Menu

Beware the “Tap-to-Pay” Trick: How Ghost Tapping Puts Shoppers at Risk

tap-to-pay-scam

Tap-to-pay has become part of everyday life. You tap your phone or card, hear the beep, and you’re on your way.
No swipe, no PIN, no signature. For busy shoppers and small businesses alike, it feels like the perfect mix of
speed and convenience.

But that same convenience is now being twisted into a new kind of scam called “ghost tapping”
and it’s hitting shoppers who think they’re making a normal purchase.

What Is Ghost Tapping?

Ghost tapping is a type of tap-to-pay scam where a criminal uses a wireless payment terminal or handheld card
reader to trigger a contactless payment from your card, phone, or watch without your clear consent.

You may never hand over your card. You might just tap quickly because there’s a line behind you, or you’re
approached by someone who appears to be a legitimate vendor, fundraiser, or pop-up merchant. The payment process
looks familiar — but what you’re actually authorizing may be very different from what you think.

In some cases, scammers:

  • Hide or block the screen so you can’t clearly see the amount.
  • Change the amount at the last second after you’ve agreed to something smaller.
  • Run a small “test” charge first, then follow up later with a larger unauthorized transaction.

Real People, Real Losses

Reports tied to this type of scam show how quickly these “small” tricks turn into real money. Some shoppers have
discovered hundreds of dollars missing from their accounts — $500 here, $1,100 there — all linked back to taps
they thought were routine.

What makes it worse is that these aren’t always obvious high-risk situations. Ghost tapping can happen:

  1. At street fairs and markets
  2. During charity drives and fundraisers
  3. At pop-up booths, food trucks, or mobile vendors
  4. In crowded public spaces where you’re rushed or distracted

Anywhere a portable payment terminal shows up, the door is open for this type of abuse if the person behind it
isn’t honest.

Why It’s Hard to Catch Immediately

Contactless payments rely on near-field communication (NFC), a short-range wireless technology
that only works at very close distances. That’s good for security in general — someone can’t normally charge you
from across the room — but it doesn’t protect you from a scammer standing right in front of you.

Because you physically tapped your device or card, many banks see the transaction as “authorized.” There’s no
PIN, no signature, and often no obvious sign that anything went wrong. If the scammer starts with a small amount,
it may slip past both automated fraud detection and your own attention.

By the time a larger follow-up charge appears, days or even weeks may have passed — and now you’re left trying to
piece together where and when it happened.

How to Protect Yourself from Ghost Tapping

You don’t have to stop using tap-to-pay. In fact, when used correctly, it’s still a secure and efficient way to
pay. But you do need to add a bit of healthy skepticism and a few smart habits.

1. Always look at the screen before you tap.

Confirm the merchant name and the total amount. If the screen is turned away,
blocked, or rushed past you, ask to see it clearly. If you can’t, don’t tap.

2. Slow down in high-pressure or crowded situations.

Scammers rely on you feeling hurried or embarrassed to hold up the line. Take the extra second to verify the
details. A legitimate business will never mind you double-checking the amount.

3. Use an RFID/NFC-blocking wallet or sleeve.

These can help reduce the risk of someone secretly initiating a tap just by getting close to your card while
you’re distracted.

4. Turn on transaction alerts with your bank.

Many banks and card issuers let you enable real-time notifications for every purchase. This turns your phone into
an early warning system. If you see a charge you don’t recognize, you can act immediately.

5. Consider using chip, swipe, or even cash in informal settings.

At temporary booths, pop-ups, or one-time events, you may feel safer inserting your card or choosing another
payment method. If something doesn’t feel right, follow that instinct.

What to Do If You Think You’ve Been Hit

If you suspect a ghost tapping incident:

  • Contact your bank or card issuer immediately and report the transaction as unauthorized.
  • Ask about blocking your card and reissuing a new one, especially if multiple suspicious charges appear.
  • Review recent statements for any other small or unusual transactions that might be related.

The sooner you flag the issue, the better your chances of stopping additional fraud and getting your money back.

Convenience with Eyes Open

Tap-to-pay isn’t the enemy. The real problem is how criminals exploit our trust and our rush to get through the
day. Ghost tapping is a reminder that every new convenience comes with new risks — but with awareness and a few
simple habits, you can keep using modern payment methods without becoming an easy target.

Stay aware. Double-check before you tap. And treat every payment — even the quick ones — as worth a second look.

This article has been republished with permission from The Technology Press.

Related articles

You may also be interested in

cloud_budget_soaring

Managing “Cloud Waste” as You Scale

March 9, 2026

Moving to the cloud gives businesses speed, flexibility, and scalability. At first, the costs usually seem manageable. However, as your business grows, you might notice something concerning.

Your cloud bill starts growing faster than your revenue.

This problem is called cloud waste, and it quietly drains budgets across thousands of businesses every year.

Cloud waste happens when you pay for resources that your business does not actually use. For example:

Underused virtual servers

Storage tied to old projects

Development environments left running overnight

Idle databases and containers

Think of it like leaving factory machines running all weekend even though no one is working.

Cloud platforms make it easy to launch resources instantly. Unfortunately, that same convenience also makes it easy to forget to shut them down.

Because cloud providers use pay-as-you-go billing, the meter never stops running.

The good news? With the right strategy, you can control cloud costs while improving performance and security.

What Is Cloud Waste?

Cloud waste is any cloud spending that does not deliver business value.

It often appears slowly and goes unnoticed until the monthly bill becomes impossible to ignore.

Some of the most common causes include:

Oversized servers running at low capacity

Storage attached to completed or abandoned projects

Test environments running outside business hours

Old snapshots and backups that no one monitors

Even well-managed companies struggle with this problem.

