The Federal Bureau of Investigation (FBI) of the US has issued a warning to the banks that the cybercriminals are planning to conduct a global fraud scheme called ATM cash-out.
The FBI confidential alert read, ‘cyber criminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an unlimited operation.’, Krebs on Security reported.
The ATM cash-out process
In this fraudulent process, the hackers use a cloned card at cash machines around the world to transfer money.
The alert added that the hackers will place a malware to eliminate multiple security and fraud controls implemented by the financial institutions to remove all limits on transactions.
Furthermore, the crooks are able to change account balances and other security firewalls. In turn, this allows unlimited funds to be available during ATM cash-out transactions.
The cloned cards used in these transactions are made by procuring stolen card data. Following this, the details are printed on reusable magnetic strip cards.
These new illegitimate cards are used at appropriate time by the crooks.
Most of these ATM cash-out operations are carried out at the weekends when the banking and financial institutions are closed.
The fraudsters are also said to target the small and medium sized institutions. Usually, these have lesser cyber security controls and are prone to phishing and cyber attacks.
In this situation, FBI has requested all the banks to evaluate the performance of their security systems. If needed, the response is to implement proper authentication measures as required to tackle the cyber threat.
The advisory also calls for an implementation of a dual authentication procedure. This is to be used if the amount of withdrawal increases above a specified threshold.