A little something different today. On a post picked up from Krebs on Security about the evolution of skimmers on ATM machines that are scamming thousands of people out of millions of dollars all over the world. Skimmers have been around for many years, almost ever since ATMs were first introduced people have been trying to scam them. According to the U.S. Secret Service, ATM fraud totaled about $1 billion in 2008. Card skimming, where the fraudster affixes a bogus card reader on top of the real reader, accounts for more than 80 percent of ATM fraud.
This skimmer was found in 2009 outside a Citibank ATM in California. Known to be one of the best examples of evolution of skimmers, this one is very well made and even has a tiny pin hole camera at the bottom to record your movements in entering your pin number.
Below is another example of an ATM skimmer found in Alexandria, USA, February 28 2010. Card skimmers are normally placed at the front of the card reader, and designed to record the data off of the magnetic strip on the back of the card when they are inserted into the machine. These devices can be bought for about $1500 online.
The more advanced devices cost about $8000 and you can get these online from the Russians who can also make these to order depending on what type of ATM you want to hack. Below is a series of pictures of what comes in a ATM skimming set that you can get for about $8000.
Below is another example of a key pin pad overlay that could fool any suspecting user.And this yellow device was removed from an ATM in 2010 at an unknown locationThere is also a new ever increasing threat with these machines coming out. While the banks are trying to shut down the scammers and hackers that are stealing money from their clients. These guys are coming up with ever increasing methods to beat the banks and get your money. There are new GSM skimmers which allow the data being copied to be sent to the scammers via wireless devices so they do not need to come back to the scene of the crime to collect their device. Once they have your information they simply need to make a cloned card and go off and steal your money and disappear, almost never to be found.
Below is a mock up of an ATM and a masked skimmer showing how to attach and reset his skimmer device, used as a training video to the buyers of the device.
To protect yourself from being robbed by ATM skimming its best to always use an ATM inside the actual bank not out on the street, because these machines are never set up to be skimmed due to the high level of security inside a bank. Skimmers usually target ATM machines on the street or with less security around. If you really need to use an ATM but you suspect it has been hacked just walk away. The skimmers are so good these days there is almost no way to tell.
Tomorrow we touch another subject based on ATM skimmers… Fake ATMs!
Until then make sure to protect yourself online and in the street!
Leave a Reply
- Cyber crime and more data breaches in 2011 June 11, 2011Its been a really bad year for companies that have experienced cyber crime or have had serious data breaches. Most recently the Sony Corporation has been in the headlines for failing to properly secure its PlayStation Network which allowed hackers to steal hundreds of millions of users details and possibly credit card information. In April […]
- Is internet privacy impossible? June 10, 2011Internet privacy is becoming more and more of a topic of discussion these last few months as issues with Google, Apple and Sony are in the headlines. Privacy advocates are going as far as saying that privacy does not exist, it can’t exist and on the internet privacy is virtually impossible. In some way they […]
- Google Chrome update fixes 15 bugs June 8, 2011If you are using Google Chrome than you need to update to the latest version as Google as fixed 15 bugs including 5 high severity vulnerabilities. Along with these new bug fixes the new version allows users to delete flash cookies just like they can do with web cookies. Another new feature will prevent the […]
- Internet Privacy Bill rejected in California for the 2nd time June 5, 2011Bill SB242 also known as the internet privacy bill was rejected 19-17 by lawmakers in California for the 2nd time after coming under heavy opposition by those pesky social networking sites such as Twitter and Facebook who want the bill abolished because it will defeat the purpose of their website which is to exploit internet […]
- Gmail users – beware of fake login pages June 3, 2011Google sent a warning yesterday about targeted attacks on Gmail users that use phishing attacks to trick users to login to fake Gmail pages. The attackers thought to be Chinese seem to be targeting US officials that use Gmail (who would have thought they even do!?) and also political activists, journalists and military personnel. To […]
- Hide My Ass VPN launches new website June 3, 2011Hide My Ass VPN, one of the premier virtual private network companies has just released a new version of its website complete with a new blog. They have also 10 more VPN servers to their already large list of available ip addresses to use anonymously. Hide My Ass VPN currently offers 13,000 unique ip addresses […]
- Google Wallet payment system May 30, 2011Google has announced the release of their long awaited new payment system Google Wallet. This revolutionary new payment system allows users to pay at certain stores by swiping their mobile phones instead of their credit cards. The technology is fairly new at the moment so it only works on the Nexus S 4G by Google […]
- Inside Strong VPN – World class VPN services May 27, 2011One of the best Virtual Private Network services around at the moment is Strong VPN which is owned and operated by a Reliablehosting.com, one of the best hosting companies. In business for over 12 years, with 24/7/365 support its easy to see why people go with Strong VPN for their VPN needs. With over 900 […]
- New Private Browsing feature for mobile Firefox users May 22, 2011Mobile phone users with the Android operating system can rejoice today as Firefox releases a new version of its popular mobile web browser that includes the “Do Not Track Privacy Feature” which is already used in its desktop browser. Firefox for Android is currently the only mobile browser that us the do not track feature. […]
- Ant Video Downloader addon for Firefox a privacy concern May 22, 2011If you are a user of Firefox and have the Ant Video Downloader add on installed than we strongly recommend you remove it ASAP. The app which has recently been removed from the Firefox website has been found to be secretly collecting data about every website you visit and combines it into traceable data even […]