A 2025 VMware report surveying more than 1,800 IT leaders found that:

49% believe over 25% of their cloud spending is wasted

31% believe more than half of their cloud spending is wasted

Only 6% believe they waste nothing

In other words, cloud waste is not rare. It is extremely common.

Common Causes of Cloud Budget Leaks

Cloud waste usually happens because of simple oversight. However, those small mistakes can add up quickly.

Here are the biggest culprits.

Over-Provisioned Resources

Many teams choose larger servers than they actually need.

This happens when someone says, “Let’s be safe and pick the bigger option.”

Months later, that server might use only 10–20% of its capacity, but it continues to generate the same monthly cost.

Right-sizing those systems can immediately reduce expenses.

Orphaned Cloud Resources

When projects end, cloud infrastructure often stays behind.

These leftover resources may include:

Storage disks

Load balancers

IP addresses

Snapshots

Containers

Since they are no longer tied to active systems, they quietly accumulate costs without anyone noticing.

Idle Services

Sometimes infrastructure exists but sees little to no activity.

Examples include:

Databases created for testing

Containers deployed for temporary development work

Analytics environments used only once a month

Even when unused, these systems still generate charges.

What Is FinOps? A Smarter Way to Manage Cloud Costs

Solving cloud waste requires more than a one-time cleanup.

It requires a long-term strategy called FinOps.

FinOps stands for Financial Operations, and it focuses on bringing financial accountability to cloud spending.

Instead of treating cloud costs as a fixed IT expense, FinOps turns them into a managed business variable.

A successful FinOps approach encourages collaboration between:

IT teams

Finance teams

Business leaders

Together, they use data to make smarter decisions about cloud usage.

The goal is not simply to spend less.

The goal is to get the maximum value from every cloud dollar.

Step One: Gain Full Visibility Into Cloud Spending

You cannot manage what you cannot see.

Therefore, visibility is the first step in controlling cloud costs.

Most cloud providers offer built-in cost monitoring tools. Start by exploring dashboards like:

AWS Cost Explorer

Azure Cost Management

Google Cloud Billing Reports

Then take these steps:

Use Consistent Resource Tagging

Tags allow you to label resources by:

Department

Project

Owner

Environment (production, staging, development)

This makes it much easier to track where spending originates.

Assign Ownership to Every Resource

Every server, storage bucket, and service should have a clear owner.

When resources lack accountability, they tend to remain active indefinitely.

Ownership creates responsibility.

Consider Cloud Cost Optimization Tools

Third-party platforms can provide deeper insights.

These tools can:

Detect idle resources automatically

Recommend right-sizing opportunities

Consolidate data across multiple cloud providers

For multi-cloud environments, this visibility is extremely valuable.

Practical Ways to Reduce Cloud Waste

Once you understand where money is going, you can start making improvements.

Fortunately, many optimizations are quick and simple.

Automatically Shut Down Non-Production Environments

Development and testing systems rarely need to run 24/7.

Scheduling them to power down during nights and weekends can dramatically reduce costs.

This single change often produces immediate savings.

Implement Storage Lifecycle Policies

Not all data needs premium storage.

Lifecycle policies automatically move older files into cheaper archival storage tiers.

You can also configure automatic deletion after a defined period.

This keeps storage costs under control.

Right-Size Your Servers

Monitor how much CPU and memory your servers actually use.

If utilization stays below 20%, the server is likely oversized.

Replacing it with a smaller instance can significantly reduce your bill.

Use Long-Term Commitments for Additional Savings

Cloud providers offer major discounts for predictable workloads.

Examples include:

AWS Savings Plans

Azure Reserved Instances

These options allow you to commit to a certain level of usage for one to three years in exchange for reduced pricing.

However, timing matters.

Always optimize and right-size your environment before committing.

Otherwise, you may lock in unnecessary costs.

Make Cloud Cost Optimization a Continuous Process

Cloud optimization should never be a one-time project.

Instead, it should become part of your regular operations.

Successful organizations schedule monthly or quarterly reviews where teams evaluate:

Cloud spending trends

Infrastructure utilization

Alignment with business goals

Giving developers access to cost dashboards also helps.

When engineers see the financial impact of their architecture choices, they naturally begin designing more efficient systems.

Scale Smarter, Not Just Bigger

The cloud is powerful because it allows businesses to scale quickly.

However, scaling without cost awareness leads to waste.

Managing cloud resources intelligently allows you to:

Reinvest savings into innovation

Strengthen cybersecurity defenses

Support your growing team

Instead of losing money to unnecessary infrastructure.

As you plan your technology strategy for 2026 and beyond, cloud cost intelligence should become a core part of your operations.

Take Control of Your Cloud Spending

Cloud waste is common, but it is also preventable.

With better visibility, smarter policies, and a strong FinOps mindset, your organization can turn cloud spending into a strategic advantage.

If you suspect your cloud environment may contain hidden waste, now is the time to investigate.

Contact Caldera Cybersecurity today for a cloud waste assessment.
We’ll help you identify hidden costs, strengthen your cloud security posture, and build a sustainable cloud strategy.

Cookie policy
We use our own and third party cookies to allow us to understand how the site is used and to support our marketing campaigns.
Gimme those cookies!

Headline

Never Miss A Story

Get our Weekly recap with the latest news, articles and resources.

Headline

Never Miss A Story

Get our Weekly recap with the latest news, articles and resources.
Cookie policy
We use our own and third party cookies to allow us to understand how the site is used and to support our marketing campaigns.
Gimme those cookies!
  • +40-200-4286-09
  • office@publibox.com
  • 83 Barbara St, Newark, NJ 07105

Hot daily news right into your inbox.