ATM skimmers: now with SMS notification built right in
by Darren Murph 
posted Oct 10th 2008 at 3:35AM
Aw, how convenient! Now, when you purchase your next ATM skimmer, you don't even have to risk being arrested when you wander out to retrieve it. For those outside of the know, an ATM skimmer sits on credit / debit card machines and swipes information as unsuspecting civilians pass their cards through. In the days of old, scammers would have to physically retrieve the skimmer in order to acquire all that precious information; now, models with built-in SMS notification are becoming available, meaning that numbers, expiration dates and that easy-to-forget three digit code on the back can be shot out instantly after the data is snatched. Word on the street has these devices going for $8,500 a pop, and they can dish out around 2,000 texts. Just another zany hack to be aware of in the wide world of ATM shenanigans.[Via Hack-A-Day]
Filed under: Misc. Gadgets
Reader Comments (Page 1 of 1)
Frank @ Oct 10th 2008 3:47AM
Skimming: every ATM should show a picture of the unmodified/original credit card entrance slit on the ATM's screen. I understand this will result in costs for all banks involved but not doing anything at all may even be more costly. Currently every ATM has a different entrance slit to put your card in. We consumers can't possible judge if this slit is the original one or a fake. Banks: ACTION!
Barry @ Oct 10th 2008 4:28AM
Yeah, that makes sense. The image could just be a jpeg that's displayed before you enter your card. All they need to do is send out an employee with a digital camera! And it wouldn't take too long either....ATMs are rare where I come from.
dzhiurgis @ Oct 10th 2008 4:22AM
Wouldn't it be easier to have sensors on ATM, to see if something 'not authorized' is attached?
And it's queit easy to track someone by phone number, there is number of services doing that, here, in Europe.
athousandleaves @ Oct 10th 2008 11:30AM
They should just put frequency disruptors in all ATM's and squander these jerks 8.5G's
Zach @ Oct 10th 2008 3:51AM
Can they trace who the messages are being delivered to?
Marvaloha @ Oct 10th 2008 3:58AM
I don't know, but I hope so. I think they'll be sending messages to an pre-paid cellphone...
Benson @ Oct 10th 2008 4:03AM
For dumb crooks, yes. For smart ones, maybe, but definitely not in time.
J @ Oct 10th 2008 6:01AM
I imagine any smart criminal would get a disposable cell phone or use a number other than their personal phone.
Pip @ Oct 10th 2008 12:21PM
Disposable phone wouldn't help in this case. The authorities could leave the skimmer live, keep swiping cards until they got a trace on the person and arrested him via GPS location. Unless the criminal disposed of his phone after a few texts, they could catch him. Considering the cost of these things, which will probably be bought with stolen money to begin with, it wont be much of a pay off.
Mark @ Oct 10th 2008 5:12PM
@Pip
Right, because these criminals are going to be so DUMB as to use a cell phone with GPS on it to receive their SMS messages.
Lee @ Oct 29th 2008 8:56AM
"A crook dumb enough to have a GPS phone".... Pip don't be so dumb - the phone is a radio transmitter (of a type). the signal from the various cell masts around a cell phone can be used to triangulate (work out) where the phone is located physically and as such where the perp is most likely to be. It's not inch accurate, but it's good enough to narrow down a location fro which to conduct a search.
hipauliee @ Oct 10th 2008 4:05AM
WOW! The new and improved "fuck you over in a economic crisis" device.
I can't wait to get swindled by one of these bad boys.
dervheid @ Oct 10th 2008 4:53AM
Oh, great.
The only answer is to restrict yourself to using a few ATMs that you can become familiar with the layout of, and STAY ALERT!
Have to say, Frank's point is a good one.
Information Central @ Oct 10th 2008 6:08AM
"expiration dates and that easy-to-forget three digit code on the back can be shot out instantly after the data is snatched"
Because this thing optically scans the front and back of the card and does OCR?
