As cashless and contactless payment methods using Near-Field Communication (NFC) become increasingly popular, a fraud technique known as Ghost-tapping has emerged, exploiting vulnerabilities in NFC-based payment processes.

Users carrying mobile devices (smartphones, smartwatches, etc.) or bank cards with NFC enabled—without disabling the ready-to-pay mode—are prime targets. Hackers often choose crowded places such as shopping malls, supermarkets, bus stations, and airports, where they use compact NFC readers disguised as mobile POS devices. By discreetly approaching victims, the reader captures signals from NFC-enabled cards or phones in the user’s pocket, allowing money to be stolen in an instant.

Because these “transactions” are technically executed in compliance with NFC payment procedures, they are recorded as legitimate transactions and the user’s funds are deducted. Meanwhile, victims often fail to notice immediately and face difficulties in tracing and resolving the issue afterward.

To reduce the risk of financial loss from this type of fraud, Bkav cybersecurity experts recommend that users:

• Disable NFC when it is not needed

• Enable NFC only briefly during payment

• Activate real-time transaction notifications to promptly detect anomalies

• Use additional authentication layers such as biometrics or PIN codes for all transactions

• Avoid keeping phones or bank cards in easily accessible positions in crowded places

Bkav