The FBI has obtained unspecified reporting indicating cyber criminals are planning to conduct a global Automated Teller Machine cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an «unlimited operation»
This alert sent to banks on Friday by the FBI and later posted in a blog on the Krebs on Security website, warns of a «highly choreographed» and large-scale global ATM cashout scheme in which criminals fraudulently withdraw millions of dollars from ATMs within just a few hours.
Such attacks have been seen in the past, including a massive attack approximately two years ago that netted $2.4 million in a months-long series of ATM cash-out episodes, the Krebs blog said.
Weekends and federal holidays are favored times for cash-out attacks, in part because financial institutions are closed and the ATM attacks are less likely to be noticed, but also because ATMs are generally stocked at these times.
Attacks usually begin with a phishing attack on a bank or payment processor. Once the criminals obtain access to the organization's internal systems, they can download card data and disable fraud controls, such as ATM withdrawal limits and number of transactions allowed daily. In at least one previous incident, attackers also changed account balances in order to make unlimited withdrawals.
According to the Krebs blog, the FBI alert advised banks to:
Source: ATM Marketplace