Welcome to the SecAware blog

I spy with my beady eye ...

10 May 2010

ATM crime & how to avoid it

ENISA published this paper (plus corrections to some of the reported annual loss figures) last September, describing the many ways that crime is being committed using ATM (Automatic Teller Machines - hole-in-the-wall cash machines to you and me). Techniques for stealing credentials range from hi-tech approaches using card skimmers and false-front ATMs (even completely bogus ATMs have been used) to lo-tech shoulder surfing and distraction robbery. If nothing else, print off their "golden rules to reduce ATM crime" (pages 24 & 25 of the report) and speak to your friends and family members about the simple recommendations to reduce your personal risks. I've just looked up my bank's emergency/lost-or-stolen card numbers and popped them into my mobile phone, for instance.

Brian Krebs recently blogged about ATM skimmers. I find various readers' comments on Brian's blog somewhat perplexing: some claim that chip-n-PIN is "too expensive" for the US, not least because chip-n-PIN is flawed. As long as this kind of bizarre head-in-the-sand denial persists, card crime will surely continue to increase from an estimated US$350,000 per day in the US alone (the US Secret Service's 2008 estimate). That's US$128m per year!

No comments:

Post a Comment