Automated teller machines have been a part of banking and financial services for more than half a century. But, until recently, they served mostly as a vehicle for receiving cash, depositing checks or reviewing balances.
However, the addition of cryptocurrency to ATMs in recent years has added a new wrinkle to the basic card skimmers and over-the-shoulder, old-school PIN-snatching. More and more cybercriminals are seeing the reliable, traditional ATM as a prime focal point for their cryptocurrency scams. Indeed, the ATM Industry Association (ATMIA) last month announced that it was launching a national program to educate “law enforcement and consumers … addressing cryptocurrency fraud schemes.”
“Although the vast majority [about 99%] of cryptocurrency transactions represent legitimate activity, some consumers are falling victim to clever scam artists,” according to the ATMIA’s release. “People who would never hand over a blank check or their credit card to a stranger, are tricked into completing a cryptocurrency transaction for one. And these tend to be the type of romance, investment, and merchandise scams that have been around for decades.”
In fact, the ATMIA created its own “ATM Cryptocurrency Deployers Advocacy Group” in 2021, when leaders noted that “membership of crypto ATM deployers really surged last year,” according to David N. Tente, executive director for U.S., Canada & the Americas for ATMIA.
While the incidence of cryptocurrency scams per teller machine has not necessarily increased that much in recent months, “the problem has been growing as the number of crypto ATMs and kiosks has grown rapidly over the past couple of years,” Tente said.
According to the ATMIA, there are more than 30,000 ATMs and kiosks worldwide that offer cryptocurrency services — mostly in the United States. While that’s less than 10% of the 500,000 traditional ATMs in operation today, the heightened interest in and usage of cryptocurrency (even in light of the recent crypto-crash) means that many of these conventional teller machines may be converted to accept cryptocurrency, according to Tente.
As is common with financial fraud, many of the scams perpetrated on crypto-ATMs, issuers and users resemble the same “scams that have been around for decades,” Tente added. “These schemes always have some element of urgency attached. The payment has to be made now.”
Tente pointed out that for many cyber thieves, “cryptocurrency is a more attractive payment method than a wire or mailed check,” because of its lack of audit trail and anonymity. “Criminals are simply changing how victims pay, using the same scheme,” Tente said, adding that oftentimes fraudsters will target elderly, isolated or naïve crypto-users, believing they are the least likely to push back.
“People need to be suspicious about anyone they don’t know asking for money for any reason,” Tente said. “If any request for money is made of them, [they should] get a second opinion from someone they know and trust.”
In its June release, ATMIA outlined six types of fraud schemes that it has seen emerge at teller machines in recent months, as cryptocurrency-enabled ATMs and related scams have risen, as well as recommendations to law enforcement on how to handle these suspected schemes.
“The co-existence between cash, crypto, digital currencies and ATMs has already been established,” said ATMIA CEO Mike Lee, in the June release. “But as an industry body, it is incumbent upon us to self-regulate at all times and do everything we can to ensure transactions are safe and legitimate, working with law enforcement to tackle all types of criminal attack.”
Even without the influx of cryptocurrency, more than one-third of the $28 billion in worldwide credit card fraud losses in 2020 was lost by ATM acquirers and merchant acquirers [more than $10 billion].
“Acquirers and payment processing companies have long relied on rules-based technology to prevent merchant fraud,” according to Amyn Dhala, chief product officer at Brighterion, a Mastercard company that focuses on technology and security. “The challenge? Legacy, rules-based systems don’t adapt as quickly as criminals.”
July 14, 2022
Joe UchillJuly 15, 2022
Microsoft detailed new ransomware from a group calling itself H0lyGh0st that likely overlaps with the government-directed DarkSeoul.
SC StaffJuly 14, 2022
The Hacker News reports that new variants of the ChromeLoader info-stealing malware, also known as ChromeBack and Choziosi Loader, have been discovered.
Copyright © 2022 CyberRisk Alliance, LLC All Rights Reserved This material may not be published, broadcast, rewritten or redistributed in any form without prior authorization.
Your use of this website constitutes acceptance of CyberRisk Alliance Privacy Policy and Terms & Conditions.
