We landed in LV, cabbed to our hotel, and had barely sat down to eat when my girlfriend's bank sent her a security fraud warning about a $200 charge at an online merchant she didn't make. When a dealer told her about the conference, she became convinced that the fraudulent charge was somehow related to that. She never used her card (nor even took it out of her wallet), and this all happened within an hour of arriving in Vegas. Not even sure how they'd be able to steal it, but I know Def Con is notorious for all kinds of hacking, some just for lol's, some not. I know some people say to not even bring your phone to any of the hotels where events are being held. (We're not staying at one.)

Is all of that overblown? Is being here during Def Con a real security risk? Is there any known hack that could have extracted my g/f's card info and made a fraudulent purchase without her even having taken it out of her wallet in the 60 mins since arriving before the fraud charge? I'm inclined to say it's not related, but does seem awfully coincidental...

Overblown.

Do you have special packet for your wallets which prevent scanners?

Heathrow and other areas, they scan your ****. It is possible.

More of a Euro scam then US scam, though.

You always have to keep something in mind. Sorry about your girlfriend's $200

Don't have any special anti-RFID scanning protection on wallets or what-not. Out of curiosity, just what is the technology that allows hackers to steal CC info...does it need a directly line of sight to the card or wallet? Or can it read CC info simply by being in near-proximity to the target card?

I believe that it relates to the NFC (Near Field Communication) setting on the phone. I keep my off and only turn it on for the few seconds that I need it.

However, let's have a real techie weigh on this.

It is extremely unlikely that they scanned the credit card information. It's definitely most likely a coincidence. If hacking had anything to do with it at all, it could be a hacked app that has the credit card attached to it (eg, Venmo, DoorDash, Uber)... but even then they'd only be able to purchase something using the app, not just some random item from a random store. I'd chalk it up to coincidence.

I think the risks of Def Con are overblown, but it might be prudent to turn off wireless and BlueTooth on your phone while on the strip.

Some credit cards do have rfid chips.

https://www.ghacks.net/2012/08/21/ho...horized-scans/

My wife is a computer security expert and has attended DEFCON. It was a great chance for me to get in a poker trip.

She had me turn off my phone's wifi whenever I was within about half a mile of the Rio during DEFCON and did not bring her phone or laptop there at all.

We do not use credit cards with RFID chips or any mobile pay technology, due to the security concerns, but it isn't very likely that your experience was DEFCON-related. DEFCON hacks are usually more targeted at other attendees than to scam randos. The hackers there are trying to count coup and/or get in to systems for later exploits. Some of them might be dumb enough to "**** where they eat" and do random theiving while there, but its not common.

lol @ this thread appearing every year.

I'm surprised more people don't try to screw with people at Blackhat which is more corporate centric than Defcon. Although someone tried this year! I walked by their booth before stuff hit the fan it they stood out like a sore thumb. (Their booth was like a lounge w/o any real sales material displayed)

https://www.vice.com/en_us/article/8...-by-conference

I think it's a good idea to turn off wifi in MOST public places. Not worth the risk, imo.