If we told you that automated teller machines, or ATMs, were susceptible to hacking attacks, would you believe us? You should; there are a plethora of ways for hackers to infiltrate and steal money from ATMs, with the latest being so dangerous that even the Secret Service has issued warnings about it.
ATMs in Connecticut and Pennsylvania have recently become complicit in identity theft schemes issued by hackers. The machines themselves have been found to be equipped with periscope skimmer devices attached inside, particularly in machines which have openable lids that provide easy access to their inner workings. The device is installed so that it can probe the magnetic strip on the card as the machine reads it. Users might only need to withdraw $20, but they have so much more to lose.
It’s estimated that the device’s battery can last for up to 14 days per charge and that it has enough storage capacity to steal 32,000 card numbers. The one good thing about this device is that it doesn’t seem to collect PIN numbers. Instead, this scam may be part of a preparation for a real heist.
There may not be a PIN collection device on this version of the skimmers, but it’s still a good habit to cover the PIN pad with your free hand while you plug in your code. You never know who could be watching. Scammers are crafty and may have hidden cameras on the device to steal information, or they have hacked into the native camera remotely to spy on you while you input your credentials. Even if you don’t suspect that you’re being watched, it’s always better to err on the side of caution.
What’s worse is that those chip cards that your bank replaced your old cards with probably won’t be of much use, as most ATMs still need magnetic strips in order to accept and process the card as legitimate.
These skimmers can’t usually be identified by sight, as they’re often installed internally to avoid the prying eyes of cautious users. The most practical advice for avoiding ATM scams is to consider the thought process of a criminal who may try to exploit one of these machines. Consider its location–if the ATM is surrounded by people at all times, like those that are found in supermarkets or public places, chances are that it won’t become a target. Now, if it were located in a secluded rural gas station tucked away in the back hallway, it’s more likely that someone would tamper with it. Consider if it’s top-accessible, allowing cybercriminals access to its innards. These are all variables that you should be on the lookout for.
Therefore, it’s recommended that you use only ATMs that are placed in high-traffic areas where there are plenty of witnesses who might notice if someone tampered with the machine. It’s also important to avoid ATMs that are easily accessible; rather, just use one which is embedded into the wall, like the one in your bank’s drive-thru. These are great for multiple reasons: 1) They’re well-lit, 2) They are high-surveillance zones, and 3) Hackers have a hard time getting into them.
If you’re dealing with your business’s finances, it’s probably best that you handle your financial services through the tellers that aren’t automated. Another option is to go about your business online, shielded by the safeguards that Setton Consulting can prepare for your organization. To learn more about our cybersecurity services, reach out to us at 212-796-6061.