BreachExchange mailing list archives
ATM skimmer use on the rise
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Tue, 10 Feb 2015 19:55:19 -0700
http://www.pnj.com/story/news/2015/02/07/atm-skimming/23060937/ Most modern consumers have been conditioned to use care with their credit and debit card information when shopping online. Many people use less caution with their cards in the real world, however — a fact that enterprising thieves are learning to exploit. Skimming, a method of stealing card information from devices such as ATMs and gas pumps, is becoming an increasingly popular method of data theft that already has impacted numerous local citizens. "It's happening more and more now," Santa Rosa County Sheriff's Office Detective Duron Nelson said of skimming incidents. "It normally happens during the holidays and around the first of the month when retirees are getting checks." This week, a skimmer placed on a Navy Federal Credit Union ATM in Milton may have jeopardized the information of many area residents. Skimming devices are most often placed on outside ATMs in high-traffic areas. The devices themselves are essentially overlays that fit over the card reading slot and/or keypad on the cash machine. When a consumer swipes their card or enters their PIN number, the fake card reader stores information from the electronic strip. The keypad overlay, or sometimes even tiny cameras placed directly above the keypad, captures the users keystrokes. "They place them there for a couple of days, then come back and remove them to retrieve the data that's been collected," Nelson said. "Sometimes they're sitting in the parking lot watching the data they're collecting on a laptop."
From there, the crooks most often sell the information — names, card
numbers, expiration dates, etc. — to other thieves through digital black markets known as "dump sites." "They're becoming a commodity, much like social security numbers," SRSO Public Information Officer Rich Aloy said. Nelson said another common scheme is for data thieves to steal inactive gift cards from stores, then imprint them with credit card information. Because there are no obvious signs that the cards are fraudulent, purchases made with them don't usually raise suspicion until victims see unexplained charges on their credit card statements. Aloy said that being alert and proactive was the best way to avoid being victimized. "Take a good overall look at the machine and if anything seems off, don't use it and notify the bank." Federal Bureau of Investigation tips to avoid being skimmed •Inspect the ATM, gas pump, or credit card reader before using it…be suspicious if you see anything loose, crooked, or damaged, or if you notice scratches or adhesive/tape residue. •When entering your PIN, block the keypad with your other hand to prevent possible hidden cameras from recording your number. •If possible, use an ATM at an inside location (less access for criminals to install skimmers). •Be careful of ATMs in tourist areas…they are a popular target of skimmers. •If your card isn't returned after the transaction or after hitting "cancel," immediately contact the financial institution that issued the card.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- ATM skimmer use on the rise Audrey McNeil (Feb 17)