Old school bank robberies, where the bad guys slip the teller a note, show a gun and run out with a bag full of money are, for the most part, history. Stealing cash money from ATM machines isn’t exactly news, but continuing improvements to how it’s being done is newsworthy. Not only is cash being stolen from ATMs, but credit and debit card data is being heisted too. Like most cybercrime, hackers improve their methods over time. Now, ATM hacks called “jackpotting” or “cashing out” are becoming commonplace. Much to the chagrin of the banking industry, stopping these attacks is currently a problem without a solution. And that problem is getting worse.
Hackers are now able to infect ATMs remotely, and you can’t chase a bank robber you don’t even know is there. Low-level members of these hacking groups, called “mules” are given a numerical code for the targeted ATM. That code gets the ATM cash flowing…and another successful jackpot is collected.
The newest bank robbers are also gaining remote access to banks and their networks, allowing them to enter the ATM infrastructure at large. From there, data from credit and banking cards used at an ATM is collected. This data is sold on the dark web where others are waiting to create counterfeit payment cards and make fraudulent financial transactions on victim accounts. Since no cash is stolen directly from an ATM, it makes these crimes difficult to find. Until the crime is eventually discovered, hackers have plenty of time to continue stealing credit and debit card data from unsuspecting victims and their banks.
Remote technology is improving and it’s believed that in-person ATM crimes are not slowing down, but in fact may be growing. That improved remote technology may be to blame. A look at how ATMs have been compromised in the past shows just how far these attacks have come today.
ATM Theft: It’s Raining Cash!
Skimmers: These devices are covertly attached to the card reader on point-of-sale (POS) devices. As cards are inserted for purchases, the skimmers can read and store data from the card’s magnetic strips. That data, including PIN numbers, can also be routed to a waiting hacker via Bluetooth.
Ram raids: The ATM is continually hit by a vehicle and tools like hammers are used until the ATM is opened and the cash is exposed.
Explosives: When all else fails, go to plan Z. That is, fill the ATM chamber with explosive gas, apply a flame, run fast, and return to collect the raining cash.
For those of us who just want to pay for an item or make an ATM cash withdrawal without involving criminals, pay close attention to a few things. When inserting a bank card into a POS, check closely for a loose piece of plastic or something unusual where you insert your card. Chances are, it could be a card skimmer. Also keep tabs on your financial accounts for unusual transactions, including ATMs. It could be the start of financial fraud using your account for funding.
Remember that the faster you report potential fraud to your financial institution, the better, and less expensive for all. There are safeguards in place that limit your losses if reported quickly. So, be sure to check all transactions often.