ATM Malware: Exactly What Are You Giving and Getting at the ATM?

You need some cash and the banks are already closed, so what do you do? Grab that ATM card and head to the bank to get some quick cash no matter what the time of day or day of the week it is, of course. Do you ever stop to think that putting your card into the ATM you could be giving out your personal information? I’m sure that many of us never give it a second thought, but with today’s technology, every time you use an ATM, you may be the victim of ATM malware technology.

Security personnel have discovered that hackers are storing ATM malware on ATM’s. ATM malware has the ability to capture a user PIN and the data on the ATM card's magnetic that is stored in the ATMs memory. ATM malware just doesn’t appear on any machine out of the blue. Hackers use someone who is familiar with the inner workings of an ATM, such as an ATM technician or anyone else with a key to the ATM, to place the malware on the ATM. Once the ATM malware is on the machine, attackers use a control card, which is similar to an ATM card, to trigger the malware and obtain full control of the ATM.

When you use an ATM, it stores your PIN in its memory. Later, when the attacker or thief comes along, he or she is able to use a control card to request a printout of PINs and any other data that the ATM malware has captured. This printout is in an encrypted format produced by the malware, and normally the only person who can decipher the encryption is the person who placed the malware on the ATM in the first place.

In March of 2011, a Trojan that steals credit-card data was found on Diebold ATMs. This is a more complex version of malware, but it still works in a similar fashion that other ATM malware does.

So what does ATM malware technology mean for those of us who use ATMs? Well, researchers have confirmed that ATM malware has been planted on ATMs in Eastern Europe. ATM malware has also been found on machines in Russia and Ukraine. These same researchers have found signs that ATM malware is moving to the United States, but there have been no confirmed instances in the U.S., and no detailed information as to where in the United States the ATM malware will supposedly rear its ugly head.

As a hard-working citizen, should you be concerned about ATM malware? You bet you should, but what can you really do about it? Your financial institution should take steps every day to ensure that its ATMs are safe, working correctly and have only official software, including antivirus software, installed. This type of preventative maintenance should make you feel a little safer, but if you are still uneasy, here are a few steps you can take to make you feel more secure the next time you visit your local ATM.

• Never allow someone you are unfamiliar with to assist you at an ATM while you are withdrawing money or check your account balance. Many times scam artists will linger around ATMs in an attempt to assist unsuspecting victims. They may encourage you to perform addition actions that you normally wouldn’t do. These additional steps are methods these scam artists use to illegally obtain your information, especially if malware is stored on the ATM.
• Never give your ATM card to a stranger. Why anyone would do this in the first place is unclear, but make sure you keep your ATM card safe and on your person at all times.
• Shield the keypad when entering your PIN. When you use an ATM, cover the keypad with your other hand that isn’t hitting the buttons. Shielding the keypad prevents any hidden cameras or strangers from seeing you enter your PIN.
• Look for hidden cameras in the area around the ATM. Many times attackers use hidden cameras to capture your information. These hidden cameras may be concealed in a brochure holder above the machine. This is the most common place hackers conceal cameras.
• Never turn your body away from the ATM; instead, turn your head and look over your shoulder.
• Use the same ATM. When you use the same ATM, you become familiar with it; if anything about the ATM changes, you will notice.
• Observe the ATM for hidden devices, especially if you are using an ATM that you normally don’t use. Hidden devices may be fitted on top of the original features of the machines. It’s usually safer to use a newer ATM machine rather than one that is old and has been in use for several years.
• Work closely with the bank regarding using its ATMs. You as the consumer have the best understanding of whether the machine is working correctly; if you notice something that doesn’t seem right, report it to bank personnel immediately. Things to report include any malfunctions or if the machine holds your card longer than usual.

If the ATM is not working, check with the bank to ensure that someone is aware. Sometimes attackers will put Out of Order signs on nearby machines to encourage people to use a specific machine that the hackers have tampered with. If you notice an Out of Order sign on an ATM that you normally use, you are better off visiting another machine that is farther away, even if it requires you to go out of your way.

At TopTenREVIEWS We Do the Research So You Don’t Have To.™