Finance Security

3 Danger Signs to Look for Each Time You Use an ATM

Gavin Phillips 27-05-2016

What do you do when it is your turn at the ATM? Are you ready to pounce, majestically maneuvering your card to the slot, gracefully extracting your hard-earned dollars, and running to the nearest bar? Or are you more considered, scanning your surroundings for any inkling of malicious activity on or around the ATM itself?


We’ve all been the former — in a rush, millions of things to do — but taking those few moments before popping your card into the slot could be the difference between spotting an ATM that has been tampered with, and becoming a penniless statistic These 7 News Reports Prove ATM Fraud Can Hit At Any Time We often go into auto-pilot while using ATMs, but in Europe alone, cash point fraud increased by 15% in the first six months of 2015. These news stories prove ATM fraud can strike at any... Read More .

The range of tools available to scammers has risen in recent years, and largely follow a singular path. But while the tools remain roughly the same, the technology evolves, easing their obfuscation and aiding their camouflage. Let’s take a look at some tell-tale signs of tampering, and how you can keep your cash firmly locked in your account.

Identifying The Issues

If you’re diligent, you might spot the fake components, but you will have to actively look for the malicious parts. I mean, the malefactors want them to remain hidden for as long as possible, so they won’t be covered in purple glitter and pink polka dots. Here are some commonly found ATM hacks How Scammers Can Use ATMs To Clean You Out That ATM in the wall of your local bank might look like an easy way to get some cash, but you need to make sure that the scammers didn't get there first. Read More .


A skimmer is a malicious card reader. It sits over the top of the existing ATM card reader slot and scans the magnetic strip of every card that enters the machine. Even with advances in banking card technology, such as card specific chips, the magnetic strip still contains vital information as to remain backwards compatible with outdated systems.

Indeed, even after the US finally rolled out EMV Heads Up, Americans: Here's How Credit Cards Are Changing in 2015 Chip credit cards have been standard for years in the world outside of the USA. Now they're coming to the US; here's everything you need to know. Read More (Eurocard, Mastercard, Visa) cards, commonly referred to as “Chip and PIN,” Why You Should Protect Your Waveable Visa Card From Mobile Fraudsters Read More a massive amount of vendors still require a magnetic swipe to complete some transactions.


Typically, skimmers are small, fitting over the card reader slot and may have been artificially “worn” to match the appearance of an older ATM. In recent years skimmers have further evolved to easily fit within the “throat” of the card slot itself, making their detection nearly impossible. Other technological advances have seen massively increased battery life for installed devices without access to an alternative power source. As well as this, some advanced skimmers are able to transmit their data via Bluetooth, allowing a thief to return to the ATM as a regular “customer,” pair with the device and download the pilfered card information.

  • Consider the locale of the ATM. Dark and shady? Out of sight? Minimal footfall? No surveillance?
  • Give the card slot a wiggle. If it feels loose, moves around in its specific slot, or heaven forbid, actually comes loose from the machine, you should move on.
  • Consider the slot. Many ATMs have arrows to indicate where to insert the card, or other markings making each slot easily identifiable. Does the reader cover any of the markings or arrows? If so, it could be a sign of tampering.
  • Check graphics and instructions. Another indicator can be misaligned instructions or graphics, or perhaps colors slightly out of sync.
  • Cross-check with other ATMs. If the ATM is part of a pair (or more), check its neighbor for any discrepancies.

Card Skimmer Manchester

The thieves aren’t silly, and come up with innovative ways to help you part with your cash. You might actually have your details swiped before you even reach the ATM. How, you ask? Well, those ATMs behind a security door that require you to swipe your card to enter, seemingly offering one of the safest options of all? Yes — your card details were skimmed at the door, and your PIN was recorded with a pinhole camera.

Many ATM manufacturers now integrate anti-skimming devices, while it is easy for individual vendors to purchase an anti-skimming device for retrospective fitting. Card skimmers are typically used in conjunction with a minute camera, stationed above or extremely close to the number pad.


PINhole Camera

The next tool in the scammer’s arsenal is the pinhole camera. To complete a physical transaction using cloned card details Fraudsters Still Clone Credit Cards: Keep Plastic In Your Pocket If you regularly pay by credit or debit/cheque card (and who doesn’t these days?) you should be aware that your card can be cloned. But how is this done, and what types of business are... Read More , there must be a PIN number to verify the process, captured alongside the card information. Many ATMs actually come with their own camera. There are no hard and fast statistics on how many ATMs have their own cameras, but it varies depending on their location. Those situated within a bank or mall are likely to have a camera to view your face, while others in gas stations or a bar may not.

Pinhole Camera

Pinhole cameras are different to those officially installed. Thieves will install a tiny physical camera somewhere on the ATM to capture PIN entries corresponding to the details swiped using the aforementioned skimmer. Their presence isn’t always easy to spot. Their housing will be as close to the color of the ATM as possible, and will attempt to fit snug to the machine façade.

