Skimming is one of the techniques used by cybercriminals to defraud legitimate banking customers. Usually, cybercriminals install skimming devices on card slot to extract card information. They record personal identification numbers (PIN) of individuals through hidden pin-hole cameras, and inserting cameras in smoke detectors, or ceilings above an ATM. Cybercriminals may also place fake typing pad on the original keypad of the ATM to log key strokes of customers. Attackers may misuse the extracted information to make counterfeit cards and withdraw funds from customer bank accounts.
A recent report on payment card crime by Bundeskriminalamt (BKB), the German Federal Criminal Police Office reveals an increase of over 55% in manipulation of Automated Teller Machines (ATMs) in 2010 compared to that in 2009. Cybercriminals manipulated over 3180 ATMs in 2010. The crime resulted in loss of around 60 million euros. The report reveals that on an average, attackers were successful in extracting debit card details of around 60 customers in one skimming attack, affecting around 190,000 German customers in 2010. According to BKB, offenders usually send collected information to countries such as Romania and Bulgaria. ATMs placed near pedestrian zones and stations are the popular targets for cybercriminals. New ATM cards in Germany now also have electronic chips, making difficult for fraudsters to steal money through duplicate cards. In the current year, Germany counter crime agencies have witnessed a new trend, wherein cybercriminals are targeting ticket vending machines at stations.
Banks suffer huge losses due to skimming scams as they have to reimburse affected customers, replace old and tampered machines with new ones, and introduce more secured payment cards. Banking organizations must conduct regular in-depth evaluation of the IT infrastructure. Professionals qualified in technology and IT degree programs may help in timely identification of security flaws and remedial measures. Banks must guide customers on likely threats, and precautions to follow while swiping cards at ATM machines, and Point of Sale (POS) terminals at retail centers and gas stations. Banks may also create awareness among customers through security alerts on mobile phones, and advertisements in print and electronic media. Customers must withdraw from only those ATMs, which are located at secure locations. They must be cautious, while typing the PIN numbers to avoid detection by cameras, and shoulder surfing.
Banks must train employees on latest security threats, manipulation detection techniques and information security practices through training sessions and workshops. Mandatory e-learning and online IT degree programs may also create IT security awareness among employees.
Counter crime agencies may encourage employees to take advantage of online IT courses to abreast themselves of latest electronic frauds and detection mechanisms to reduce instances of cybercrime.
Contact Press
EC-Council
Website: http://www.eccuni.us
Email: [email protected]
Tel: 505-341-3228
EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.
EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.
EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.
