| ATM Crime: Attacks against ATMs may be | | | | Infrastructure Hacking, Architecture Hacking, |
| classified as either ATM physical attacks or ATM | | | | Network Hacking, Social Engineering, Phishing and |
| fraud. | | | | various other methods are also used to |
| ATM Physical Attacks: | | | | compromise PIN codes. |
| ATM physical attacks are normally perpetrated | | | | Card Skimming |
| with the intention of gaining access to the cash or | | | | Card skimming involves making a copy of the |
| other valuable media within the ATM safe or ATM | | | | information encoded on the magnetic stripe of the |
| security enclosure. Some of the most common | | | | card. There are various different types of |
| methods include Ram Raid, Explosive Attack (gas | | | | skimming device designed to be used in different |
| and non-gas) and Cutting (e.g. rotary saw, blow | | | | environments, from hand held devices through |
| torch, thermal lance, diamond drill). The success of | | | | door access skimmers to miniature card entry |
| ATM physical attacks is often measured by what | | | | slot skimmers. Hand held skimming devices are |
| percentage of the cash is stolen and the speed | | | | more commonly associated with card skimming in |
| by which the attack is completed. | | | | restaurants and other retail establishments. When |
| ATM Fraud | | | | used in the ATM environment the perpetrator will |
| There are many different categories of ATM | | | | either use distraction techniques to temporarily |
| fraud. In general ATM fraud can include any | | | | obtain and copy the consumer's card or |
| deliberate 'criminal' technique which involves the | | | | sometimes pick the pocket of the consumer. |
| use of an ATM to obtain something of value to | | | | Some ATMs are installed in a controlled |
| the perpetrator. The most common types of | | | | environment whereby the consumer is required to |
| ATM fraud include Card Theft (e.g. Lebanese | | | | swipe a card at the door of the ATM location to |
| Loop) , PIN Compromise (e.g. Shoulder Surfing), | | | | gain access. Skimming devices may be attached |
| Card Skimming, Cash Trapping, Transaction | | | | to or used as a replacement for a genuine door |
| Reversal and Deposit Fraud. | | | | access device.ATM card entry slot skimmers |
| ATM Fraud in more detail: | | | | have various shapes and sizes and also vary in |
| Card Theft | | | | sophistication. When installed correctly they allow |
| Card theft is where the perpetrator physically | | | | normal operation of the ATM in that the |
| obtains the consumer's card at or in the vicinity of | | | | consumer's card is entered and returned |
| an ATM. The most common method of card | | | | correctly, however the magnetic stripe is copied |
| theft is Card Trapping. The most popular method | | | | by the skimming device. One of the most |
| of trapping a card at the ATM is known as | | | | effective ATM skimming devices is known as the |
| Lebanese Loop. A Lebanese Loop is designed to | | | | Sofia skimmer. The skills of the perpetrators in |
| be entered within the card entry slot of the ATM | | | | modifying the packaging of skimming devices |
| card reader in such a way as it does not prevent | | | | makes them very difficult for the untrained |
| the consumer from entering their card, but it | | | | observer to detect. |
| does prevent the ATM card reader from ejecting | | | | Cash Trapping |
| or returning the card to the consumer. The | | | | Cash trapping is the term used to describe |
| perpetrator can subsequently remove the trapped | | | | attacks where the consumer's cash is trapped |
| card once the consumer has departed from the | | | | and prevented from being presented or delivered |
| ATM with the belief that the ATM has captured | | | | to the consumer. The variety of trapping devices |
| or swallowed their card. Another variant of card | | | | is significant, ranging from those which require |
| trapping is known as the Algerian V trap. Other | | | | insertion within the ATM's cash dispenser through |
| methods of card theft include card swapping | | | | false fronts to well engineered electro-mechanical |
| where the consumer's card is exchanged for a | | | | devices which simulate the removal of the cash |
| card of similar appearance. This distraction method | | | | by the consumer. |
| is often executed at the time that the | | | | Transaction Reversal |
| consumer's card is being returned or ejected to | | | | Transaction reversal techniques involve highly |
| the consumer following a transaction at the ATM. | | | | skilled manipulation of the ATM during a |
| PIN Compromise | | | | transaction with the result that the host computer |
| PIN compromise methods range from the very | | | | believes that the consumer did not receive their |
| technically sophisticated to the relatively easy | | | | cash and thus re-credits or reverses the |
| technique known as shoulder surfing. Shoulder | | | | transaction. Other variants of transaction reversal |
| surfing involves the perpetrator standing close | | | | involve either collusion with someone within the |
| enough to the consumer to observe the numbers | | | | ATM network or detailed knowledge of the rules |
| entered on the key pad. A more sophisticated | | | | governing transaction processing. |
| method of observation or surveillance involves the | | | | Deposit Fraud |
| use of a miniature camera which can either | | | | Deposit fraud covers a variety of criminal |
| transmit the image of the PIN being entered or | | | | techniques from making false deposits, trapping |
| store the recording within the device. With the | | | | deposits through skilful manipulation of the deposit |
| increase in the number of mobile phones with | | | | accepting device. False Deposit fraud includes |
| video capture capabilities, such phones are | | | | exploiting processing rules to draw on funds |
| adapted to compromise PINs. Keyboard overlays | | | | before they have been verified and officially |
| are devices which are designed to look very like | | | | cleared for crediting to an account. Similar to cash |
| the genuine ATM key pad and are fixed on top of | | | | trapping, Deposit Trapping allows the perpetrator |
| the genuine key pad. The Keyboard Overlay will | | | | to obtain the valuable media prior to it being |
| record the numbers entered on the key pad but | | | | secured within the deposit terminals safe or |
| also permit the genuine keyboard to accept the | | | | security enclosure. Highly skilled perpetrators of |
| PIN being entered. Similarly to the use of | | | | deposit fraud may use techniques by which the |
| cameras, the keyboard overlay may transmit the | | | | deposit terminal believes it has received and |
| information to a remote receiver or store the | | | | successfully validated a deposit when in fact it has |
| information locally. Sophisticated ATM | | | | not. |