FBI warns of 'ATM Cashout' scheme


The FBI issued an international warning about an ATM hacking scheme may be tied to the theft of over $13 million from a bank in India. Two days after the warning was issued, the Cosmos Bank in India was targeted.

Fraudulent withdrawals were made at ATM machines in 28 countries over two days.

The scheme is being called "ATM Cashout", and banks in the U.S. are just as vulnerable. The FBI calls it a "highly choreographed global fraud scheme". Dr. Greg Hall, a research scientist at the University of West Florida Center for Cybersecurity said, "It's very difficult for them to stop it before a large amount of money will be able to be siphoned off."

First, crooks hack into internal computer systems at banks or payment card processors. Once they're in, they steal real card numbers, and make impostor or "clone" cards to be used at ATM machines. Dr. Hall continued, "These cards would then be distributed, or created in different locations, even around the world, and at a choreographed time, they would all go to ATM machines and attempt to use those cards."

In Virginia in 2016 and 2017, hackers used one bank's computers to inflate account balances before they made the ATM withdrawals. In two incidents, they got away with a total of 2.4 million dollars.

As the FBI works to prevent a widespread repeat of that incident, you may be wondering what you can do to protect your accounts. Dr. Hall answered, "Unfortunately, the not very sunny answer that I can give is.... not much. And it's because it's not the consumer's fault."

The best protection is for banks to strengthen their defenses, especially by training employees not to click on suspicious links or emails.

close video ad
Unmutetoggle ad audio on off