ATM Jackpot Scam

ATM Jackpot Scam

Hitting the jackpot in an arcade game is enormous fun. You stand there grinning as the tickets keep pouring out. And then you get to choose a cool prize to take home. Recently, though, scammers have given this awesome kind of win a sinister twist by bringing the jackpotting mechanism to Automatic Teller Machines (ATM). This doesn’t mean you can ask for $20, and the machine will start spitting out hundreds instead. But it does spell trouble for ATMs and their owners throughout the country. Find out what the ATM Jackpot scam is and how to protect yourself. 

Jackpotting attacks on ATMs have been spreading through Europe and Asia for quite some time. The Secret Service recently sent out an alert warning that the ATM Jackpot scam has reached the United States.

The alert was reported by Brian Krebs, who quotes several sources for this warning and cautions the public to be aware and careful of these attacks.

Here’s what to know about the ATM jackpot Scam.

How does it work?

First, an attacker performs basic scouting to figure out a way into the ATM. They usually target models with front-facing panels because they’re easier to access. Thieves have been posing as ATM technicians to avoid detection and gain easy access to the machines. They’ve also been using medical endoscopes to reach the insides of the ATMs.

Once the vulnerable area within the ATM is determined, the scammers attach their own computers to mirror the ATM’s software. The thieves will now install malware, which conveniently places the ATM under their control. At this point, the ATM will appear to be out of service for users, so scammers can force the machine to do their bidding from a remote location.

The criminals’ final step in this hack is to program the ATMs to spit out piles of cash and to send “money mules” to go and collect the cash for them.

Alternately, scammers may quietly bide their time and only take action a few days, or even a week, later. They will then return to the compromised ATM and program it to dispense all of its cash at once, which they will promptly pocket. And now you know what the ATM Jack is. 

What malware is at play?

Krebs’ report suggests that the malware being used in these attacks is Ploutus D, which has been widely used in ATM hacks since 2013. However, this claim has not been verified.

This past spring, researchers working in Kaspersky Lab wrote about three relatively simple ways fraudsters can hack and remotely control ATMs. As Krebs believes, the scammers can use any of these methods or Ploutus D.

Which ATMs are Vulnerable?

While every ATM in the country is at risk of being attacked, the fraudsters appear to target Diebold Nixdorf-made ATMs.

The Secret Service alert also warns that ATMs running Windows XP are “particularly vulnerable” and should be updated as soon as possible. Unfortunately, though the Windows XP Embedded support ended more than two years ago, many ATM owners neglect to install updates as advised, placing their machines at greater risk for hacks.

What can you do?

ATM jackpotting targets the machine’s owners and generally does not affect the common citizen. However, you can do your part to stop these crooks by reporting any suspicious activity you see near an ATM.

Did you spot a technician who looks out of place? Is an ATM that worked just fine yesterday suddenly out of service? If so, alert the local authorities so they can take appropriate action.

ATM Safety

While jackpotting might be relatively new to the U.S., and it’s not yet clear how widespread these attacks are, it’s always a good idea to exercise caution when using an ATM in a public setting. Here are some tips to remember the next time you use an ATM:

1. Always cover the keypad with your free hand when inputting your PIN.
2. If someone is lurking near the ATM for no apparent reason, do not use it.
3. Be wary of signs that the ATM may have been tampered with, such as a new-looking keypad, a card reader that looks different than the rest of the machine, or an out-of-place security camera.
4. Don’t use ATMs in unfamiliar neighborhoods or stores you never frequent.
5. If you’re withdrawing cash, secure your money in a wallet immediately after it’s dispensed. Don’t dawdle near the machine.
6. While these jackpotting attacks’ full impact is not yet evident, they are not something the Secret Service is taking lightly. Do your due diligence to help stop the attacks, and always use caution when using an ATM in a public area.

While we are glad that this ATM Jackpot Scam does not affect your personal accounts, it is still an awful situation. If you see anything suspicious, call your bank, the police, or your local authorities. If you like this post, check out our other fraud and scam alerts on our MoneySmart Tips Blog.