Report: ATM “Skimming” Up over 500% (!)

In another sobering reminder that the conveniences of electronic banking and payments bring their own unique risks, a report is out from the FICO folks — yes, those same people who so imperfectly provide credit scores — saying there’s been “a sixfold increase in the number of ATM machines in the United States compromised by criminals in 2015, compared with 2014,” as the NY Times sums up.

atm skimmingAccording to the Times, “the company said it was contractually barred from disclosing the actual number of incidents, but noted that the number for all of 2015 was the highest the service had ever recorded.”

And while “banks are not immune, nonbank ATM.s, meaning those in locations like convenience stores, are increasingly the targets, said T. J. Horan, vice president for fraud solutions at FICO. In 2015, he said, 60 percent of the compromises were at nonbank ATMs, up from about 39 percent in 2014.”

But on the potential “better news” side, a USA Today report on the same study also noted that “upgrading to an EMV chip-enabled debit card — if your bank has not already provided one — can help, too, since the chips have a dynamic code (unlike traditional magnetic stripes) designed to make counterfeiting more difficult. In fact, the spike in card fraud could be the “last hurrah” before EMV adoption becomes more widespread.”

This is because the “skimmers” that are in place in compromised ATMs are literally “skimming” the account information off the magnetic stripe on your existing cards.

Kurt Baumgartner, a principal security researcher with the cybersecurity company Kaspersky Lab, told the Times that “customers should take note of anything that looks unusual about an ATM, particularly the slot where the card is inserted. If the fixture wiggles, or appears to be attached with glue, that’s an indication that a skimming device is attached.”

Increasingly, “skimmers are also a big problem at gas station pumps, but it’s getting harder to detect skimmers at those locations because they are increasingly installed inside the pumps… consumers should be vigilant in keeping track of their bank account to note any unfamiliar transactions.”

And even if you’ve upgraded to an EMV card, that won’t do much good if the gas station hasn’t.

As another online news source notes, “the pumps themselves make pretty easy targets since they rely on the use of cards with magnetic strips instead of the EMV chips, now a part of many in-store card machines. According to Creditcards.com, the magnetic strip is ‘the last bastion,’ for thieves. The magnetic strip cards lacks the layers of security that chip cards possess. Fuel station owners don’t have to update their pumps until October 2017. It’s an expensive and time consuming process. According to CreditCards.com, the industry will spend $3.9 billion revamping the 80,000 gas pumps across the nation.”

Until then, tips to protect yourself include: chip card protection

  • Inspect the ATM before you use it. If the machine looks tampered with or something feels off, it  find a different ATM. If the card reader can be removed, alert the police.
  • Avoid ATMs in poorly lit areas or the ATMs that standalone in tourist areas.
  • Try to cover your hands when inputting PINs. There could be cameras around, and watch for people loitering nearby.

Also, if you have a choice, use a credit card rather than a debit card. Or, select the option to have your debit card processed as a credit card transaction when making a purchase. That way, at least, you won’t have to enter a PIN

Of course, those are all from the “card user” perspective, of course. On the business side, if you haven’t upgraded to an EMV reader yet, now would be the time. The more widespread EMV use, the more easily certain types of fraud can be massively reduced.

Which is always to be preferred to the “massive increase” that we’re seeing.

Contact your AVPS Rep today. And stay aware the next time you’re at an ATM!

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]

Leave a Reply

Your email address will not be published. Required fields are marked *