According to reports from the FBI, very soon cybercriminals are going to hack into ATMs and obtain financial information from users to withdraw money globally in what is called an ATM cash-out. The cybercriminals would use the financial information to clone cards and withdraw the money. They plan to gain access to the machines by infecting them with malware. So, why are they doing this and what can banks do to thwart the attack? Let’s take a look:
Unlimited Operation
The tactic is known as an unlimited operation. It involves infecting the ATM with malware to gain access to financial information. Subsequently, fraud controls are then cut from the system, allowing the cybercriminals to make clone cards and withdraw unfathomable amounts of money in only a matter of hours, undetectable and untraceable. These fraud controls include limits on the amount of money an ATM can dispense.
When Will it Happen?
In the past, these cash-outs have occurred on weekends after banks close on Saturday, as they won’t reopen until Monday. The FBI estimates that the attack will happen very soon, possibly this weekend, if the cybercriminals stick to their habits.
What Can Banks Do?
The FBI is imploring banks to monitor their security systems and upgrade wherever possible. Over the past few years, ATM cash-out totals have been increasing, from over $500,000, to almost $2.5 million in just over six months in an attack on the National Bank of Blacksburg in Virginia. Additionally, the FBI has told banks to remain vigilant and report any suspicious activity, including mass withdrawals. This will most certainly be an indicator of an attack in progress. Though we are not yet sure which banks will be targeted, the FBI alert has been traced back to the breach of Cosmos Bank in India, wherein thieves performed around 12,000 transactions to withdraw about $13.5 million from ATMs in Canada, Hong Kong, and India.
On the Consumer Side
We urge ATM users to monitor their bank accounts and report fraudulent charges to their respective banking institutions. It’s worth noting that, should you be unlucky enough to be the victim of fraudulent activity, the FDIC protects the money in your account(s) up to $250,000.
At M&H Consulting, we take pride in informing consumers of breaches and other fraudulent activity, both nationally and internationally. It’s important to stay informed and up-to-date, as criminal tactics continuously evolve. Keep up with our blog as we actively touch on such topics in the news. For all your security needs, comments, questions, and concerns, contact M&H Consulting at 1-(866)-964-8324.
Categorised in: Consumers, data breach, in the news