Pinhole Camera in Merchandise


Number Pad

The final tool completing the thieves’ tainted trifecta is the false number pad. Just as with the card skimmers and pinhole cameras, these vary massively in quality and cost, meaning some are thankfully easier to spot. However, those malefactors with enough enterprise and capital can research the specific model of their ATM target and purchase a false number pad that fits snug to the machine.

ATM Fake Number Pad

The number pad is often used alongside the card skimmer to replace a camera, working in the same vein as keystroke logging malware you might encounter on your computer. Once installed, each individual button press is logged, along with the time, to match up with the skimmed details How Credit Card Fraud Works and How to Stay Safe Credit cards and gift cards are regularly stolen. How do thieves get your card? How can you keep safe from credit card fraud? Read More .

  • Check the height. The false number pad might not align correctly with its ATM surroundings, or may well appear to be slightly higher than it should be. As with the card skimmers, there might be symbols or arrows that are slightly obscured.
  • Go on, give it a wiggle. Though this is less useful with a false number pad as they are usually fixed to the frame of the ATM, if it is moving more than you would expect i.e. at all, it should set your alarm bells ringing. A real ATM keypad shouldn’t move at all — it is integrated with the machine.
  • Check the alignment. The keys themselves can sometimes give the game up. Misaligned or poorly printed replacement keys are usually an indicator something is afoot.
  • Check the edges. If the number pad has been replaced by an entire panel, there may well be gaps around the edges of the ATM itself, where the fixture should be relatively, if not completely, seamless.
  • Consider the age. Is the ATM you’re about to use worn out? Does it have an astoundingly shiny number pad that looks out of place? It could be a sign of a recently installed malicious number pad.

If the design of the number pad replacement is exceptional, it will be difficult to spot. As with the pinhole cameras, if the thieves have enough money to purchase premium equipment it will make spotting any malicious activity that little bit more difficult.


Other ATM Issues – Malware

Aside from the physical alterations that can be made to an ATM, we must remember these are basically computers designed to spit money on command. Almost any device can be hacked, and ATMs are absolutely no different — it just requires a different strategy.

ATM machines running the now extremely outdated Windows XP Windows XP Running Your ATM Or Ticket Machine? Time To Buy Online! Windows XP support ended in April 2014; Microsoft will no longer release bug fixes. If you've upgraded your PC then everything should be fine – but what about your bank? Have they upgraded? Read More are a particular issue, and are unlikely to receive any software updates to protect against newly found vulnerabilities.

Security researchers at Kaspersky Lab have “identified 49 modifications” of a single type of ATM malware designed to turn the entire machine into a single skimming device, as well as being able to dispense cash at will from a selected cassette (the bit that holds the money). Meanwhile, researchers at Trend Micro recorded a 15% rise in fraudulent attacks involving European ATMs, identifying numerous manufacturer specific malware variants throughout the entire globe.

ATM malwares have different targets. While some may certainly target regular users such as you and I, other malware types seek “only” to empty the machine of its cash, on demand. Researchers at Proofpoint detailed GreenDispenser, which allows a thief to empty an entire machine using only a set of pre-designed PIN codes, and then, using a “deep delete” process, remove any trace of the malware.

Trend Micro ATM Malware Sites

Other ATM Issues — Cover The Entire Machine

The scammers will go the extra mile to ensure your money ends up in their bank account. We touched briefly on the upper-end of the ATM thief scale: components tailored to specific machines, making use of the latest and greatest in manufacturing technologies to ensure parts blend in. Professional thieves and/or coordinated gangs can have an entire ATM façade manufactured, with multiple locations to hold their data capture devices.

As you can see in the linked video, the whole of the ATM is covered, completely subverting any potential customers whist making it extremely difficult to detect.


Nobody, or anything. Or perhaps just your gut. I forget which one is best, but if you suspect something is wrong with the ATM you’re stood in front of, just move on. You’ll be saving yourself an immense amount of hassle, and enough stress to fill the Grand Canyon.

If you realize the ATM has a malicious device attached to it, do not remove it How to Spot a Compromised ATM & What You Should Do Next Read More . There have been instances of criminals following their do-gooder citizen away and reclaiming their device — remember, they may have paid thousands of dollars for the equipment. No: immediately phone the police and let them deal with the vendor and any would be criminals.

It can be difficult to spot an ATM that has been tampered with, for obvious reasons. Take just a moment, and reap the internal rewards.

Have you spotted a malicious ATM? What did you notice? What did you do? Let us know below!

Image Credits: Shocked woman by Kaspars Grinvalds via Shutterstock, Pinhole Camera via KrebsonSecurity, Pinhole Camera in Merchandise via Hoax-Slayer, Fake Keyboard via MyBroadband, ATM Malware Families via Trend Micro

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Eddie G.
    June 5, 2016 at 4:57 am

    While ATM's are truly convenient for the masses, I'm from the select few that believe in being smart and getting up early to do my banking. I don't use ATM's much, I pre-plan and adjust for emergencies, then withdraw that amount from the teller within the bank during business hours. That eliminates one potential way criminals can snag your info. Another thing I avoid is buying things online. Listen, I realize we might not all have a "Whatever The Store Is" within our neighborhood, and that you might see something online that catches your eyes, but I guess because I'm "simple" and don't need the latest and greatest of whatever's the rage at the moment,...that I'm perfectly happy to shop locally and avoid online shopping, or the chance for the criminals to sniff my information as it traverses the internet.I think because of the way criminals have advanced?...that we might need to go "backwards" and go back to checks and signatures!....LoL!

