Ghost Tapping: The Invisible Cyber Heist Threatening Your Digital Wallet By Dr. Mack Jackson Jr

In the rapidly evolving world of cybercrime, attackers continually seek ways to exploit new technology before defenses can catch up. One of the most concerning threats emerging in 2025 is Ghost Tapping—a sophisticated form of NFC (Near Field Communication) relay fraud that enables criminals to make purchases from your account without ever physically touching your card or phone.

Unlike traditional credit card fraud, Ghost Tapping doesn’t require skimming devices or stolen physical cards. Instead, it exploits the convenience of tap-to-pay systems—turning your smartphone or wearable into an unwilling accomplice in the crime.

What Is Ghost Tapping?

Ghost Tapping, also known as Ghost Tap, is an NFC relay attack. It enables cybercriminals to remotely capture and relay payment data from a compromised device or payment card to a “mule” device that can be used anywhere in the world.

Imagine sitting at home with your phone safely in your pocket, but somewhere across the city—or even across the globe—someone is using your card to purchase a store’s point-of-sale terminal. You never handed over your card. You never tapped your phone. But your account gets charged.

That’s Ghost Tapping in action.

How Ghost Tapping Works

Ghost Tapping is not a simple scam. It’s a coordinated cybercrime ecosystem involving multiple players, each with specialized skills:

1. Data Theft

   • Criminals obtain your credit or debit card details through phishing, malware, or compromised merchant systems.

   • They capture additional information, such as one-time passwords (OTPs) to bypass security and enroll your card into a digital wallet like Apple Pay or Google Pay.

2. NFC Relay Setup

   • Using tools such as NFCGate—initially developed for research but repurposed for crime—attackers relay the NFC signal from your account to a mule’s device.

   • The mule could be in another country, yet the transaction appears as a legitimate local tap-to-pay purchase.

3. In-Person Fraud

   • The mule walks into a store, taps their phone or wearable at the payment terminal, and the transaction processes as if you were there.

   • Because the transaction is contactless and authorized via tokenized data, traditional fraud detection systems often fail to flag it.

4. Profit Extraction

   • Mules purchase high-value goods or withdraw cash from ATMs with NFC-enabled withdrawals.

   • Goods are resold, or cash is sent back to the criminal network, often using encrypted messaging platforms and cryptocurrency.

To read Dr. Mack’s awakening full article, click on this link and look for page 13. Get your FREE access to Empowering Humanity Magazine™ Now!