USA TODAY International Edition
Here’s how bank customers can help stop ATM heists
Consumers can be the front line of defense to prevent cybercriminals from committing multifaceted heists called ATM cash-outs, where thieves simultaneously withdraw millions from scores of banks.
ATM cash-out schemes are nothing new – they’ve occurred for a decade or longer – but have become a focus again after the FBI issued an alert to banks last week about a new impending global threat.
An operation in which India’s Cosmos Bank lost about $13.5 million (944 million rupees) in a wave of synchronized withdrawals across 28 countries last weekend fits the criteria, but institutions can never truly lower their guard.
Bank customers can help by notifying their bank if something has gone wrong with their own accounts, said Ryan Kalember, senior vice president for cybersecurity strategy at Proofpoint, a security firm headquartered in Sunnyvale, California.
Organized crime gangs attempt to pull off an ATM cash-out by defrauding a bank or financial institution on multiple levels. First, cyber criminals find an in-road into the company so they can manipulate ATM transaction monitoring programs.
Next, they create fake bank cards by using data from the infiltration and, at a predetermined time, deploy people to use the fake cards at scores of ATMs, while simultaneously lowering the institution’s defenses to allow the transactions.
While banks deploy sophisticated cybersecurity measures, the coordinated attacks are engineered on several levels and typically focus on a weak link in banking systems: Employees.
“If you can find the right person in the bank who has access to a particular system ... you just have to target that specific person, understand how they work, understand what they are likely to click on and then trick them into doing that,” Kalember said.
Once the cybercriminals have the opening into the bank’s systems, they use malware and other hacking efforts to gain the necessary controls.
When the time comes to commit the heist, “they instruct the foot soldiers ... to start hitting the (ATMs),” said Ron Schlecht, founder and managing partner of BTB Security, a cybersecurity consulting and monitoring firm with offices in Philadelphia, Chicago and Austin, Texas.
But consumers can help out. For starters, close any accounts you don’t need or don’t access regularly. Cyber attackers target accounts with low activity levels when they have infiltrated a bank’s network and may transfer the account information to the fake ATM cards. Also, regularly check your bank accounts for unusual activity, such as a transfer to a prepaid debit card.