You probably know that you should take care when using an Automated Teller Machine, but how can you know for sure that the device has been compromised – and what should you do upon realising this?
The ATMs in the wall of banks, hotels, supermarkets, shopping malls, bus stops and other locations contain a lot of money.
Attempting to remove the money by force will result in the notes being dyed, becoming easy to trace alongside the perpetrators, according to www.makeuseof.com
This has more or less ended the practice of physical brute force attacks on the ATMs, as well as attempts to steal the whole devices (a practice common in the past using four-wheel drive trucks with winches or heavy-duty tow bars).
Instead, thieves have opened a new line of attack: through you. There are three distinct types of the ATM crime. The first is when someone waits for you to withdraw cash and then steals it from you. The second occurs when a victim is forced under duress to make a withdrawal and hand it over to the criminal. Third is the mode by which your PIN is observed and your card stolen.
The vast majority of the ATM crime is based on a digital variant of this third method. This way there is no physical crime and those plotting the fraud can remain comparatively anonymous, largely avoiding recognition in person or by camera. They visit the scene of the crime just a couple of times to install and later remove the hardware modifications they have made to the ATM. These modifications can leave you penniless.
Using ATM safely
Increasingly concerned about their customers’ use of ATMs, over the past few years banks have begun to take the issue of the ATM crime seriously. Before we look at how you can spot a cash point or hole-in-the-wall that has been modified by criminals, let us take a look at how you can use these devices safely.
According to www.makeuseof.com, the first thing to do is avoid using an ATM, wherever possible. If the option to queue at the bank and take money out of your account over the counter is available, you should take it. Opting for cash-back in your supermarket is another alternative.
If you must use an ATM, ensure that there are no obvious modifications. Next, look around you to check that no one is too close – ask him or her to step back if too close. When inputting your PIN, ensure your spare hand is covering the number you enter – you don’t want anyone else to know it, do you?
Make sure you quickly remove your card and put it away safely and securely; repeat for your withdrawal, then take one more look around you before you move away from the machine to a safe area, before continuing upon your business.
Finally, assume that any ATM or automated card payment machine can be compromised. Several card payment devices in petrol pumps have been compromised over the past few months and the possibility that scammers could modify other similar devices (such as self-service payment aisles in supermarkets) should not be overlooked.
What does a compromised ATM look like?
Identifying an ATM that has been modified is not easy. Scammers use fake card readers, fake keyboards and even cameras, styled to look like the originals that they cleverly fit over the top of.
Close inspection of a compromised ATM should reveal one of the following, however:
Fake keyboard – this sits over the original, and features keylogging software that records every PIN. As the PIN is entered, each key press will push down on the original keys below, leaving the user none the wiser.
Fake card reader – these have developed considerably over the past few months. Miniaturisation has resulted in skimmer devices that sit inside the original card reader, whereas previously they might have sat on top. Recently new and some older ATMs have been fitted with “anti-skimmer” devices that purport to prevent skimmers from being fitted.
Cameras – not to be confused with the ATM’s built-in camera, which is intended to record your face rather than your PIN. These are used as an alternative to the fake keyboard, but will be positioned so that the PIN can be recorded. Any part of the ATM that seems slightly too big is a potential home for a hidden camera, whose presence will often be betrayed by a small hole.
Meanwhile, a machine that has been hacked, but in a state of unreadiness, might be displaying the operating system boot screen or desktop (or even the warning message displayed below), often Windows XP or its embedded alternative.
Naturally you should avoid any machine that does not display the standard graphics for inserting your card, although bear in mind that ATMs running Windows XP continue to be a threat until they are upgraded to a later version.
What to do if you find a dodgy ATM
If you find an ATM that you believe has been compromised, there are two things you should do. The first is to inform the owner straight away. This might mean popping into the bank or business that owns or rents the device and reporting the incident, or making a phone call to their ATM security team.
You should also take to your social networking account to report the ATM to your friends in the area. Better still if there is a local news group in operation, share it here too.
The more people that know about the scam, the less chance anyone has of being taken in by it. You might also consider leaving a note on the device informing other potential users of your discovery.
via: INFORMATION NIGERIA