Home » cyber security » What’s Lurking in Your ATM?
security spending

What’s Lurking in Your ATM?

Using a credit or debit card online can make some people uneasy about their data privacy. Unfortunately, those online transactions are not the only way criminals can steal your digits. Consider the notorious hack on card-reader systems used at a number of major retailers, which was responsible for hundreds of millions of compromised financial accounts in 2014-15.

Perhaps less prominently reported, though, is a consumer data risk that could just as easily have you reporting fraudulent activity and trying to get your funds back.

Every time you visit an ATM, there is a chance that a fraudster is snooping on your account data via a deceptive device called a “skimmer.”

ATM skimmers work by reading and capturing account information from the magnetic strip on a card. Much like online hacking methods, these devices have become more and more sophisticated over time.

According to NCR Corp, a manufacturer of ATM machines, a new and formidable breed of ATM skimmer is on the rise at machines worldwide. Called a “deep-insert skimmer,” this piece of hacking hardware is designed to sit inside the card-reader, out of the user’s view. Unlike traditional skimmers of the past, the devices can’t be identified with detection tools, so neither consumers nor professionals can easily discover it.

With traditional skimmers, simply getting in the habit of looking over the machine before use can keep an ATM user from falling victim to fraud. All it takes is a close look at the card reader and keypad for signs of tampering. This advice doesn’t apply to more sophisticated deep-insert skimmers.

Still, there are a few safety tips that could keep your ATM card out of fraud’s way. PC Magazine recently outlined a few ways to avoid even the latest skimmers:

  • Consider when and where: Any ATM can be compromised. However, isolated ATMs, such as those in unattended public spaces, are much more likely to be compromised than those inside your local bank.
  • Cover up: Fraudsters need your PIN number to make use of your debit card number. Often, this is done by inserting a small pinhole camera that records your pin entry. Block the view of the entry pad when entering your PIN.
  • Use NFC: If your ATM offers NFC app services, such as Android Pay or Apple Pay, these apps allow you to avoid using your card’s magnetic stripe.
  • Shake it up: Jostle your card as you place it in the machine to interrupt any skimmer’s data collection process.

Looking for education, consulting or products to help your organization avoid privacy and cyber security incidents? Learn more about Lunarline and the service we provide by visiting Lunarline.com or contacting us today.

About Spence Witten

Spence has somehow survived ten years at start-ups and small businesses without suffering a (major) nervous breakdown. As Lunarline's Director of Federal Sales, Spence actually loves working on proposals. If there were any doubt, this is proof that he is in fact certifiably insane. While his title says "Sales" Lunarline doesn't let him off that easy. We make him do real work, too. Luckily he's a recognized subject matter expert in security policy and loves helping clients navigate their way around tricky security compliance standards. He's also been known to lead a software development initiative or two, though that pretty much always ends poorly for everyone involved. He can be reached at spence.witten@lunarline.com.