Cybercriminals are becoming more sophisticated in their attacks on automated teller machines or ATMs. The current methods used to steal from bank accounts using ATMs involve the use of a device to read the account information off the bank card (a skimmer) and a camera to record the personal identification number or PIN. For more background information, see my previous posts on this topic: In The News – ATM Skimmers Industry; and ATM Skimmer Crime: Moving From Bank ATMs to Gas Pumps. The existing methods are relatively crude (the skimmers were easily identifiable to bank personnel and removed) compared to other cyber crime theft such as the ZeuS botnets, which seek out personal banking information from infected personal computers.
I suppose it was thus inevitable that a second generation of ATM theft would be devised. Recently, a Russian cybergang developed a way to hack into the ATM’s internal computer in order to extract bank account information that could be used to steal funds from victim’s accounts. This method, which includes having banking insider information and participation, is transparent to the ATM banking customer because no skimmer or camera is needed or used. Whoa! you say; my bank’s programmers and computer administrators would never participate in such criminal activity!! I hope you’re right, but IT insiders can be and have been involved in criminal activity in the past, a small percentage of that community of hard-working folks, I might add. However, the large amount of money involved in cyber-banking theft is staggering and the promise of quick fortune will sway the judgment of some.
Even though the Russians involved in this crime were discovered before implementing the software to commit the crime; it’s an idea that has by now been discovered by organized cybercrime groups all over the world. And therefore this method will proliferate as soon as they can clone the Russian effort. See Help Net Security.com’s article on the Russian plot.
What can you do to avoid this new approach to stealing your money? Sadly, not much. The banks will be more diligent and alert to these new practices after they’ve been discovered in use, and that will help. In the meantime, you can check your account activity and balance on a frequent basis in order to limit your losses. This will require you to notify your bank as soon as you see any suspicious activity such as withdrawals or transfers of funds from your account that were not made by you. This is a good practice to identify fraudulent activity on your credit card account too. Be careful, alert, aware, and suspicious of cyber theft of your financial assets at all times…it’s dangerous out there.
Please comment on this subject; we all learn from each other when our views and opinions are shared.
Don’t miss an article. If you enter your email address in the Email Subscriptions box on the right column of this page, I’ll send you an email when a new article is posted. I don’t share your email address with anyone…no one; I hate spam too. Please share my site with your friends and family. Thanks.
Remember, home computing is a blast…keep it safe, productive and enjoyable.