In the world where cybercriminals steal identities, where cryptocurrency is making inroads and where mobile devices can pay with a tap or a wave, it may seem quaint to think of the ATM as a bastion of both cash and fraud.
Yet, NCR, the payments hardware maker that specializes in ATMs, is sounding the alarm on skimming attacks at the cash dispenser, with key technologies designed to gather up PINs and grab cash tied to hidden cameras and also to devices that are attached to ATM network cables themselves to pilfer card data.
[bctt tweet=”NCR is sounding the alarm on skimming attacks at the cash dispenser.”]
Krebs on Security reported that NCR sent warnings to customers earlier this week, saying that it received what it called “reliable reports” of NCR and Diebold ATMs being compromised as external skimming devices took root at Internet or phone jacks.
In its warning, as quoted by the site, the company said: “These devices are plugged into the ATM network cables and intercept customer card data. Additional devices are attached to the ATM to capture the PIN. A keyboard overlay was used to attack an NCR ATM; a concealed camera was used on the Diebold ATM. PIN data is then likely transmitted wirelessly to the skimming device.”
What lies behind the hijackings? NCR says it’s a way for criminals to grab onto new methods to take data from magnetic stripe cards. And it avoids putting the skimmers near where cards are inserted, which is, of course, where most anti-skimming tech is traditionally located. One solution, according to NCR: Don’t have cables exposed where they can be a tempting target for meddling.