blog

ATM Jackpot Scam

Written by Elevate CU | Feb 26, 2023 7:40:00 PM

ATM Jackpot Scam

Hitting the jackpot in an arcade game is enormous fun. You stand there grinning as the tickets keep pouring out. And then you get to choose a cool prize to take home. Scammers recently gave this awesome win a sinister twist by bringing the jackpotting mechanism to Automatic Teller Machines (ATM). This doesn't mean you can ask for $20; the machine will start spitting out hundreds instead. But it does spell trouble for ATMs and their owners throughout the country. Find out what the ATM Jackpot scam is and how to protect yourself. 

Jackpotting attacks on ATMs have been spreading through Europe and Asia for some time. The Secret Service recently sent an alert warning that the ATM Jackpot scam has reached the United States.

Brian Krebs reported the alert, citing several sources and cautioning the public to be aware and careful of these attacks.

Here's what to know about the ATM jackpot Scam.

How does it work?

First, an attacker performs basic scouting to find a way into the ATM. They usually target models with front-facing panels because they're easier to access. Thieves have been posing as ATM technicians to avoid detection and gain easy access to the machines. They've also been using medical endoscopes to reach the insides of the ATMs.

Once the vulnerable area within the ATM is determined, the scammers attach their computers to mirror the ATM's software. The thieves will now install malware, which conveniently places the ATM under their control. At this point, the ATM will appear out of service for users, so scammers can force the machine to do their bidding remotely.

The criminals' final step in this hack is to program the ATMs to spit out piles of cash and send "money mules" to collect the cash for them.

Alternately, scammers may quietly bide their time and only take action a few days, or even a week, later. They will then return to the compromised ATM and program it to dispense all of its cash immediately, which they will promptly pocket. And now you know what the ATM Jack is. 

What malware is at play?

Krebs' report suggests that Ploutus D, the malware used in these attacks, has been widely used in ATM hacks since 2013. However, this claim has not been verified.

This past spring, researchers working in Kaspersky Lab wrote about three relatively simple ways fraudsters can hack and remotely control ATMs. Krebs believes the scammers can use any of these methods or Ploutus D.

Which ATMs are Vulnerable?

While every ATM in the country is at risk of being attacked, the fraudsters appear to target Diebold Nixdorf-made ATMs.

The Secret Service alert also warns that ATMs running Windows XP are "particularly vulnerable" and should be updated immediately. Unfortunately, though the Windows XP Embedded support ended more than two years ago, many ATM owners neglect to install updates as advised, placing their machines at greater risk for hacks.

What can you do?

ATM jackpotting targets the machine's owners and generally does not affect the common citizen. However, you can do your part to stop these crooks by reporting any suspicious activity you see near an ATM.

Did you spot a technician who looks out of place? Is an ATM that worked just fine yesterday suddenly out of service? If so, alert the local authorities so they can take appropriate action.

ATM Safety

While jackpotting might be relatively new to the U.S., and it's not yet clear how widespread these attacks are, it's always a good idea to exercise caution when using an ATM in a public setting. Here are some tips to remember the next time you use an ATM:

  1. Always cover the keypad with your free hand when inputting your PIN.
  2. If someone lurks near the ATM for no apparent reason, do not use it.
  3. Be wary of signs that the ATM may have been tampered with, such as a new-looking keypad, a card reader that looks different from the rest of the machine, or an out-of-place security camera.
  4. Don't use ATMs in unfamiliar neighborhoods or stores you never frequent.
  5. If you're withdrawing cash, secure your money in a wallet immediately after it's dispensed. Don't dawdle near the machine.
  6. While the full impact of these jackpotting attacks is not yet evident, the Secret Service is not taking them lightly. Do your due diligence to help stop the attacks, and always use caution when using an ATM in a public area.

While we are glad that this ATM Jackpot Scam does not affect your personal accounts, it is still awful. If you see anything suspicious, call your bank, the police, or your local authorities. If you like this post, check out our other fraud and scam alerts on our MoneySmart Tips Blog.