Cybercriminals Changing Attack Method on ATMs

ATM MachineCybercriminals are becoming more sophisticated in their attacks on automated teller machines or ATMs. The current methods used to steal from bank accounts using ATMs involve the use of a device to read the account information off the bank card (a skimmer) and a camera to record the personal identification number or PIN. For more background information, see my previous posts on this topic: In The News – ATM Skimmers Industry; and ATM Skimmer Crime: Moving From Bank ATMs to Gas Pumps. The existing methods are relatively crude (the skimmers were easily identifiable to bank personnel and removed) compared to other cyber crime theft such as the ZeuS botnets, which seek out personal banking information from infected personal computers.

I suppose it was thus inevitable that a second generation of ATM theft would be devised. Recently, a Russian cybergang developed a way to hack into the ATM’s internal computer in order to extract bank account information that could be used to steal funds from victim’s accounts. This method, which includes having banking insider information and participation, is transparent to the ATM banking customer because no skimmer or camera is needed or used. Whoa! you say; my bank’s programmers and computer administrators would never participate in such criminal activity!! I hope you’re right, but IT insiders can be and have been involved in criminal activity in the past, a small percentage of that community of hard-working folks, I might add. However, the large amount of money involved in cyber-banking theft is staggering and the promise of quick fortune will sway the judgment of some.

Even though the Russians involved in this crime were discovered before implementing the software to commit the crime; it’s an idea that has by now been discovered by organized cybercrime groups all over the world. And therefore this method will proliferate as soon as they can clone the Russian effort. See Help Net’s article on the Russian plot.

What can you do to avoid this new approach to stealing your money? Sadly, not much. The banks will be more diligent and alert to these new practices after they’ve been discovered in use, and that will help. In the meantime, you can check your account activity and balance on a frequent basis in order to limit your losses. This will require you to notify your bank as soon as you see any suspicious activity such as withdrawals or transfers of funds from your account that were not made by you. This is a good practice to identify fraudulent activity on your credit card account too. Be careful, alert, aware, and suspicious of cyber theft of your financial assets at all times…it’s dangerous out there.

Please comment on this subject; we all learn from each other when our views and opinions are shared.

Don’t miss an article.  If you enter your email address in the Email Subscriptions box on the right column of this page, I’ll send you an email when a new article is posted.  I don’t share your email address with anyone…no one; I hate spam too.  Please share my site with your friends and family.  Thanks.

Remember, home computing is a blast…keep it safe, productive and enjoyable.

Best regards,




Filed under Internet, security

8 responses to “Cybercriminals Changing Attack Method on ATMs

  1. pvdugas

    Paul, They got me this past weekend. I posted it on my blog. Fortunately I check my account DAILY and caught it early, but it’s quickly turning into a mess that I am stuck sorting out. I wouldn’t wish this on my worst enemy. What a nightmare! Thanks and keep posting. We have to get the word out for people to start being more diligent when using debit cards.

    • Phyllis,
      I’m very sorry to hear that you’ve been victimized. Many people have been. Hopefully, because of your quick response, you’ve kept your losses to a minimum. Hang in there. BTW, I like your blog.

  2. Another scary article Paul. Almost makes me never want to use any technology. But then I guess I’d have to grow my own food, never shop, stop using money ….

  3. Pingback: Geek Squeaks’ of the Week (#89) « What's On My PC

  4. Hi Paul,

    My GranPa’s advice to keep my money under the mattress, is starting to make more sense. 🙂

    If it’s true, that the love of money is the root of all evil, then I think we’re in for a rough ride with this scheme. As you point out, some insiders will succumb to the temptation, and it won’t take many for us to see a significant impact.

    In my experience, Bankers are no more honest than anyone else – and in some cases, a helluva lot less. In my years as a Banker, at least two of my employees were convicted of defalcation.

    Nicely crafted article.



What do you think?

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s