The Federal Bureau of Investigation (FBI) of the US has issued a warning to the banks that the cybercriminals are planning to conduct a global fraud scheme called ATM cash-out.
The FBI confidential alert read, ‘cyber criminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an unlimited operation.’, Krebs on Security reported.
The ATM cash-out process
In this fraudulent process, the hackers use a cloned card at cash machines around the world to transfer money.
The alert added that the hackers will place a malware to eliminate multiple security and fraud controls implemented by the financial institutions to remove all limits on transactions.
Furthermore, the crooks are able to change account balances and other security firewalls. In turn, this allows unlimited funds to be available during ATM cash-out transactions.
The cloned cards used in these transactions are made by procuring stolen card data. Following this, the details are printed on reusable magnetic strip cards.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataThese new illegitimate cards are used at appropriate time by the crooks.
Most of these ATM cash-out operations are carried out at the weekends when the banking and financial institutions are closed.
The fraudsters are also said to target the small and medium sized institutions. Usually, these have lesser cyber security controls and are prone to phishing and cyber attacks.
In this situation, FBI has requested all the banks to evaluate the performance of their security systems. If needed, the response is to implement proper authentication measures as required to tackle the cyber threat.
The advisory also calls for an implementation of a dual authentication procedure. This is to be used if the amount of withdrawal increases above a specified threshold.