The FBI has issued a private industry notification noting that cyber criminals were planning to conduct a global ATM cash-out scheme in the coming days, likely associated with an unknown card issuer breach. Commonly referred to as an “unlimited operation,” these schemes involve the compromise of a financial institution or payment card processor with malware, with the intent to access bank customer card information and exploit network access for a large-scale theft of ATM funds.
To successfully complete this scheme, criminals need unauthorized access to unencrypted bank card data and the expertise to manipulate the security and anti-fraud protocols pertaining to account balances, withdrawal limits, and bank/card/ATM-specific security measures. The criminals typically create counterfeit cards by imprinting the stolen data on reusable magnetic stripe cards, such as gift cards, and act during low-visibility times when they have uninterrupted access to the ATM when they can withdraw funds.
Please be assured that our processor “Worldpay,” takes security alerts seriously, constantly reviews items within their control, and ensures a heightened state of awareness with their internal teams. We encourage you to review the following list of recommended actions as we work to help you provide a safe environment for your cardholders and ATMs:
- Make sure that the TLS (Transport Layer Security) version of the ATM is V1.2.
- Your ATM must be fully complied with EMV protocols.
- Install Camera facing the ATM.
- Observe cardholders using the ATM Silently and report if you notice any suspicious activity
(For example; cardholder attempting to perform multiple cash withdrawal transactions on the ATM).
- Keep an eye on notices from ATM Link and take action right away (if needed).
- Respond to chargeback notifications from Worldpay right away.
Please call our office at 1-877-937-9286, if you have any questions or concerns regarding this matter.