ATM skimming alone is responsible for $350,000 of fraud daily exceeding a billion dollars in losses annually.
A recent news report of a skimming scam in Long Island, N.Y., netted thieves more than $200,000 from ATMs at five branches.
Skimming today is far more sophisticated than in the past. Skimmers can include blue tooth and texting technology that send the data to the criminal anywhere. Keypads can be compromised by devices that overlay the exiting pad and transfer the data remotely.
ATM scams and fraud go beyond skimming to crimes that are very physical such as ram raiding to remote malicious software hacks.
During the Black Hat conference a hacker demonstrated how he forced three ATMs to dispense funds by exploiting the machines' weaknesses in the computers that operate the ATMs. He purchased machines online and discovered that the physical keys were the same for all ATMs of that type made by that manufacturer. He used the keys to unlock a compartment of the ATM that had standard USB slots. He then inserted a program he wrote for one of the machines, commanding it to dispense all of its vault cash.
Bankinfosecurity.com published "7 Growing Threats to Financial Institutions."
- Skimming; Hardware readily available online that is attached to the face of ATM records user card information and pin codes. In this case you may still be able to perform a transaction.
To help combat ATM skimming, ADT unveiled the ADT Anti-Skim ATM Security Solution, which helps prevent skimming attempts and detects skimming devices on all major ATM makes and models.
ADT's Anti-Skim Solution is installed inside an ATM near the card reader, making it invisible from the outside. The solution detects the presence of foreign devices placed over or near an ATM card entry slot, without disrupting the customer transaction or operation of most ATMs. It can trigger a silent alarm for command center response and coordinate video surveillance of all skimming activities. Also, the technology helps prevent card-skimming attempts by interrupting the operation of an illegal card reader.
- First and foremost; Pay attention to your statements every two weeks. Refute unauthorized transactions within a 30-60 day time frame.
- Pay close attention to everything you do at an ATM. Look for "red flags", anything out of place, your card sticks, odd looking configurations on the ATM, wires, two sided tape.
- Use strong PINs, uppercase lower case, alpha and numeric online and when possible at an ATM and for telephone banking.
- Don't reply to phishing or phexting emails. Just hit delete.
- Don't just use "any" ATM. Choose ATMs at locations that are "more secure" than in the middle of nowhere. Do not drop your guard if the ATM is at a bank branch.
Robert Siciliano personal security expert to Home Security Source discussing ATM skimming on Fox Boston. Disclosures.