Scam of the day – May 11, 2013 – 45 million dollar ATM scam busted – what it means to you

Federal prosecutors in Brooklyn announced two days ago indictments against eight people for a hacking scheme that provided them with 45 million dollars from the accounts of innocent victims accessed through ATMs around the world.  The plot began with the hacking into an Indian credit card processing company that handles prepaid debit cards of Visa and Mastercard.  As I warned you about more than a year ago in my “scam of the day” for March 31, 2012 credit card processing companies are a weak link in the credit card system.  Their security standards have not been strong and they have been exploited by hackers and identity thieves consistently since at least 2008.  In this instance, what was unique, however, was that once the accounts were hacked, the hackers used sophisticated techniques to raise the withdrawal limits on the accounts thereby permitting the hackers to get much greater access to the accounts of the hacked victims.  The data obtained through the hacking was used to make counterfeit ATM cards which were then used in a coordinated effort around the world to drain their victims accounts.  In New York City alone, they were able to steal approximately 2.4 million dollars while in Japan the amount was an even higher approximately 10 million dollars aided by Japanese banking rules which permit withdrawals of as much as $10,000 from a single ATM.  All of this was done in a few hours as the hackers knew the banks would discover the losses quickly.

TIPS

So what does this mean to you.  As I have told you many times before, you are only as safe as the company with the weakest security with which you do business.  In this case, the credit card processing industry remains a lucrative target that has not yet taken the necessary steps to protect the information it holds.  Although you will not be responsible for the loss of funds from your account that was illegally accessed in this manner, it is important to constantly monitor your accounts for breaches of security so that you can remedy the situation as quickly as possible.