Um, no.
cr1t @ Oct 10th 2008 7:46AM
I belive all that information is containted on the magnetic strip so all this device does is read that strip.
Information Central @ Oct 11th 2008 2:17PM
Nope. The point of the security digits on the back (CVV2 or CVC2) is that they AREN'T encoded in the magnetic strip.
http://en.wikipedia.org/wiki/Card_Security_Code
KilgoreTrout @ Oct 10th 2008 6:18AM
Oh no!!!
Here goes my primary source of income.
Russ @ Oct 10th 2008 7:07AM
would be cool if they could email the details via wifi too..
Alexander @ Oct 10th 2008 8:50AM
"Just another zany hack to be aware of in the wide world of ATM shenanigans."
Which is why I never take cash out of the ATM. Ever. Always walk into the bank. Everywhere takes cards anyway, which is a lot more secure. I know they aren't perfect (bars are the worst offender) but they are a lot better than the random ATM plunked down at the s'leven in the middle of nowhere.
Xenoterranos @ Oct 10th 2008 10:26AM
Just to add to this, most grocery stores will do cash-back if you pay with a debit card. It may incur a fee, but it's definitely safer than the aforementioned seven eleven at 10pm.
tealfixie @ Oct 10th 2008 9:11AM
you guys dont get in trouble for posting this kinda stuff?
iamsoinsane @ Oct 10th 2008 9:21AM
Why would they get in trouble for warning others of the dangers of this new tech?
dur.
Xenoterranos @ Oct 10th 2008 10:21AM
Do a couple more wax on/offs next time before you post. It'll help with clarity of thought.
On topic: On the plus side, those of us savvy enough to recognize them (and unlucky enough to encounter them) will be able to steal them and sell them on the black market for profits!
(I'd probably just mod it to SMS me every time my cat door opened or something.)
Edmund @ Oct 10th 2008 12:22PM
@Xenoterranos
I wish. There was this case here in Ireland about someone who took one. Guess what happened? The people who put in their in the first place murdered the person who took it.
Ed.
Jamie @ Oct 10th 2008 10:47AM
Just wanted to say "Thanks Engadget!", this is the kind of useful tech news for which I started reading this website. I could care less about diamond-encrusted whatevers and would personally prefer this kind of useful info.
Tony @ Oct 10th 2008 10:53AM
Well, damn! Just when you've entered an illegally obtained credit card number to purchase the latest and greatest technology (for illegally obtaining credit card numbers) the innovation machine spits out a smaller and faster version with more bells and whistles! I am tired of always being behind the technology curve as soon as I plunk down my hard earned, illegally obtained credit. I'm waiting until this has a touch screen and 4000 sms upgrades.
Mike C @ Oct 10th 2008 11:56AM
So what you're saying is I should try and pull on every ATM slot before I put my card in?
TIB @ Oct 10th 2008 11:59AM
Eliminating plastic may solve this pretty easily. Use biometric scanning, which may include a combination of facial, retina, hand print, voice, or infrared blood-vessel imaging. Probably more... Just pick the combo that gives maximum security with minimal cost/hassle, like hand and IR imaging. Why carry around your ID on a chunk of plastic when your body is your ID?
Sebastian @ Oct 10th 2008 12:04PM
Ok, here is the part that I don't get: An anti skimming module (basically a jammer, that emits a high power electric field around the ATM and effectively prevents skimming) costs about $2000. Why is that not built into every ATM yet?
The only answer can be: it is cheaper blaming the customers and the banks don't feel the pain yet.
Erik Rogers @ Oct 10th 2008 3:16PM
Or the fact that a device as 'necssary' and 'commonplace' as an credit card reader with aforementioned jammer might not only interfere with other devices, but also ones that may critical such as say.. PACEMAKERS?
The point is that it would be difficult to justify a jamming device through the FCC for commercial use, and after you did it could have adverse effects on nearby equipment.
lexi the star @ Oct 21st 2008 11:45PM
how are the criminals even obtaining these devices