Your credit card never leaves your pocket… but somehow, your money does.
It’s called Ghost Tapping. A proximity-based scam that uses the same tap-to-pay technology you see at legitimate businesses every day to steal from you.
Using cheap, easy-to-buy card readers, thieves can trigger small wireless transactions just by getting close enough to your wallet or phone. No swipe. No PIN. No warning.
The scam relies on proximity and crowded spaces like transit, concerts, or busy sidewalks, where victims may never realize a charge is happening in real time.
“It’s a growing problem,” said Ben Spradling with the Better Business Bureau. “When you think about how convenient and how commonplace this payment is, it’s just a matter of time before somebody wants to take advantage of that.
And because the transactions are often small, they can slip by unnoticed until it’s too late.
“A lot of these transactions are very small numbers just to test to see if that transaction goes through,” said James Chatwani, a cybersecurity advisor for GuidePoint Security. “Then what attackers are doing is adding that to their digital wallets and essentially buying gift cards and doing other types of scams to make a quick transaction out of it, but to take as many dollars as it can in the shortest period of time possible.”
The BBB says it’s not surprising that we are seeing a spike in these NFC tech-related scams in a world of smart phones and EMV cards (cards with chips).
“It’s not surprising at all, and it’s an opportunity for us as consumers, as people who use these devices, to really be aware of those possibilities so that we can take the precautions to safeguard ourselves,” Spradling said. “We kind of are left playing defense right now.”
The best defense? Prevention.
Security experts recommend what’s called an RFID blocking sleeve. That’s a protective sleeve for your credit cards that blocks the radio frequency.
RFID pouches and wallets can also block scammers.
When it comes to your mobile phone, there’s already built-in protection.
Spradling said the safest way to protect yourself is to limit NFC capabilities on your phone.
“It’s a little tedious, but it’s going to save you a lot of headaches in the long run. You can turn your phone off if you want to, if you’re at an event and you want to be in the moment. You can make sure that you’re in the safest position possible that way. But any time you have that NFC capability enabled, you are susceptible,” said Spradling.
Both Apple and Android devices have built-in protections that require you to approve charges, so the risk is already lower, especially if your device is locked.
BBB and cybersecurity experts recommend setting up payment alerts for every charge (even the $1 ones) so you can actively keep track of your finances.
Don’t forget to schedule regular phone updates. Keeping your device current ensures you have the latest security patches.
Finally, Chatwani says use credit cards, rather than debit cards. Credit cards offer more protection than debit cards, and big banks are more likely to help recover your funds should it happen to you.
Because while the charge is instant… getting your money back isn’t.
If you have been a victim of a Ghost Tap scam, the BBB encourages you to report it on its scam tracker web page.
https://www.bbb.org/scamtracker/reportscam
Download the FREE WPXI News app for breaking news alerts.
Follow Channel 11 News on Facebook and Twitter. | Watch WPXI NOW
©2026 Cox Media Group
/cloudfront-us-east-1.images.arcpublishing.com/cmg/XCUXZC2XYZHCRGNNGKFEX6U3LQ.png)
