The FBI has sent out an alert to banks, warning that cybercrooks are planning an ‘unlimited’ global ATM cash-out operation.
The confidential alert, obtained by Krebs on Security, says that the FBI has “unspecified reporting” about plans for the cash-out, which would see criminals hack a card issuer and use the details to create clones and then withdraw money from ATMs around the world.
Says the alert: “Historic compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cyber security controls, budgets, or third-party vendor vulnerabilities.”
Warning that it “expects the ubiquity of this activity to continue or possibly increase in the near future,” the FBI offers banks a host of tips to combat the crooks.
These include implementing strong password requirements and two-factor authentication using a physical or digital token; application whitelisting to block malware execution; and introducing dual authentication procedures for account balance or withdrawal increases above a set threshold.