The U.S. Secret Service has been warning financial institutions about an increase in an ATM hack that is physically installed to pilfer off customer account data from ATM card readers, according to Brian Krebs' KrebsOnSecurity, who obtained a non-public alert the service sent to banks this week. The Secret Service told Axios its Electronic Crimes Task Force partners obtained intelligence about ATM skimming and that fraud alerts were sent to financial institutions about it.
Why it matters: There is anti-skimming technology that can prevent criminals from successfully stealing the data or that can set off an alarm when a skimming configuration is installed — but robbers are getting more tech-savvy and skirting around some of these safeguards.
The tech: Last year an innovation began circulating that lets crooks know when an ATM likely already has anti-skimming technology so they can move on without getting caught, per Krebs. It sells for $200.
- Some anti-skimming devices are “frequency-jammers,” which scramble the card data and confuse skimming devices.
How the hack works: Criminals drill a hole in the front of an ATM, which is later covered up with a faceplate to conceal the hole. They then attach card-reading devices with a magnet, and later attach a camera to obtain PINs as well.
What to watch: The Secret Service told Axios that the ATM skimming activity has been detected "throughout the east coast from Maryland to Massachusetts," but their current data does not yet point to a trend in location for the hacks.
Krebs advises: "If you visit an ATM that looks strange, tampered with, or out of place, try to find another machine. Use only ATMs in public, well-lit areas, and avoid those in secluded spots. Most importantly, cover the PIN pad with your hand when entering your PIN."
- "Finally, try to stick to cash machines that are physically installed inside of banks," Krebs wrote last year.
Editor's note: This has been updated with the latest details from the Secret Service.
