Slashdot Mirror
Scammer Plants a Fake ATM At Defcon 17
Groo Wanderer writes "Normally, a well-crafted fake ATM would skim a lot of card information before it was noticed, if it was ever noticed at all. Because it is safer for the criminals and harder to prosecute, financial crimes like this are spreading fast. If you are smart, you don't try to pull one off in the middle of a computer security convention where the attendees are very good at spotting such scams. That said, some not-so-bright criminal tried to plant a fake ATM at Defcon. He now has one less fake ATM and a whole lot of investigators on his tail."
Real ATM's say if they are out of cash before you put your card in.
What if Tetris was invented by Nazis?
Indeed... that is why the ones that you really have to watch for aren't complete fake machines, but little recording devices placed in front of the real machine. You put your card in, enter the code, get your cash... and 5 minutes later some criminal in Eastern Europe runs off a copy of your card and cleans out your account.
A nice example of such a skim job is this one. The page is in Dutch but the pics are interesting... the guy happened to notice the false front was just a tad too clean, and on closer inspection noticed a recording head just behind the card slot. He ripped the thing from the machine and made a few pictures of it before turning it in to the police. The guy might have been observant, but thousands of people already had put their card through the machine without a second glance. I probably would not have noticed this myself either.
These criminals are getting more sophisticated now that people watch for false fronts, and machines are being altered to make it impossible to add them. These days they simple break into stores, open up card readers at the checkout counters, and add devices that record PINs and magnetic strips. One week later they break in again to retrieve their devices... some even use WiFi to read the data remotely from a nearby van, reducing the chances of getting caught.
Thankfully the banks here refund any skimmed funds as a rule.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
FTFA:
They were smart enough to place the machine in one of the few spots in the hotel where there was no security camera to catch them,
---
"I can't complain, but sometimes still do..." Joe Walsh
Actually, the way the laws read in a lot of states, it goes something like this...
I learned this in law enforcement school. I was trained as a first responder. I could stabilize a patient until the paramedics arrived.
While on duty, I am protected by the department regardless of what happens. For example, if a person had a heart attack, and I gave CPR, they may sue for the bruising or cracked rib(s). If I fail to keep them alive, I'm still protected, because I tried to the best of my ability.
When OFF duty, I don't have any such protection, and may lose my ass in court. I was trained to perform those acts, but was not obliged. Pretty much, the lawyer for the victim, who is the person you saved, will tear you up when they say "So where did you go to medical school?" "Did the victim consent to you touching him?" "Being that you work in law enforcement, you thought it would be ok to attack the victim, and leave him with cracked ribs, causing him undue pain and suffering and weeks in the hospital?" As soon as you say "But he was having a heart attack", they'll come back with "But you're not a doctor, who were you to judge this?" You see where that goes. Lawyers are assholes, and some people will grab for money anywhere they can, including from the person who saved their life.
We were told, if you see someone having a heart attack on the street, and you aren't working, call 911. Don't get involved.
So, if someone had a heart attack at a conference of cardiovascular specialists, no, they may not get any treatment, but someone will (hopefully) call 911.
There are good people out there though. An ex-girlfriend was involved in a rather serious car accident. She was in the military, and a base surgeon witnessed it. He stopped, and began treating her to the best of his ability, even though he had no supplies. He called 911, then ensured she didn't move, and started to evaluate her for injuries. Other folks from the base secured the area, and guided traffic away from the scene. The scene was handed off to local law enforcement as they arrived. She was transported by ambulance to a civilian hospital (it happened off-base), where he road along. I was called from the hospital. By the time I got there, she was badly bruised and not terribly happy, but stable. And, no, it was a hit & run. There was a consistent description of the vehicle, but when they saw someone in uniform fall out of the drivers seat onto the ground, the focus was on her, not the other vehicle.
Myself, if I see someone in need, I help whenever possible. When professional help arrives, I'll walk away without giving any information. I care to help. I don't care for fame, fortune, or the lawsuit that may follow.
Serious? Seriousness is well above my pay grade.
It's also something Frank Abagnale did, as noted in his book The Art of the Steal . Link goes to an excerpt from the book, start at the last paragraph on page 118.
Or Ronin, the "Would you take a picture of me and my wife?" scene
If you don't risk failure you don't risk success.