Fraud & Security FICO Card Alert Service Sees Surge in US ATM Cash-Outs

John Buzzard on Fox Business
May202015

Two weeks ago I decided to sit down and write a blog article about ATM fraud trends and in that feature I talked about some of the habits that criminals are exhibiting when they are performing unauthorized ATM withdrawals or “cash outs” as we like to refer to them these days.

The trend we’ve seen has grabbed people’s attention. It has already been featured in the Wall Street Journal and yesterday I discussed it on Fox Business with the Journal‘s Robin Sidel.

When you peruse that article you will notice that there is a great chart that shows what sorts of locations are generating the most incidents of card and PIN skimming.  Overwhelmingly, bank-owned ATMS have become the most popular location for a criminal to set up a card skim operation because it affords the ultimate opportunity to capture consumer’s cards and PINs.

A Growth Spurt

FICO® Card Alert Service has been identifying greater numbers of compromise locations in many US cities in recent weeks.  What areas are hot right now?  Pretty much everything from Connecticut to Florida seems to be fair game lately.

My personal opinion here is that there are a few well-organized criminal gangs moving from city to city and often times it appears that they travel in a southbound arc from Maine down to Florida and Atlanta and then back northward again.

How much busier are we as a result of this uptick in fraud?  Let’s just say that the numbers will speak for themselves as exhibited in the chart below where we compare the amount of card and PIN compromise cases identified by FICO Card Alert Service for the period of January 1 to April 9 2014 to the same period in 2015.

CARD AND PIN POINTS OF COMPROMISE CASES IDENTIFIED BY FICO® CARD ALERT SERVICE

Debit Card Fraud chart

Source:  2015 FICO® Card Alert Service

January to April 2014 Versus January to April 2015

  • Card and PIN skimming points of compromise at bank-owned ATMS has increased 173.53% when compared to the same time period in 2014.
  • Non-bank (NB) ATM compromises have increased by 316.67%.  Non-bank ATMS are typically located in convenience stores, hotels, transit centers, etc.
  • Point of Sale (POS) or merchant locations have dramatically declined to -81.25%. This significant drop in card and pin skimming is most likely linked to the criminal’s desire to compromise payment cards on more of a massive, automated scale.

Why is this happening?

  • It is worth noting here that there is no shortage of compromises affecting US-based merchants.  The actual modus operandi of capturing magnetic stripes and PINS has declined at the POS retail level because cyber criminals have been so successful at perpetrating mass compromises using remote access methodology.
  • This is the last hurrah before EMV.  As the US approaches chip adoption the criminals are taking this opportunity to perpetrate as much card present counterfeit fraud as possible before it is no longer viable for them to do so.
  • If bank-owned ATMS are so popular as targets for card skimming then why is there a 316.67% increase in non bank ATM card skimming today?  Fraud trends shift all the time and criminal targets change as well.  The criminals are targeting more convenience store ATMS this year than they did last year so the percentage is really high when you compare both time periods side-by-side.
  • ATMS located on financial institution property make ideal targets because they are ultimately the location where consumers perform a variety of transactions that all involve the presence of both card and PIN.  It makes sense that criminals are continuing to focus on these locations.

Suggested Best Practices for Financial Institutions

  • Increased security around all ATM equipment is recommended.  Consult your local law enforcement to coordinate police involvement for increased patrols and surveillance.
  • ATM custodians should make an extra effort to examine the front of every ATM for unusual attachments that may be disguised as native equipment.  Loose ceiling tiles above ATMS may also house hidden cameras or transmitters.
  • Examine the façade of ATM equipment for sticky tape or Velcro residue.  The presence of similar “sticky” adhesives may indicate that an ATM parasite was attached prior to examination.
  • It may be helpful to photograph ATM equipment to aid in any physical security inspections.
  • Card skimming time ranges are largely authenticated through video surveillance. Test all video equipment to ensure that it is in working order and properly archived.
  • If you have reason to suspect that your ATM equipment has been tampered with please contact local law enforcement and FICO® Card Alert Service (CAS).  When possible, it is important that terminal ID, address and suspected skimming date ranges are gathered prior to notification to law enforcement and CAS.

Suggested Best Practices for Consumers

  • Common sense rules prevail.  If you visit an ATM or a retailer and the equipment or behavior of the employee on staff is suspect then it may be a good idea to not present your payment card for a transaction.  Contact your card issuer if you have completed a transaction and suspect that your card or PIN may have been compromised.
  • Be aware of your available account balances.  Ask your card provider if they offer account alert technology that will deliver SMS text communications or emails to you in the event that fraudulent activity is linked to your payment card.
  • Update your address and cell phone information with every single card issuer that you do business with so that you can be reached if there is ever a critical situation that requires your immediate attention.
  • Use caution when speaking to someone on the phone who reaches out to you as a bank representative.  Criminal actors regularly portray themselves as helpful payment card reps so that they can steal your personal information.  It is perfectly acceptable to hang up on a suspicious caller and then place your own call to your card issuer to determine if they were trying to reach you.

8 Comments