The Bank of the West, which operates over 600 branches in the United States, is warning their customers that their card number and PIN have likely been stolen after a review of their ATM’s led them to discover someone installed skimmers on them. The total number of skimmers placed has not been disclosed. The devices interfered with normal debit card transactions and likely allowed the threat actor to create fake banking cards that could be used for cash withdrawals at ATMs or sold on the Darknet.
Typically, in today’s terms, skimming attacks are conducted online in the form of Magecart attacks. These attacks are carried out by threat actors that breach online marketplaces and input malicious code to steal card numbers. However, physical ATM skimming remains a dangerous attack avenue which allows threat actors to steal information the same way. Skimming can affect anyone, and the device can be placed on ATM’s as well as credit card readers at stores. The best way to identify a physical skimmer is to look for any pieces on a card reader that may look to be out of place. Reviewing card statements can also allow victims to identify when they have been targeted. If an individual believes that they were a victim of skimming, the card used should be cancelled immediately and reported to the financial institution.