Recently, the US Secret Service published online information about a new type of skimmers, which are called “periscope skimmers.” Accordingly, the process of data theft by such devices is called “periscope skimming.” These devices connect directly to the ATM circuit board to steal credit card data. Other duties of the Secret Service include investigating various types of financial fraud and identity theft.
Such systems were first discovered on August 19, 2016 in Connecticut, USA. The second time a new type of skimmer was found in an ATM installed in one of the localities of Pennsylvania, USA (September 3 of this year). According to experts who have studied such “periscopes,” the devices can remain inside the system for about two weeks. The device's memory capacity allows the skimmer to remember the data of 32,000 credit cards.
Apparently, the attackers who install such skimmers have a key that allows them to gain access to the ATM electronics. After opening the system, burglars install two devices inside, connected together by wires. The first model is installed in the card reader body, next to the receiving slot.
Fraudsters connect certain contacts of the skimmer to the ATM board, which is responsible for transmitting credit card data read with magnetic tape. The module is attached with glue. The only visible part of the skimmer is the wires that connect the first module to the second. The second module is the control system, which houses the battery, data storage and control electronics. The data storage looks like a small hard drive.
The technologies used by criminals to steal credit card information from ATM users are becoming more sophisticated. A new type of skimmer is likely a way to avoid detection of such devices using anti-skimmer technologies, which are also not standing still. The fact is that in a number of countries, bank employees and police began to use reliable skimmer detection systems. They work with almost 100% accuracy if the skimmer is installed outside the ATM.
Another interesting point is that “periscope skimmers” do not have a camera that could read card data of bank customers. Based on this, information security experts conclude that “periscopes” are just a prototype, a preliminary test sample of a real device. Perhaps the scammers are not going to use cameras, but are planning to install an overlay keyboard that completely replicates the original. But this is just a guess. As before, security experts advise covering credit card data with your hand.
Unfortunately, this method, firstly, does not always help. Secondly, it is used by a very limited number of ATM users.
According to a number of experts, the only reliable way to reduce the activity of ATM hackers is to remove the magnetic tape from the card. It is still the most vulnerable element of a credit card. But this is unlikely to happen in the near future, since it is the magnetic tape that makes it possible, for example, to make sure that the user inserted the credit card correctly. In addition, magnetic tape on a credit card is a modern standard. If we start to change something, banks and their service organizations will have to spend significant funds on refurbishing ATMs and changing cards.
Fraudsters do not need to use a key to access the insides of ATMs. There are many other methods that criminals resort to. For example, since 2013 it has been known that skimmers have been installed on portable terminals in stores and other points of sale of goods and services. All this is done very quickly, and installation of the overlay panel takes seconds.
This is what the overlay panel and the original terminal panel look like.
Some criminals do not work with skimmers, preferring to install malicious software on ATMs using special devices. This is not a very common method of hacking ATMs, but a number of criminals still use it. The protection of software platforms for ATMs is not 100% reliable, and banks often use ATMs with old software shells that have many vulnerabilities .
In order to remain undetected, scammers use miniature devices. They can remain on ATMs for a long time. This is especially true for systems that are installed in remote regions where control is not carried out very carefully.
Some scammers use brute force to install skimmers inside the ATM instead of outside. Here is a simple example of such a case:
Moreover, detecting a skimmer installed in a hole on the ATM body is much more difficult than detecting a third-party device from the outside. Not all ATMs are equipped with systems that report attempts at physical hacking, and the method has not yet been completely eliminated.
Another original way to install a skimmer is to work with a bank door. Instead of trying to attach a skimmer to the ATM itself, criminals place it in the door that blocks access to the ATM room. These doors can be opened using a card during non-banking hours. Fraudsters install a skimmer in the door, and when the door is opened, it reads the necessary information from the magnetic strip. And the video camera that records the pin code is, as usual, located in the area of the ATM.
Some scammers take advantage of the work of careless bank employees who leave the communication nodes of their networks accessible to almost anyone. This happens quite often with external ATMs and terminals that are installed by banks at airports, shops, train stations and other places.
Fraudsters just need to figure out what element is available and what can be done with it. For professionals, all this is just a child’s task.
So far, the safest ATMs are those that banks build into the walls of buildings. In this case, fraudsters can only gain access to the external panel of the device, and here there are much fewer options than in the case of other types of ATM.
