Banks warned of global ATM cash-out campaign

The United States Federal Bureau of Investigation has warned banks that they are at risk of a orchestrated global fraud campaign to withdraw millions of dollars in cash from automated teller machines.

A confidential FBI alert sighted by security journalist Brian Krebs was sent out to banks over the weekend Australian time.

The alert said the FBI had obtained unspecified reporting indicating cyber criminals are planning to conduct what the agency calls an ATM cash-out scheme, using cloned cards, over the coming days.

A breach at an unknown issuer is the likely source of the information used to clone ATM cards, the FBI said.

Cyber criminals hack their way into financial institutions, or compromise them with malware delivered through phishing emails, to access bank customer information and to obtain network access for large scale ATM heists.

According to the FBI, the fraudulent copies of legitimate cards are created through recording the customer data criminals on plastic with reusable magnetic strips - such as gift cards from retailers.

This would limit the attack to magnetic cards only. Cards that use so-called EMV chips for security are harder to clone.

ATM cash-out operations usually take place over weekends after banks and financial institutions are closed.

Prior to the ATM cash-outs, criminals coordinate the attacks with removing fraud controls at compromised banks.

This entails altering account balances and removing security measures to allow for an unlimited amount of money to be available for the coordinated withdrawals. 

The FBI urged banks to improve security and implement strong passwords, two-factor authentication with secondary physical devices for administrators and business critical staff, along with monitoring their IT systems for unusual activity and network traffic.