Banks across the United States and beyond have been warned of a new wave of attacks on ATMs as already experienced in Europe and Mexico.
The Secret Service says they’ve seen about a dozen cases across the country from the mid-Atlantic region through New England, the Pacific Northwest and Louisiana.
The cybercriminals are believed to be coordinating their hunt in the U.S. and will most likely employ a method known as “jackpotting.”
According to a report from ABC News, this attack entails compromising an ATM machine to spit out cash to a fraudster at a furious rate of 40 bills every 23 seconds.
“That’s where you get the term jackpotting from because it is basically like a slot machine that you hit the jackpot — you are basically taking all of the money out of the ATM,” supervisory special agent Matt O’Neill told the news outlet.
“What we’re finding is the attacks really started in a coordinated effort in December and well north of a million dollars has been taken,” O’Neill said.
HOW JACKPOTTING WORKS:
Fraudsters pose as ATM technicians, even wearing uniforms and access the teller machine. They open it using a generic key that the Secret Service says is readily available for purchase on the internet.
Once inside, they use a technical means — installing a laptop computer and a cellphone into the machine — to be able to remotely take over the machine and force it to discharge money. But to avoid detection, the bogus technician does not typically take the cash, that’s left to a second co-conspirator.
The second co-conspirator, a “money mule,” then goes to the compromised machine and calls the phony technician who initiates a withdrawal sequence remotely.
“It runs until it is empty or the person standing at the ATM alerts the controller of the ATM to stop the withdrawal sequence because either law enforcement is nearby or for whatever reason they get spooked and want to leave the scene,” O’Neill told ABC News.
The technician often returns to the empty machine to retrieve the the laptop and cellphone, putting the ATM machine back like he was never there.
“We’ve seen these 21st Century robberies take place in plain sight, middle of the day, in malls, just because they are obviously getting themselves a jacket that says technician on it.”
After investigating a report of a jackpotting attack in recent days, the Secret Service quickly determined a more coordinated set of attacks was about to be launched in the next seven to 10 days. An alert was sent out Friday to inform the banking community of the potential attack and how they might protect themselves from being victimized.
O’Neill says it’s transnational organized crime using a mixture of international criminals and people who are already in the United States.
The attacks target specific models of stand-alone ATM machines made by Diebold running a the Windows XP operating system.
Banks can safeguard themselves by upgrading their ATMs’ operating systems,
Jackpotting has been a problem for a number of years in Europe and, according to the Secret Service, it was just a matter of time before it came to the United States.
“It’s a problem that is not going to go away any time soon, now that it has hit our shores,” O’Neill said.