There's a reason I give a gentle tug on the card readers of ATMs that I use. Especially ones in unfamiliar or busy areas.

This is why I always put skimmers over my skimmer so when the ez skimmer is found my other skimmer is still skimming.

CrossEyedAtNite: This is why I always put skimmers over my skimmer so when the ez skimmer is found my other skimmer is still skimming.

Is this when we start screaming for biometrics cause this is impressively scary.

Where exactly was this scanner?
/Lives in the valley

I mask my keypad entries by holding my hand in front of it, and also pretending to make extra keypresses.

how would you attach or remove this skimmer on an ATM without the camera catching you?

I'm right handed, but I enter my pin (and passwords) with my left to add some extra security, since if someone tries to copy me they'll probably use the wrong hand.

jcpallitto: how would you attach or remove this skimmer on an ATM without the camera catching you?

Wear a hat and keep your head down when you put it on and take it off?

They don't check the footage unless a problem is reported that requires looking at the footage, and the battery generally means they're only attached for a day or two, usually over a weekend when the bank employees won't be around to notice the alteration.

Pop in Friday after closing, attach your skimmer, get it back monday morning before opening. Obscure your face however, and don't drive your car into their lot in case they have cameras to spot your license plate. Even if they catch you on camera, identifying you is difficult.

lordargent: I mask my keypad entries by holding my hand in front of it, and also pretending to make extra keypresses.

Many skimmers have a camera installed in a location that will see the keypad even if you're shielding it. You can't shield every angle with your hand.

Seriously, though, the way to fix this: recess your damn card readers. Don't give the skimmer something to sit over. Mold the recess flush with the ATM, so it is a single piece. Then, any skimmer would be really obvious.

I guess that's why they say never go ATM?

rezin8: jcpallitto: how would you attach or remove this skimmer on an ATM without the camera catching you?

Most ATM's do not activate the internal camera until a card is inserted.

After TheGogmagog's comment, yours sounds dirty.

Ass To Mouth skimmers? Gross!

thecpt: Is this when we start screaming for biometrics cause this is impressively scary.

So people can start skimming your fingerprints?

jcpallitto: how would you attach or remove this skimmer on an ATM without the camera catching you?

Why bother? Just pull the data off it wirelessly and assume losing the $50-100 hardware isn't worth the risk of removing it.

This is why I always beat on card-readers before I use them.

RedPhoenix122: ProfessorOhki: So people can start skimming your fingerprints?

Or cut off your hand.

Hands if we're lucky:

the_sidewinder: Answer: Yes, my bank uses translucent green, LED backlit receptacles that would make this kind of thing rather obvious

/Any others I give a rough tug to first

CIBC for the win. ATM's from the future.

ProfessorOhki:

jcpallitto: how would you attach or remove this skimmer on an ATM without the camera catching you?

Why bother? Just pull the data off it wirelessly and assume losing the $50-100 hardware isn't worth the risk of removing it.

1 you still have to put it on

2 as has been mentioned your leaving evidence that could be traced, especially if your buying the components in bulk because you don't reuse them.

3 Monday morning the ATM refill crew discovers the skimmer and the bank puts a watch on all those cards from the time the guy in the hat and sunglasses showed up on the camera. If the skimmer is gone then you have alot longer before they put together the source of the identity theft.

thecpt: Is this when we start screaming for biometrics cause this is impressively scary.

What, exact, biometrics would you like to see used? And before you say "finger print" remember, that can be defeated by someone with a gummi sweet. The system also has to survive exposure to all weathers and work, without problem, 99% of the time and it's that which makes it difficult & expensive to implement.

Pretty much any ATM machine I use gets a good solid yank before I stick my card in...after that, they better have a camera mounted in my hand, because you aren't seeing my PIN unless you do. I don't just shield it from their view, I shield it from my own damn view. I go by feel beeyotch.

/credit cards for gas pumps, easier to dispute charges than with debit
//for cash withdrawals, hit a grocery store, buy you a snapple, get money back. safer than outdoor ATMs or those cruddy ones in gas stations.

Vaneshi: thecpt: Is this when we start screaming for biometrics cause this is impressively scary.

What, exact, biometrics would you like to see used? And before you say "finger print" remember, that can be defeated by someone with a gummi sweet. The system also has to survive exposure to all weathers and work, without problem, 99% of the time and it's that which makes it difficult & expensive to implement.

I"m thinking scrotal scanning.

the_sidewinder: Answer: Yes, my bank uses translucent green, LED backlit receptacles that would make this kind of thing rather obvious

/Any others I give a rough tug to first



From:

Link

thecpt: Is this when we start screaming for biometrics cause this is impressively scary.

Why biometrics, why not just something like RSA SecurID tokens where your pin is only valid for very small period of time.

Digitalstrange: ProfessorOhki:

jcpallitto: how would you attach or remove this skimmer on an ATM without the camera catching you?

Why bother? Just pull the data off it wirelessly and assume losing the $50-100 hardware isn't worth the risk of removing it.

1 you still have to put it on

2 as has been mentioned your leaving evidence that could be traced, especially if your buying the components in bulk because you don't reuse them.

3 Monday morning the ATM refill crew discovers the skimmer and the bank puts a watch on all those cards from the time the guy in the hat and sunglasses showed up on the camera. If the skimmer is gone then you have alot longer before they put together the source of the identity theft.

