Home / / UAE bank card details stolen from hacked ATM

UAE bank card details stolen from hacked ATM

Cash machine 'skimming' fraud steals user's bank details over seven day period

Thieves operating in the UAE have compromised an ATM machine and stolen bank card details over a seven day period, according to a statement from the Central Bank of the UAE.

The gang is understood to have installed a card reader inside the ATM to read card data, along with a video camera to record PIN numbers. The Central Bank statement warns that the thieves were able to "copy data of all the cards used in the said ATM during the period 19-25 February 2008".

The location and owner bank of the ATM was not disclosed.

The Central Bank has contacted the banks of card users who were affected, with instructions to block usage of affected cards and to replace them or PINs, as well as to check ATM machines for sign of tampering.

Skimming attacks normally involve the placement of a fake card reader over or inside the regular card reader in an ATM, which reads and records the data from the card's magnetic strip, while either a hidden camera or a nearby observer (a so-called ‘shoulder surfer') steals the PIN. The stolen details can then be used to create fake cards or make purchases online, or the data may be sold on to other gangs of fraudsters.

Skimming fraud has been seen in most regions of the world, and banks usually take measures to protect machines, such as installing plastic guards to prevent the installation of illicit card readers, camera monitoring of ATMs and regular inspections of machines.

Jonathan Campbell-James, head of Regional Security and Fraud Risk, HSBC Bank Middle East, said that HSBC ATM machines were not been affected by this latest spate of skimming incidents, as the bank has taken steps to protect its machines.

"HSBC Group has invested heavily by installing devices in its ATMs that prevent this type of activity. All of our ATMs in the UAE are covered by these devices, meaning that ‘card skimming' on our machines is highly unlikely," Campbell-James said.

"Nevertheless, if customers notice anything unusual about a machine which might represent a card reader added to the card slot or a micro camera, we ask that they contact the bank immediately so that appropriate action can be taken," he added.

RAKBank also reported that its ATMs had not been targeted by the fraudsters, as they have also invested in anti-tampering devices, 24-hour camera surveillance and regular inspection.

Masood Khan, Manager of E-channels at RAKBANK, said that the bank did ask customers to remain vigilant however, and to report any signs of tampering. He also advised that they take when using a machine to avoid anyone stealing their card or PIN.

"Customers also need to beware of strangers hovering in and around ATM lobbies or at off-site ATM's and refuse to take any assistance from them. Moreover customers need to take precautions to protect their PIN numbers at all times, ensuring others do not see them key the numbers in," he warned.

Most skimming attempts now either target high usage ATMs for a very short period of time, to steal the maximum number of card details in a short time, or machines in out-of-the-way locations where the reader will not be detected as quickly.

It is unknown if the thieves have been caught or what they have done with the stolen card data.

Follow us to get the most comprehensive IT business news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.