RyanX
The Living Force
I came across this blog post today. Sad to say, I don't think I would have caught something like this. Hopefully this will alert others to be more cautious about where they use their ATM/credit cards.
http://www.krebsonsecurity.com/2010/01/would-you-have-spotted-the-fraud/
http://www.krebsonsecurity.com/2010/01/would-you-have-spotted-the-fraud/
Would You Have Spotted the Fraud?
Pictured below is what’s known as a skimmer, or a device made to be affixed to the mouth of an ATM machine and secretly swipe credit and debit card information when bank customers slip their cards into the machines to pull out money. Skimmers have been around for years, of course, but thieves are constantly improving them, and the device picture below is a perfect example of that evolution.
This particular skimmer was found Dec. 6, 2009, attached to the front of a Citibank ATM in Woodland Hills, Calif. Would you have been able to spot this?
This is fairly professional job: Notice how the bulk of the electronics fit into the flap below the card acceptance slot. Also, check out the tiny pinhole camera (pictured below), ostensibly designed to switch on and record the victim’s movements as he or she enters their PIN at the ATM.
It’s hard to know whether this was a homemade skimmer, or one that was purchased from online criminal forums. Some of the skimmers sold on these forums are extremely sophisticated, incorporating features such the ability to send an SMS text message to the thieves’ mobile phone whenever a new card is swiped.
This type of fraud is actually far more common that you might think: A quick query on Twitter for “ATM skimmer” usually brings up plenty of local news reports about these devices being found on ATMs.
Practice basic ATM street smarts and you should have little to fear from these skimmers: If you see something that doesn’t look right — such as a odd protrusion or off-color component on an ATM — consider going to another machine. Also, stay away from ATMs that are not located in publicly visible and well-lit areas.
Update, 12:10 p.m: Mikko Hypponen from F-Secure sent in a few fascinating Twitter pics of other ATM skimmers that include ingenious ways to send the stolen credentials to the scammers.