All true, which is why you get people doing the scam like putting a generic looking ATM in the middle of a strip mall or public area. *Swipe card, Enter PIN, Oh, an error? Cancel and leave* Plugged in, battery's not an issue and again, you wouldn't even need to approach it to pull the data off. It's downright scary how easy stuff like that would be to do and how little thought people give it.

ihatedumbpeople: Vaneshi: thecpt: Is this when we start screaming for biometrics cause this is impressively scary.

What, exact, biometrics would you like to see used? And before you say "finger print" remember, that can be defeated by someone with a gummi sweet. The system also has to survive exposure to all weathers and work, without problem, 99% of the time and it's that which makes it difficult & expensive to implement.

I"m thinking scrotal scanning.

Facial recognition is about the only one I can see being immediately plausible. The guy at the ATM holding up a paper face is going to at least draw suspicion.

i'm confused...so i go to ATM, put my card in a fake skimmer, but how does the skimmer communicate w/ the machine *which im assuming it doesn't*? so i put card into fake slot, the screen doesn't change so why would I start entering my pin?

FaceRape: i'm confused...so i go to ATM, put my card in a fake skimmer, but how does the skimmer communicate w/ the machine *which im assuming it doesn't*? so i put card into fake slot, the screen doesn't change so why would I start entering my pin?

Card goes through the skimmer into the machine.

FaceRape: i'm confused...so i go to ATM, put my card in a fake skimmer, but how does the skimmer communicate w/ the machine *which im assuming it doesn't*? so i put card into fake slot, the screen doesn't change so why would I start entering my pin?

The one in the article only extends the fake slot only few mm beyond the slot. Your card would still feed into the machine normally, but it would have to go in a tiny bit further than normal for the ATM to grab it.

FaceRape: i'm confused...so i go to ATM, put my card in a fake skimmer, but how does the skimmer communicate w/ the machine *which im assuming it doesn't*? so i put card into fake slot, the screen doesn't change so why would I start entering my pin?

It reads your card as you are putting it in the machine. To the ATM, your card still swipes.

ihatedumbpeople: Pretty much any ATM machine I use gets a good solid yank before I stick my card in...after that, they better have a camera mounted in my hand, because you aren't seeing my PIN unless you do. I don't just shield it from their view, I shield it from my own damn view. I go by feel beeyotch.

/credit cards for gas pumps, easier to dispute charges than with debit
//for cash withdrawals, hit a grocery store, buy you a snapple, get money back. safer than outdoor ATMs or those cruddy ones in gas stations.

Yeah it is. My wife had a couple $1 charges from gas stations in NY, we're in GA. she called the bank and let them know, they canceled the card and told her they'd take care of any overage charges and what not. First 2 hit for 125, 3rd one hasn't yet, but am sure it's the same. She use to use her card like a debt card at the gas station, I told her not to and thankfully she listened.

There's a SunTrust ATM in my neighborhood that's in a little alcove that used to be part of the bank's storefront. The bank moved and they left the ATM. Every couple of months an unsuspecting person uses that ATM and sends out a notice to the neighborhood listserv that the ATM has a skimmer. I wish I had a picture. You have to be a complete moron if you use this ATM as it's screams of being a prime target for skimmers.

This is why I only barter for goods and services.

There's a reason I roundhouse kick the card readers of ATMs that I use. Especially ones in unfamiliar or busy areas.

PIP_the_TROLL: The skimmer sits over the actual card slot, intercepting it. For an unusual but illustrative visual, press two fingers over your lips in parallel. You can still slip something into your mouth but it's got to pass between the fingers first.

FAP FAP FAP FAP FAP FAP FAP FAAAAAAAAAAAAAAAAAAAAAP

That's why I refuse to use fiat currency and only trade using gold and silver pieces.

the_sidewinder: tacos813: the_sidewinder: Answer: Yes, my bank uses translucent green, LED backlit receptacles that would make this kind of thing rather obvious

/Any others I give a rough tug to first

[krebsonsecurity.com image 569x772]

From:

Link

Not sure that is a good counter example, as half the bank's logo is obscured

Just pointing out that they are skimming the back-lit-reader equipped ATMs.

I still would not consider this a "rather obvious" skimming device.

That's pretty slick, especially if you only need a chip and the battery. As the article points out, the only way to tell if the ATM has a damn skimmer or not is to bust it open and check the hardware. The Worst Part of all this is that you can do it on bank ATM's. It's only natural to avoid the gas station ATM's for any reason to begin with. With the example they had there, there's no way I could've been able to tell by sight alone that the ATM was rigged. That's so lame.

PlatinumDragon: That's why I refuse to use fiat currency and only trade using gold and silver pieces.

Electrum or nothing!

There's a local gas station that's notorious for having skimmers in the pumps so I'm really getting a kick out of this thread. It's become a running joke with the few people in the community who pay attention. A couple times a year, there's a story about the same station but the news anchors never seem to realize how many times they've gone to the same location to report the same story. "Say, John, weren't you just at that same station in October?" "You're right, Bill. Come to think of it, Mary was out here in June." I don't know why they haven't had their CC processing cut off.

PlatinumDragon: That's why I refuse to use fiat currency and only trade using gold and silver pieces.

Apparently you haven't head of gold plated tungsten.

germ78: There's a reason I give a gentle tug on the card readers of ATMs that I use. Especially ones in unfamiliar or busy areas.

I will start doing that.

Here Comes Everybody: PlatinumDragon: That's why I refuse to use fiat currency and only trade using gold and silver pieces.

Electrum or nothing!

Unless those darn Cybertronians are using it for armor-plating again!