You probably know that you should take care when using an ATM, but how can you know for sure that the device has been compromised – and what should you do upon realising this?
What Is ATM Crime?
ATMs in the wall of banks, railway stations, hotels, supermarkets and other locations contain a lot of money. Attempting to remove the money by force will result in the notes being dyed, becoming easy to trace alongside the perpetrators. This has more or less ended the practice of physical brute force attacks on ATMs, as well as attempts to steal the whole devices (a practice common in the 1990s using four wheel drive trucks with winches or heavy-duty towbars).
Instead, thieves have opened a new line of attack: through you. There are three distinct types of ATM crime. The first is when someone waits for you to withdraw cash and then steals it from you. The second occurs when a victim is forced under duress to make a withdrawal and hand it over to the criminal. Third is the mode by which your PIN is observed and your card stolen.
The vast majority of ATM crime is based on a digital variant of this third method. This way there is no physical crime and those plotting the scam can remain comparatively anonymous, largely avoiding recognition in person or by camera. They visit the scene of the crime just a couple of times to install and later remove the hardware modifications they’ve made to the ATM.
Using An ATM Safely
Increasingly concerned about their customers’ use of ATMS, over the past few years banks have begun to take the issue of ATM crime seriously. Before we look at how you can spot a cash point or hole-in-the-wall that has been modified by criminals, let’s take a look at how you can use these devices safely.
The first thing to do is avoid using an ATM, wherever possible. If the option to queue at the bank and take money out of your account over the counter is available, you should take it. Opting for cashback in your supermarket is another alternative.
If you must use an ATM, ensure that there are no obvious modifications. Next, look around you to check no one is too close – ask them to step back if they are. When inputting your PIN, ensure your spare hand is covering the number you enter – you don’t want anyone else to know it, do you?
Make sure you quickly remove your card and put it away safely and securely; repeat for your withdrawal, then take one more look around you before you move away from the machine to a safe area, before continuing upon your business.
Finally, assume that any ATM or automated card payment machine can be compromised. Several card payment devices in petrol pumps have been compromised over the past few months and the possibility that other similar devices (such as self-service payment aisles in supermarkets) could be modified by scammers should not be overlooked.
What Does A Compromised ATM Look Like?
Identifying an ATM that has been modified is not easy. Scammers use fake card readers, fake keyboards and even cameras, styled to look like the originals that they cleverly fit over the top of.
Close inspection of a compromised ATM should reveal one of the following, however:
Fake keyboard – this sits over the original, and features keylogging software that records every PIN. As the PIN is entered each key press will push down on the original keys below, leaving the user none the wiser.
Fake card reader – these have developed considerably over the past few months. Miniaturisation has resulted in skimmer devices that sit inside the original card reader, whereas previously they might have sat on top. Recently new and some older ATMs have been fitted with “anti-skimmer” devices that purport to prevent skimmers from being fitted (pictured above).
Cameras – not to be confused with the ATM’s built-in camera, which is intended to record your face rather than your PIN. These are used as an alternative to the fake keyboard, but will be positioned so that the PIN can be recorded. Any part of the ATM that seems slightly too big is a potential home for a hidden camera, whose presence will often be betrayed by a small hole.
Meanwhile, a machine that has been hacked but in a state of unreadiness might be displaying the operating system boot screen or desktop (or even the warning message displayed below), often Windows XP or its embedded alternative.
Naturally you should avoid any machine that does not display the standard graphics for inserting your card, although bear in mind that ATMs running Windows XP continue to be a threat until they are upgraded to a later version.
I Found A Dodgy ATM – What Next?
If you find an ATM that you believe has been compromised, there are two things you should do. The first is to inform the owner straight away. This might mean popping into the bank or business that owns or rents the device and reporting the incident, or making a phone call to their ATM security team.
You should also take to your social networking account to report the ATM to your friends in the area. Better still if there is a local news group in operation, share it here too. The more people that know about the scam, the less chance anyone has of being taken in by it. You might also consider leaving a note on the device informing other potential users of your discovery.
Have you ever encountered a compromised ATM, or been the victim of cash machine that has been modified by scammers? Let us know what happened!
Compromised ATMs – How To Spot One
Has Your Favourite ATM Been Modified By Scammers?
What You Need To Know About Compromised ATMs