Consumers should act now to protect their finances.
The FBI is advising banks and consumers to be on high alert for a potential global hacking of ATMs.
Security researcher Brian Krebs broke news of the FBI’s warning to banks over the looming compromise.
The FBI warns that cybercriminals plan to hack card processors and use cloned cards to withdraw “millions of dollars in just a few hours” around the world, in a scheme known as an “ATM cash-out.”
Krebs also reported that a similar attack in India, which resulted in $13.5 million being hacked in a little over two hours, is related to the alert.
How does this hack work?
Through a cyberhack, criminals gain sensitive information through phishing schemes or purchase it off the black market. Once obtained, the criminals then use the information to create clones of debit and ATM cards.
After, criminals will hack into payment processing systems, eliminating any withdrawal limits from machines, giving them the ability to run the ATMs dry.
With the cloned cards, the hackers will access the ATMs and withdraw cash at thousands of locations across the world.
These hacks aren’t new.
In May 2016, a smaller-scale attack began at First National Bank of Blacksburg in Virginia. Phishing emails allowed criminals to steal more than $2.4 million over the span of less than a year.
The hack doesn’t help an already serious lack of trust between consumers and their banks. A recent survey by Blue Fountain Media found that 90 percent of respondents are concerned about their privacy online, and only 21 percent of them feel confident in their online banking or financial institutions’ handling of their personal data.
How can you and your bank protect your finances?
You shouldn’t panic just yet, though.
Joseph Campbell, J.D., is director of global investigations and compliance practice at Navigant Consulting in Washington. Previously, he worked as an assistant director at the FBI for 25 years, with cybersecurity being one of his main focuses.
In an email to Bankrate, he explains that banks still have time to take precautionary efforts against the hack. He recommends that banks make sure their IT systems are kept up to date and to monitor for unexpected traffic or increased withdrawals.
As for consumers, the FBI’s memo suggests that the criminals responsible for the cash-out scheme already have sensitive personal information — but that doesn’t mean you can’t be diligent in preventive measures of your own.
Don Baham, president of Kraft Technology, says you should act now.
“It’s not a matter of if this is going to happen,” Baham says. “It’s a question of when it’s going to happen and how prepared you are and a matter of how quickly companies and individuals can respond to it.”
According to Baham, there are three ways consumers can prepare for an ATM heist:
- Freeze your credit report: Baham says this is a great first step to take when information has been compromised. Freezing your credit report can ensure that unauthorized charges or openings of new credit accounts won’t be used against you.
- Beware of phishing scams: Don’t trust emails that ask for sensitive information like your PIN or answers to your security questions. If you’re unsure of an email’s credibility, call your banking institution directly.
- Enroll in two-factor authentication: Baham says a major point the FBI’s warning brought to light is that not enough users are enrolling in two-factor authentication. He notes that the process can be a bit of an inconvenience for consumers, but they should take their information seriously; the extra step can go a long way.