Criminals are using exploiting holes in wireless security to steal passwords and account details from ATM machines without the need installing skimming devices.
Criminals conduct this activity by placing a “skimming” device over the card reader of a legitimate ATM and install a pin pad over the keys. When a customer would use the ATM, the skimming machine would be able to capture the customers account data as well as the pin code. Once the machine was recovered, then the criminal would have the information needed to breach the account.
Internet security experts state that criminals are now attempting to access debit card pin numbers and account information without installing the devices by targeting the machines through the internet.
In its 2014 Data Breach Investigation Report, Verizon studied 130 incidents of ATM skimming cases in 2013. Most of the ATM breaches took place at ATM machines and at gas pumps, where many customers use their debit cards to purchase gas. According to the report, the country with the most ATM skimming cases was Bulgaria, followed by Armenia, Romania, Brazil and the United States.
Source: Jordan Robertson, “What Happens When the ‘Internet of Things’ Comes to ATM Skimmers,” Bloomberg, April 22, 2014.