Sydney ATM skimming may spread to other cities :SSO Alert Priority High
29 August 2013
The NSW Police have issued a warning following the discovery of an automatic teller machine (ATM) scam in which over $100,000 has been stolen from bank customers.
A criminal gang is known to have installed card ‘skimming’ devices on at least 15 ATMs around Sydney’s southern suburbs and northern beaches.
The skimming devices were likely designed and built using sophisticated new 3D printing technology to look similar to the existing card slot of the ATMs on which they were installed. The devices read account details from the magnetic stripe of bank customers’ cards as they are inserted.
A small, built-in camera monitors the ATM’s keypad to record the customer’s personal identification number (PIN) as it is keyed in.
Criminals then use the magnetic account information to clone the customer’s card. That clone is used, along with the recorded PIN, to illegally withdraw customer funds.
Anybody using an ATM with such a device fitted is vulnerable to having cash withdrawn from their accounts without their knowledge. Stolen credit card details may also be circulated or sold on the Internet.
Police advised the gang was likely to move to other states after their work in Sydney was complete.
What do I need to know?
Modern skimming devices can be virtually undetectable when installed.
Look for conspicuous edges or slight colour differences that are inconsistent with the design of the card slot.
Many ATMs have been modified by banks to prevent the installation of skimming devices.
Skimming doesn’t only happen at ATMs: be wary if a shop assistant swipes your bank or credit card through a different machine than one you are used to, or asks you to do so. Ask for your card back and consider paying with cash instead.
What do I need to do?
If an ATM looks like it has been tampered with, do not use it.
Cover your hand and the ATM PIN Pad with when entering your PIN. Without the PIN, ATM skimmers are powerless to use your banking details.
Most banks allow you to set daily limits on the amount of money that can be withdrawn through an ATM. To minimise losses in the event of fraud, consider limiting daily withdrawals to just the amount you normally withdraw.
Always monitor your bank and credit card statements regularly to ensure there are no unexpected transactions.
Change your card PIN regularly. This can be done at any branch of the issuing bank.
If you think you have seen a card skimming scam, you should contact the bank, credit union or credit card provider that has been targeted. You should also report it to Crime Stoppers on 1800 333 000.
If you think your card has been skimmed, contact your bank or credit union immediately to report it.
The information provided here is of a general nature. Everyone's circumstances are different. If you require specific advice you should contact your local technical support provider.
Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.
This information has been prepared by Enex TestLab for the Department of Broadband, Communications and the Digital Economy ('the Department'). It was accurate and up to date at the time of publishing.
This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.
The Commonwealth, Enex TestLab, and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.
Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.
Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.