactions, but Bonatti challenges this notion. While tap payments generate a one-time code for transactions, the ability for hackers to intercept and exploit signals remains a concern.
Want more expert insights? Sign up for Bonatti’s cybersecurity newsletter at IECA Cyber.
Don't Let Your Domain Expire—Hackers Are Watching
A Wyoming-based business owner recently reported a shocking case: their expired domain was taken over by hackers and transformed into something unrecognizable. Could this happen to you?
How to Protect Your Website Domain:
Update Your Autopay – If you receive a new credit card number, don’t forget to update the payment details for your domain provider.
Use a Secure Recovery Email – Avoid using personal email addresses for domain recovery. If an employee with access to the recovery email leaves, regaining control of your domain could be impossible. Instead, create a dedicated, company-owned Gmail or Microsoft email that only top executives can access.
AI Is Making Phishing Harder to Spot
Spear phishing—where attackers impersonate someone in authority to trick employees—has been a long-time cybersecurity concern. But now, with AI-powered phishing tools, the risks are even greater. A recent study showed that AI-generated spear phishing emails had a click rate of 54%—a success rate that marketing teams could only dream of!
What Can You Do?
Educate your employees about AI-assisted phishing threats.
Encourage staff to always verify suspicious emails through a secondary communication method (phone, in-person, etc.).
Share this article from Malwarebytes with your team and discuss the findings.
Free Cybersecurity Help for Small Businesses
Cybersecurity can feel overwhelming, but you don’t have to navigate it alone. The Mississippi SBDC Network offers no-cost cybersecurity counseling tailored for small and medium-sized businesses. Whether you're looking for guidance on securing customer data or training employees to recognize cyber threats, we’re here to help.
Learn more and Become a Client at www.mississippisbdc.org/cybersecurity
Stay informed. Stay protected. Keep your business secure.
