Advertise here with Carbon Ads

This site is made possible by member support. ❤️

Big thanks to Arcustech for hosting the site and offering amazing tech support.

When you buy through links on kottke.org, I may earn an affiliate commission. Thanks for supporting the site!

kottke.org. home of fine hypertext products since 1998.

🍔  💀  📸  😭  🕳️  🤠  🎬  🥔

Parasitic Fake ATMs

This is a few years old, but is it ever clever: some thieves in Brazil put an entire fake ATM interface (screen, card reader, keypad) over the real ATM to skim card numbers and PINs.

Krebs on Security wrote up a report on the scheme:

Interestingly, much like grammatical and spelling errors that often give away phishing emails and Web sites, the thieves who assembled the video for the screen for the fake ATM used in the April robbery appear have made a grammatical goof in spelling “país,” the Portuguese word for “country”; apparently, they left off the acute accent.

Most skimming attacks (including the two mentioned here) take place over the weekend hours. Skimmer scammers like to place their devices at a time when they know the bank will be closed for an extended period, and when foot traffic to the machine will be at its highest.

This is like when the T-1000 in Termintor 2 can impersonate any person that it touches, except with cash machines. (I would read a book entirely composed of clever thieves’ inventions and techniques. I assume this already exists?)