Bits N’ Bytes Cybersecurity Education is a 501(c)(3) dedicated to building a human firewall through education on cybersecurity and privacy for all vulnerable populations!

Putting Your Money Where Your ATM Is!

Avatar

Happy Summer! Thanks for stopping by, we love that you’re here!

You putImage result for atm no background money, you take money out. Simple, right? Well, in today’s “cyber-dog eat cyber-dog” world, not so much. We are going to cover a topic commonly missed by society: ATM Security. I covered this with the seniors I presented to last week, and knew as I spoke, heads turned in surprise. As we have said before, security IS all around us!

First off, let’s pose some reasons why ATMs are vulnerable in the first place:

  • They physically hold thousands of bank notes in one machine
    • High Return-Of-Investment for the fraud
  • Perpetrator gets off more lenient than bank robbers because the job is less physical
  • Majority run on outdated Windows XP software
    • Malware vulnerabilities
  • Malls and non-bank ATMs are not surveilled with a keen eye
  • Malicious individuals could conduct “man-in-the middle” attacks, intercepting customer information as it is relayed online
  • From 2015-2016, 32% of states said they were up in ATM losses by 1-9% and 23% said they were up by 10% or more
  • Skimmers, fake card scanners: Fraud!
    • New technology, like 3D printers, are helping escalate this

_________________________________________________________________

What are skimmers? A cover placed directly on the credit card reader or pin pad that is not the real one from the machine, but an external attachment the perpetrator placed. These skimmers are getting increasingly hard to spot, and more prevalent. In the US, 68% of executives regarded skimming as a severe or very severe crime (ATM Market Place). This technique can also be seen at gas pumps.

Skimmers typically work in two components:

  1.  A physical cover placed on top of the credit card reader that scans and stores the information from the magnetic strip.
  2. But to access your account and $, a fraud still needs your pin. Although sometimes this itself could be another fake device (a fake pad), most of the time, a secret camera is placed where the hacker can record you type in your pin.

 

Image result for ATM skimmers       Image result for ATM skimmers

__________________________________________________________________________________

How to Stay Safe

  • Keep distance from those in front and behind you in line
  • Check the ATM before using it
    • Any loose or crooked parts?
    • Anything suspicious?Image result for cover your pin atmImage result for tourist attractions map
    • See any tape or adhesive marks?
    • Visible damage?
    • Small cameras on the machine?
  • You are most vulnerable in popular tourist attractions, so be extra careful when you travel.
  • Indoor machines are relatively less likely to have a skimmer. Still, there is risk!
  • Cover your keypad from cameras or recording devices
    • Even if there are cameras and the card reader is skimmed, at least the fraud will not know your pin
  • If you do not get money out, contact the bank or financial institution. Report it!

______________________________________________________________________

Technologies That Can Be Used for ATM Safety

  • A detection system that warns the institution or takes the ATM offline when anything foreign is attached, added to the machine
    • A radio-frequency jamming technique
    • Device sensing vibration
  • Behavioral analytics: Does the user usually come around this time? Is this a probable location for the user to be making a transaction? Do they usually transact this much?
  • Regularly download patches and software updates for Windows-based ATM
    • “In a perfect world, they should push down patches once per week,” Nicholas Percoco, Senior VP and head of SpiderLabs for Trustwave says. “In reality, what we find is that some have not had patches downloaded in two years.” Source
  • In Japan, since 2006, 80,000 biometric ATMs have been installed when legislation declared banks responsible for paying for fraudulent charges.
  • Communication across banks and within the same bank for branches nationwide
  • Addressing the measures necessary depending on the location of the ATM.

Stuck in traffic? Interested in learning how to save your money from fraud? Listen to this informative, interesting podcast about this topic!

Thanks for joining me this week, I hope this post opened you eyes to see a perspective of everyday security often overlooked. Now, every time you see an ATM and decide to make a transaction, remember these guidelines and lessons, pass them along, and as always, stay safe!

Detective Safety

0 Points