The FBI warned US banks last week that they are expecting a large-scale fraud attack involving compromised ATM cash machines in the near future.
“Cyber criminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days,” the FBI advised banks in a confidential message revealed by the KOS blog, Aug 12.
The FBI discovered evidence of the imminent ATM frauds during their ongoing investigation of bank-targeted cybercrime.
In 2016 cybercriminals executed ATM heists in Virginia, stealing a total of US$2.4 million, and the latest warning from the FBI asserts that the next attacks could be on an even bigger scale.
In the 2016 fraud attack, perpetrated against two regional branches of the National Bank of Blacksburg, “Russian hackers were able to steal $2.4 million after an employee opened a phishing email containing malware that gave the hackers access to the bank's computer system,” NBC News reported.
(Photo: one of the regional Virginia banks hit by phishing/ATM scams in 2016.)
The hackers sent malicious emails to bank staff that covertly embedded malware on their computers. They then exploited the data they obtained to override the control systems of the bank’s ATM machines and extracted large sums of cash with well-timed fraudulent withdrawals.
According to the FBI’s recent warning, “small-to-medium size financial institutions,” are the likely targets, “due to less robust implementation of cyber security controls.”
The FBI warning emphasises the role that phishing played in the 2016 frauds and cautioned banks to review their cybersecurity policies to avoid staff revealing sensitive data or infecting systems with malware inadvertently.
Phishing: a billion $ crime category
The majority of people think cybercrime is a highly technical process involving coding and hacking, but actually, the reality is much simpler and more insidious. Most cybercrime is perpetrated using email techniques like phishing and malware infected attachments.
If criminals can get just one person inside an office to click on a link in a phishing message or open an attachment containing a virus, they can quickly get access to the company’s computer systems.
Phishing attacks like the ones against the Virginia banks typically start with an email that induces the recipient to click on a link. They will then be directed to a fake web page set up by the criminals behind the fraud. The fake website will look and behave like a real website, but its sole purpose is to collect the victim’s login credentials like username and password so that the criminals can exploit their accounts.
According to the FBI, this kind of attack has increased by 2,370% since 2015, and the global cost is now in the billions of dollars.
Stay up-to-date with new posts on the MailGuard Blog by subscribing to our email updates:
