ATM Card Skimmers Found on Key Card Door Locks

Monday, January 31, 2011

Headlines

69dafe8b58066478aea48f3d0f384820

Criminals have found a new placement for ATM card skimming devices that may go unnoticed by even the most savvy of bank clients.

Most everyone who is familiar with the growing prevalence of ATM card skimmers knows to look for anything out of the ordinary when using a cash machine - typically large devices that appear suspiciously incongruent with the machine.

But how about on your way into the lobby of your bank?

Brian Krebs posted an article on ATM card skimmers that have been placed in the card swipe mechanisms used to allow access to the antechamber of a bank or other weather and security protected areas where cash machines may be located.

"In these scams, the thieves remove the card swipe device attached to the outside door, add a skimmer, and then reattach the device to the door. The attackers then place a hidden camera just above or beside the ATM, so that the camera is angled to record unsuspecting customers entering their PINs," Krebs writes.

Criminals can then immediately begin stealing cash directly from consumer accounts by creating fake bank cards and draining accounts.

The data stealing devices may be nearly impossible to detect when placed inside the existing cardlock swipe unit, as in one case examined by Krebs' article.

In the July 24, 2009 incident in California, a bank customer had discovered a hidden camera placed behind a mirror in order to capture PIN numbers.

Further investigation uncovered tampering with the card lock swipe device used to access the lobby. The article has more details and a series of photos of the mirror, camera, and tampered cardlock unit.

The devices are cheap to produce, easy to deploy, and provide nearly instant access to user accounts and funds, which increases the chance the method will become widely utilized.

Possibly Related Articles:
4682
Network Access Control
fraud scams Banking Skimming Headlines ATM keycards
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.