Info Advantage Blog

As we see ourselves rolling comfortably through what is often referred to as the “Dog Days of Summer”, we are able take a quick moment and reflect before the fall and winter inevitably arrive.

The year 2020 has been incredibly rough for all of humanity all across the planet Earth. Uncertainties within the health care industry, finances and throughout the workforce, most people have just not been able to catch a break.

If we told you that automated teller machines, or ATMs, were susceptible to hacking attacks, would you believe us? You should; there are a plethora of ways for hackers to infiltrate and steal money from ATMs, with the latest being so dangerous that even the Secret Service has issued warnings about it.

ATMs in Connecticut and Pennsylvania have recently become complicit in identity theft schemes issued by hackers. The machines themselves have been found to be equipped with periscope skimmer devices attached inside, particularly in machines which have openable lids that provide easy access to their inner workings. The device is installed so that it can probe the magnetic strip on the card as the machine reads it. Users might only need to withdraw $20, but they have so much more to lose.

It’s estimated that the device’s battery can last for up to 14 days per charge and that it has enough storage capacity to steal 32,000 card numbers. The one good thing about this device is that it doesn’t seem to collect PIN numbers. Instead, this scam may be part of a preparation for a real heist.

There may not be a PIN collection device on this version of the skimmers, but it’s still a good habit to cover the PIN pad with your free hand while you plug in your code. You never know who could be watching. Scammers are crafty and may have hidden cameras on the device to steal information, or they have hacked into the native camera remotely to spy on you while you input your credentials. Even if you don’t suspect that you’re being watched, it’s always better to err on the side of caution.

What’s worse is that those chip cards that your bank replaced your old cards with probably won’t be of much use, as most ATMs still need magnetic strips in order to accept and process the card as legitimate.

These skimmers can’t usually be identified by sight, as they’re often installed internally to avoid the prying eyes of cautious users. The most practical advice for avoiding ATM scams is to consider the thought process of a criminal who may try to exploit one of these machines. Consider its location--if the ATM is surrounded by people at all times, like those that are found in supermarkets or public places, chances are that it won’t become a target. Now, if it were located in a secluded rural gas station tucked away in the back hallway, it’s more likely that someone would tamper with it. Consider if it’s top-accessible, allowing cybercriminals access to its innards. These are all variables that you should be on the lookout for.

Therefore, it’s recommended that you use only ATMs that are placed in high-traffic areas where there are plenty of witnesses who might notice if someone tampered with the machine. It’s also important to avoid ATMs that are easily accessible; rather, just use one which is embedded into the wall, like the one in your bank’s drive-thru. These are great for multiple reasons: 1) They’re well-lit, 2) They are high-surveillance zones, and 3) Hackers have a hard time getting into them.

If you’re dealing with your business’s finances, it’s probably best that you handle your financial services through the tellers that aren’t automated. Another option is to go about your business online, shielded by the safeguards that Info Advantage can prepare for your organization. To learn more about our cybersecurity services, reach out to us at (585) 254-8710.

These days there are thousands of different cyber scams looking to steal money or information from unsuspecting internet users. While many of these attacks can be stopped with a strengthened and secure connection, there is another type of attack that relies more on tricking the users, rather than their network or personal device. These are known as social engineers, and they rely on exploiting the human psychology in order to obtain what they want. Here are three types of social engineering scams that you’ll want to be able to recognize.

Phishing

One of the most common types of hacking scams used today, phishing scams try to trick internet users to give up their personal information by posing as a reputable source. These often come up in the form of an email from a site that is easily recognizable, such as Facebook or Amazon. Typically, these emails state that there is a problem with a person’s account, and prompt them to fill out their personal information in order to resolve it. That’s why you should always double check the URL to make sure it is a verified site. Remember, a site will NEVER ask for your log in credentials through an email.

Pretexting

Pretexting is similar to phishing in that the hacker attempts to coerce information from a user by pretending to be someone they’re not. The main difference between the two types of scams is that where a phishing attack is meant to induce fear, a pretexting attack will instead attempt to create a false trust with the user. Hackers achieve this by posing as someone the user would trust, such as a government official or the police. They then ask for their personal information, often citing that they need to verify the user’s identity.

Quid Pro Quo

Hackers will often use what is known as a ‘quid pro quo’ attack where they promise a user some kind of good or service in exchange for their information. This is often presented as some sort of prize for a contest, and promises that you will receive the reward for free, as long as you provide them with a bit of personal information. For example, a hacker could promise free IT assistance to individual users and ask for them to give them their credentials in order to claim the service. They would then be able to steal valuable data or even download harmful malware directly onto their computers.

Even if you’re careful with your network, a professional hacker will stop at nothing to try and find a vulnerability they can exploit. Call Info Advantage at (585) 254-8710 today to learn more ways you can keep hackers at bay.