    • Gavin Phillips
      June 9, 2016 at 9:39 pm

      Aye, criminals have certainly tapped into societal desire for everything to be quick, easy, and online. It creates a number of corridors where things can, and do, go awry. I do shop online, though it is usually only for things I cannot get in the local shops. In a small town, where vendor variety is limited, some items are unobtainable.

      Unless you want a pasty, because there are at least seven places to get those (and I'm not complaining!).

      Thanks for reading!

  2. Philip Bates
    May 31, 2016 at 8:02 pm

    This is all really helpful, especially when much of society seems to take a somewhat laissez-faire attitude to their cards. As long as the branch is open, I always go inside to use an ATM; I know this isn't infallible, but it's certainly safe than an outdoors housing.

    • Gavin Phillips
      June 9, 2016 at 9:36 pm

      Thanks, Philip. I was recently sent a new bank card out of the blue - complete with contactless chip. I hadn't asked for it, and the lady in the branch seemed genuinely surprised that I didn't want it. I use the outdoor ATMs, but always give them a wiggle. I am definitely being relaxed, living this far down makes crime feel somewhat distant at times - only happens in "big" places.

  3. rk
    May 31, 2016 at 5:45 pm

    @Howard, my situation is the opposite. I got chip and PIN cards a long time ago but a lot of the local stores are not yet equipped to read the chip. And I don't live in a small town....

  4. Nate
    May 31, 2016 at 6:13 am

    Where does it say that the customer/depositor bears the loss, and not the bank which failed to protect its ATM from the attachment of false devices? The whole premise of your article is that the customer loses the money, not the bank. How did you come to that conclusion? I'd like to see you cite some legal decisions supporting your premise.

    • sleeepy2
      May 31, 2016 at 12:55 pm

      My wife used to cash her paycheck at the bank it was drawn on then deposit it as cash in our bank (so the money would go in the same day, instead of taking a few days for depositing a check). One day, a few hours after she deposited the cash, our bank called and said three of the hundred dollar bills were counterfeit. We were on the phone for an hour between the two banks, explaining one of the banks gave us counterfeit money, and the other accepted counterfeit money, and they are the experts on money, not us. Both banks politely and firmly told us we were out $300, and there was nothing we could do about it.

      My point is, in my experience, banks aren't really big on stepping up and accepting responsibility.

    • Gavin Phillips
      June 9, 2016 at 9:34 pm

      Not entirely. Several banks have attempted to reject claims of fraud through phishing scams as the customer was not committing due diligence to maintain the security of their own account - so it does happen. However, in the case of ATM, most banks will accept that it was beyond your control.

  5. Tomas D
    May 31, 2016 at 2:36 am

    Bulgarians with skimming tools were recently apprehended in Belize. An alert security guard caught them trying to install their devices.

  6. Anonymous
    May 29, 2016 at 7:57 pm

    "Indeed, even after the US finally rolled out EMV (Eurocard, Mastercard, Visa) cards, commonly referred to as 'Chip and PIN,' a massive amount of vendors still require a magnetic swipe to complete some transactions."

    Funny, while almost every card reader in my area is now ready for "Chip and PIN" cards - even gas pumps have been replaced! - neither of my bank accounts (primary and spare) has issued the cards yet - my primary is supposed to be done by October (giving out cards to their credit card customers first, debit cards later!); my secondary is supposed to be done by the end of June.

    • Gavin Phillips
      June 9, 2016 at 9:23 pm

      Hey Howard,

      I think quite a few people are running into this issue, or the readers haven't caught up with the cards...or the vendor just hasn't the foggiest about what's going on!

      Thanks for reading!

  7. Anonymous
    May 28, 2016 at 3:15 pm

    Being A Luddite With Huge Tech Trust Issues, I Also Do Not Use ATMs - Go Figure.

    I Make All My Operations Over The Bank Counter, With Withdraws Being Big Enough, So My Wallet Does Not Run Dry Until The Bank Opens Again On The Next Business Day.


    • Gavin Phillips
      June 9, 2016 at 8:15 pm

      I knew another guy like that, and he would also only take £5 notes to keep track of his spending each day. Seemed to work well, and I'm pretty sure he never had his card skimmed. He did click on a phishing link though. The more you know!

      • Anonymous
        June 10, 2016 at 4:58 am

        It Seems Your Guy Was Not Luddite Enough.

        I Do Not Do Financial Operations On Any Freaking Machine, Period.

        Care To Try Again ?