For nearly as long as the technology has existed experts have been warning of the risks associated with contactless payment methods, such as the potential for an attacker to scan a victim’s cards merely by standing near them. 

To prevent such attacks cautious consumers have been able to buy special radio signal-blocking pouches and wallets, but what if victims were convinced to scan their cards themselves? That’s the goal of the new PhantomCard malware, which has been seen in the wild in Brazil as reported by Threat Fabric.

The malware works by masquerading as a card protection application, asking users to scan their cards into their phone using NFC for “verification” by their bank.  Once the victim does so, the malware sends the card data to a third party who can then make contactless payments using that data. Transactions using the cloned cards can be difficult for financial institutions to track down, especially if the victim doesn’t realize their information has been stolen.

While PhantomCard has not been spotted in the US it is likely only a matter of time according to experts, who advise consumers to be diligent when it comes to contactless payments: stick with trusted payment applications such as those provided by Apple and Google, and be wary of any application that asks to scan your card.  Finally, experts say if you are in any doubt about the legitimacy of a website or application, or fear you have already had your information stolen, you should reach out to your financial institution immediately.