Just to add to this, the way that they got your card was by using a skimmer. A
skimmer fits in the card slot or over the card slot and reads your card on the
way in and copies down the information. The bad guys either retrieve the
skimmer later or there’s a mechanism to send the data over the network to a
collection point.
How they got your pin is probably with a camera focused on the keypad.
Along with changing your pin which is a great suggestion also cover the entry
pad with your hand so someone can’t either personally observe or film your pin
entry. Enter with your right hand for example and cover with your left.
Another way around this problem is some ATMs are starting to use your
phone as a verification source instead of your card. Bank of America for
example can authenticate you by you holding up your phone and using an Apple
Pay like method. I believe it is Apple Pay under the hood. The advantage here
is you get a one time use session so even if a bad guy intercepts your
communications everything is encrypted and used only once per transaction so
it’s not usable in the future to access your account.
In the future banks and private ATMs will use your face for example to
authenticate A camera will film your face and by facial recognition know it’s
you. Another method coming down the pipe is a chip imbedded in your hand or
somewhere on your person. Kaspurski labs is testing a system where a small
chip about the size of a grain of rice is implanted in your hand. This chip
contains a system where a reader can ping the chip and verify it’s you. You
could unlock your door for example, authenticate with your bank, or log on to
your network by hold out your hand and being scanned. Mark’s experience
illustrates why this is such a problem. Be careful out there and glad
everything was resolved quickly Mark.
> On Nov 24, 2016, at 12:55 AM, M. Taylor <mk...@ucla.edu> wrote:
>
> Hello Everyone,
>
> I've been meaning to post about a recent event, that happened to me, for a
> few days now, but am having a difficult time shaking this flu.
>
> By the way, I am cross posting this.
>
> Anyway, about 10 days or so ago, I had a bit of an emergency in which I
> needed some cash. As it turned out, I was not near any of my local bank
> branches. Since time was absolutely of the essence, I decided to withdraw
> some money from the nearest 7-Eleven convenient store ATM.
>
> As an aside, I had not used my debit card, in a foreign ATM, in over eight
> years. This, in no way, was intentional; just a curious happenstance.
>
> Regardless, on this particular day, I withdrew the money necessary to
> address the emergency at hand incurring a sir charge of $2.95.
>
> Two days later at approximately 7:30pm, I received a notification, via my
> iOS banking app, that a ATM debit card withdrawal of $402.95 had just
> occurred.
>
> Upon receiving this notification, I, via my banking app, immediately
> cancelled my debit card and ordered a new card with a new PIN.
>
> Given that (1) I had never had an unauthorized debit card transaction occur
> before, (2) I had recently, for the first time in 8 years, used a foreign
> ATM, and (3) the amount included a sir charge of $2.95, it didn't take long
> to determine from where the thieves acquired my debit card information.
>
> Upon subsequent investigation by officials, it was discovered that this
> particular ATM had, in fact, been compromised. Just so you know, the stolen
> money was credited back to my account.
>
> It should be noted, however, that the ATM from which the theft occurred was
> not the same ATM from which my information was obtained.
>
> My point, however, is that but for the fact that I was immediately notified
> that a transaction had taken place, the thieves most likely would have
> absconded with even more money from my account and, ultimately, the bank.
>
> So, I fervently urge all of you to enable either app push notifications
> and/or SMS transaction alerts for all of your financial accounts.
>
> In closing, here are some interesting facts I learned from those who
> investigated my case:
>
> First, over 90% of debit card cash withdraw thefts, in the United States,
> take place at ATMs located in either convenient stores or gas stations,
> primarily because they are privately owned and not subjected to the same
> daily physical security scrutiny as those located in actual financial
> institutions.
>
> Second, when one has to use a foreign ATM, it is much safer to use an ATM
> located in an actual bank / credit union branch. This is to say, if you are
> a Chase customer, for example, and you need cash, it would be much safer to
> use a Bank of America ATM than any stand-alone private ATM.
>
> Third, if one must absolutely use a private, stand-alone ATM, one should
> immediately change the PIN associated with that debit card upon completion
> of the transaction.
>
> I hope you find this information useful and that you never experience any
> unauthorized charges on any of your accounts.
>
> Sincerely,
>
> Mark
>
> --
> The following information is important for all members of the Mac Visionaries
> list.
>
> If you have any questions or concerns about the running of this list, or if
> you feel that a member's post is inappropriate, please contact the owners or
> moderators directly rather than posting on the list itself.
>
> Your Mac Visionaries list moderator is Mark Taylor. You can reach mark at:
> macvisionaries+modera...@googlegroups.com and your owner is Cara Quinn - you
> can reach Cara at caraqu...@caraquinn.com
>
> The archives for this list can be searched at:
> http://www.mail-archive.com/macvisionaries@googlegroups.com/
> ---
> You received this message because you are subscribed to the Google Groups
> "MacVisionaries" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to macvisionaries+unsubscr...@googlegroups.com.
> To post to this group, send email to macvisionaries@googlegroups.com.
> Visit this group at https://groups.google.com/group/macvisionaries.
> For more options, visit https://groups.google.com/d/optout.
--
The following information is important for all members of the Mac Visionaries
list.
If you have any questions or concerns about the running of this list, or if you
feel that a member's post is inappropriate, please contact the owners or
moderators directly rather than posting on the list itself.
Your Mac Visionaries list moderator is Mark Taylor. You can reach mark at:
macvisionaries+modera...@googlegroups.com and your owner is Cara Quinn - you
can reach Cara at caraqu...@caraquinn.com
The archives for this list can be searched at:
http://www.mail-archive.com/macvisionaries@googlegroups.com/
---
You received this message because you are subscribed to the Google Groups
"MacVisionaries" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to macvisionaries+unsubscr...@googlegroups.com.
To post to this group, send email to macvisionaries@googlegroups.com.
Visit this group at https://groups.google.com/group/macvisionaries.
For more options, visit https://groups.google.com/d/optout.
