Here’s how to protect yourself.
Your money could be at risk.
The FBI warned banks on Friday that hackers are preparing to steal millions of dollars from ATMs in a digital heist that could occur any day now, according to a report by blogger Krebs on Security.
“The FBI has obtained unspecified reporting indicating cyber criminals are planning to conduct a global Automated Teller Machine cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an ‘unlimited operation,’” the confidential warning the FBI shared only with banks on Friday, and obtained by Krebs on Security, supposedly stated.
The report explained that cyber crooks could hack the banks or the card processing systems to clone cards. The hackers could then change account fraud controls, maximum withdrawal limits and even the amount of money in each account. And that would allow the criminals to withdraw large sums of cash from ATMs around the world.
This kind of a cyber heist usually targets small-to-medium size banks, because they are typically less secure compared to larger financial institutions, Kerbs on Security reported.
This is just the latest cyber attack on financial institutions that the U.S. has faced. Earlier this year, hackers programmed ATMs to release cash from some banks in Virginia at preplanned times. Between 2016 and 2017, a series of cyber attacks targeted Virginia’s National Bank of Blacksburg over an eight-month period with crooks phishing through the network’s emails. Hackers made off with $2.4 million from ATMs around the country in two different attacks on the bank. While customers got their money back, the bank did not. Virginia’s National Bank filed a lawsuit in 2017 against its insurance company, Everest National Insurance Company, which is refusing to pay the bank back for the money stolen.
The FBI is urging banks to go over their security procedures, and is suggesting that they implement strong password requirements, and audit and monitor their networks for suspicious activity. “In furtherance of public-private partnerships, the FBI routinely advises private industry of various cyber threat indicators observed during the course of our investigations. This data is provided in order to help systems administrators guard against the actions of persistent cyber criminals,” a spokesperson for the FBI told Moneyish in an email.
While you may not be able to fully protect yourself from an attack like this, experts say that Americans should secure their information by setting up fraud alerts if they don’t have them already.
“We know the FBI doesn’t just say things to say things. There must be good intelligence, and already some events, that are causing concerns,” Joe Caruso, a cybersecurity expert at Computer Forensic Services of New York, told Moneyish. “It’s a good idea to monitor your account, and I would go as far as saying get a new debit card. Set up security alerts when charges are made on your debit or credit cards.”
Caruso also suggests making sure your debit card has a multi-factor authentication (also known as 2FA) set up on your accounts, or a two or more-step method to confirm your identity. For example, when withdrawing money at the ATM, you’ll enter a pin and then get an alert on your cell phone or via email to enter another six-digit access code. And when paying for things online, he recommends using one-time credit card numbers. Many credit card companies offer tools to create unique, virtual numbers linked to your credit card account, but the actual online retailers don’t get access to the account number printed on your actual card.
© 2018 Dow Jones & Company, Inc. All Rights Reserved