Increased skimming attacks, evolving malware, what’s next? It seems your ATM channel is facing threats from every direction. Fraud at the ATM is on the rise, and the losses associated with it continue to escalate. The U.S. Secret Service estimates that annual losses from ATM skimming total nearly $1 billion each year. That’s a whopping $350,000 daily from skimming alone! Additionally, ATM malware has increased on a global scale, allowing fraudsters to steal hundreds of thousands of dollars, in a matter of minutes. When it comes to ensuring security at the ATM, Financial Institutions need to familiarize themselves with current threats in the market, and implement forward-thinking strategies to prevent compromises. Are you doing everything you can to eliminate fraud at your ATMs?
Skimming attacks at the national and local levels continue to climb. As U.S. banks and credit unions phase out magnetic-stripe cards and replace them with chip cards, and as merchants upgrade their point-of-sale terminals to accept chip transactions, fraudsters are working overtime to ensure they capture as much card data as possible from mag-stripes in order to perpetrate counterfeit card fraud.
Many recent skimming attacks in the U.S. have involved what’s known as bezel-mounted card skimming devices, which are attached to the top of an ATM’s actual card reader. Similarly, we have also seen an influx of false keypad overlays in the latest incidents. These false overlays are hard to identify since they are designed to look exactly like the legitimate card readers and keypads. Skimming attacks like these are typically accompanied by small hidden cameras located near an ATM’s PIN pad. The cameras are installed to capture PIN numbers as they are entered by users during cash withdrawals. Most recently, we have witnessed the arrival of external skimming devices that essentially hijack an ATM’s phone or internet jack. These types of skimmers are plugged into the machine’s network cables, and are designed to intercept customer card data. Skimming attacks are continually evolving, and every FI is vulnerable. What preventative measures are you taking to ensure your ATMs are not compromised by skimming devices?
Protecting your ATMs is a multifaceted task. Not only do FIs need to regularly inspect their machines for skimmers, they also need to invest in anti-skimming technology. To protect our customers from skimming attacks, NuSource trusts the global leader in anti-skimming solutions, TMD Security. TMD’s technology uses an active-jamming approach to skimming. This eliminates many problems commonly associated with detection-based anti-skimming solutions, such as failure to detect attacks, managing false alerts, and ATM downtime. Contact your NuSource representative to learn more about TMD’s anti-skimming protection.
For more information on skimming, and to read about local and national skimming attacks, follow the green links below.
- Alert: ATM Skimming Up in U.S.
- ATM Scams on the Rise
- $2 Billion in Losses this Year due to ATM Skimming Around the World
- Skimmers Hijack ATM Network Cables
- Police on Alert for ATM Account ‘Skimmers’ in Woodbury, Elsewhere
ATM malware continues to spread globally. One malware that took the industry by storm is Tyupkin. Tyupkin allows criminals to empty an ATM’s cash cassettes via direct manipulation, without using a debit or credit card. Many experts refer to these attacks as “jackpotting,” since criminals are able to completely drain an ATM of its cash. After the virus takes control of the ATM’s cash-dispensing function, the ATM is rebooted and automatically spits out cash.
SUCEFUL is another shocking ATM malware that is believed to still be in its development phase. The malware is designed to target cardholders by reading a credit/debit card’s magnetic stripe or chip, controlling the malware themselves via ATM PIN pad, and retaining or ejecting the card on demand while suppressing ATM sensors. Unlike the Tyupkin malware, SUCEFUL is designed to work on both Diebold and NCR ATM systems by using a WOSA/XPS interface.
An additional malware being used for advanced and persistent attacks against FIs is Carbanak. This continually evolving malware has reportedly stolen $1 billion from FIs around the world. Carbanak uses an APT-style (Advanced Persistent Threat) attack, which allows criminals to gain access to an ATM network and remain undetected for long periods of time. Using the APT approach enables hackers to assume control of ATMs and “rollback” fraudulent transactions to evade detection. As Kaspersky Lab describes, “The rollback capability ensures that the balance on debit cards remains the same regardless of the number of ATM transactions undertaken.” Kaspersky Lab has found that instances of Carbanak typically begin with a phishing attack. AppGuard, an award-winning Anti-Malware Solution, is known to prevent phishing attacks like these.
In order to keep our customer’s ATM fleets protected from destructive malware like Tyupkin, SUCEFUL, and Carbanak, NuSource recommends the installation of AppGuard to all ATMs. AppGuard is the most comprehensive and advanced anti-malware solution available in the industry. Using patented isolation and containment technologies, AppGaurd prevents exploits from known and unknown threats. With its complete USB and runtime protections, AppGuard disrupts malware from gaining a foothold on an ATM’s system. These protections guard even if the trust system is compromised by malware signed with stolen certificate keys. Additionally, the solution delivers its protection without requiring burdensome scanning or frequent updates, which dramatically reduces system overhead.
Interested in learning more about the types of malware listed above? Follow the green links below.
- ATM Malware Attacks Spreading
- Jackpotting ATMs: Take the Precautions
- NCR Releases Another Security Warning of Jackpotting Attacks on their ATMs
- SUCEFUL Malware Hits Financial Industry by Storm
- ‘Covert’ APT Attacks Pose New Worries
How Can NuSource Help?
To ensure the highest levels of security for our customers and their ATMs, NuSource has launched a Security Solutions Package that helps prevent fraud at the ATM. Our complete suite of ATM Security Solutions bundles NuView (a Remote ATM Management Tool), Patch Management Services, TMD’s Anti-Skimming Protection, and AppGuard. Take a proactive approach to ATM Security. For more details on our ATM Security Solutions, click here.
ATM Security Analysis
Due to the recent increase in skimming and malware attacks at the ATM, NuSource is currently offering our customers an “ATM Security Analysis.” The ATM Security Analysis specifically examines ATM skimming vulnerability, software updates, secure ATM cabling, alarm systems, cameras, and more.