Crooks Hack Music Players For ATM Skimmers

tsu doh nimh sends in a report that criminals increasingly are cannibalizing parts from handheld audio players and cheap spy cams to make extremely stealthy and effective ATM skimmers. These are devices designed to be attached to cash machines to siphon card +PIN data. "The European ATM Security Team (EAST) found that a new type of analogue skimming device — using audio technology — has been reported by five countries, two of them 'major ATM deployers' (defined as having more than 40,000 ATMs)... The basic method for conducting these attacks was mentioned in a 1992 edition of the hacker e-zine Phrack (the edition that explains audio-based skimmers is Phrack 37)."

Re:Been said before

[SirGeek]

You could even combine it with some kind of traditional pin or even biometrics if you want to be all new age, giving you the very trendy "3 factor authentication".

Sorry, One reason this will fail - People are inherently lazy.

If they can't get their swipe and walk away then they'll not be happy...

Granted, I also don't want yet another thing to hang off my keychain, but I'd rather have THAT safety than nothing.

Ballpeen hammer

[spun]

Just carry a ballpeen hammer around with you. Before inserting your card, take a couple of good hard swipes with the hammer. Skimmers aren't mounted solidly, and the rest of the machine is pretty much unbreakable.

Re:Ballpeen hammer

[corbettw]

Sounds great. I'm sure a random police officer who happens to be passing by when you strike the ATM with a hammer will completely agree with your plan.

Re:Ballpeen hammer

[Lumpy]

Dont even need to do that. Pull on the card slot housing, lift on the keypad,etc... , if it comes off, take it.

Dont turn it in, your fingerprints are all over it now. Plus these things go for big $$$ on ebay. $1500 for cheap ones.

Re:Ballpeen hammer

[spun]

Just throw your ballpeen hammer at them.

Re:Been said before

[betterunixthanunix]

But we really need to do something about this whole security thing.

Why would banks care about that? Secure digital cash systems have been around for a very long time, but banks do not like the concept very much, probably because it would mean losing certain revenue streams. Credit card processors and banks sell spending data to marketing firms; secure digital cash generally makes that difficult or impossible, since digital cash allows for anonymous payments. Additionally, digital cash would make it hard for banks to do things like profit from debit card overdraft fees (although with the new regulations, perhaps this is less of a valid argument).

It is not that the technology is not there, it is that it solves the wrong problem.

Re:Been said before

[jelizondo]

I don't know about other countries, but at least in Mexico and the Cayman Islands, devices like the one you describe (RSA SecureID) are commonly used for online bank transactions.

It would seem trivial to extend the use to ATM and POS terminals, it would end this type of scam for good.

The RIAA was *almost* right.

[sehlat]

Home taping is killing ATMs.

Do not take me seriously

[spun]

Insightful? Uh, it was supposed to be a joke. Please don't actually do this. As someone else mentioned, just tug on the thing.