Solve : ATM fraud. So easy, a child could ndo it.?

1.	Solve : ATM fraud. So easy, a child could ndo it.?
Answer» It's not hard to rob a ATM . Here, there, everywhere. Suspect in attempted ATM robbery turns himself in to police Another. Gardaí appeal for witnesses to Sligo ATM robbery More: (Video) Another ATM stolen from a local convenience store I see nothing whatsoever in the links you posted that removing an ATM in easy. Indeed, it's very, very difficult, as indicated by the extreme measures used an the attempted robberies covered the news sources you posted. And, by the way, your title is just ridiculous; in no way does it indicate the theft covered in the sources you posted. They show attempts to steal money by physically removing the ATM. This is quite different from fraud, which would involve trickery rather than physical destruction to steal cash from an ATM. On that note i seriously doubt a child could do it.... Sometimes Geek's posts are more sensationalised than his sources.... Quote from: patio on February 01, 2014, 10:03:30 AM On that note i seriously doubt a child could do it.... Sometimes Geek's posts are more sensationalised than his sources.... Hey, I have to get your attention. However, if I did report the stories showing children doing it, that would just encourage more children to do it. The fraud in the crimes was the ATM vendors telling the store owners that nobody could heist a ATM box bolted to a wall. In cone case the thugs used a stolen vehicle to take the ATM by force. That stunt could be replicated by a gang of pee-teen hoods. My point is here. Store owners know already know that they have to HIDE money in a hidden safe that is near impossible to remove. But the banks and ATM vendors came along and told a story about how secure the things would be. That was tantamount to fraud. The damage done to the store was grater Hahn the loss of the money in the ATM. The ATM fraud, kidnapping and vandalism of ATM locations is on then rise. More like an erupting volcano. Somewhere else they are ranting about how Windows XP ruins ATMs. But that is just another sensational story. http://www.businessweek.com/articles/2014-01-16/atms-face-deadline-to-upgrade-from-windows-xp Nothing to worry about. Your money is safe. Quote from: Geek-9pm on February 01, 2014, 02:53:01 PM The fraud in the crimes was the ATM vendors telling the store owners that nobody could heist a ATM box bolted to a wall. Nothing in the articles you posted indicates that the ATM vendors told anybody this. Quote But the banks and ATM vendors came along and told a story about how secure the things would be. Or this.* sigh OK, I will explain. We have three or four problems with the ATM thing. 1. Crooks compromise the ATM and get it no give money them. The fraud goes unnoticed for hours or every days. 2. Persistent use of older software, embedded XP, is said to be the problem in the above. (I don't think so. It is bad implementation. Don't get me started.) 3. Other crooks are physical removing or smashing any stand alone AYM in a small store. Use of a vehicle helps the crooks pull or smash the machine loose. 4. Videos from cameras show the ATM was not anchored and placed by the recommended guidelines the USA. (Other countries would have similar rules.) Look at this photo: http://wfxg.images.worldnow.com/images/24605891_BG1.jpg (Notice the ATM is apparently NOT in a reenforced enclosure.)* That below is from the south part of the USA. A new story was just released. The croaks are still at it. Quote ATM thefts believed to be connected Posted: Jan 31, 2014 5:33 PM PST Updated: Jan 31, 2014 5:33 PM PST By Ashley Edlund - email Local News Next weather maker brings showers Updated: Feb 01, 2014 7:04 PM PST The WAFF 48 Storm Team is tracking several weather ... ... fire Saturday.More >> AUGUSTA, GA (WFXG) - Rack and Grill owner Chris Kuneman hadn't seen anything like this in the six years he's been in business. Around 2:30A.M. Sunday morning, two people drove a pickup truck right into his restaurant. Kuneman said, "They backed into it, backed into it six times, then went inside, tried to steal an ATM, and tried to break it lose. They left with nothing but a broken truck." Deputies said, minutes before, they think three or four men stole that truck from someone on Heathers Way, then ran into a Citgo gas station on Mike Padgett Highway and stole items inside. Just five days later, Thursday, Sgt. Michael McDaniel said another Ford pickup truck went missing. "The 30th of January, another Ford pickup truck was stolen and was used to force entry into 2228 Rosier Road, where an ATM was stolen. That ATM was recovered at the Tobacco road Elementary School." Sgt. McDaniel said there are several similarities between Sunday and Thursday. No suspects have been named yet, but deputies think the incidents are connected. Meanwhile for Kuneman, the damage is adding up. He said the damage could range anywhere from 30 to 60 thousand dollars. These have all been early morning incidents, when the businesses are closed. No one has been injured. If you have any information, contact the Richmond County Sheriff's Office at 706-821-1080 or the Criminal Investigation Division at 706-821-1020. http://www.waff.com/story/24605891/atm-thefts-believed-to-be-connected It should be apparent there is ome kind of negligence non the part of the companies that install and maintain the stand alone ATM units in that area. Security guidelines were punished over 5 years back. Stand alone ATMs were especially marked as having a high risk. They are not to be placed where a vesicle can enter. They were to be strongly anchored. So somebody was not paying attention... or misinforming the risk assessment to small store owners. Now the above reasoning should be obvious. These physical security things were already know in the industry. Who forgot? Who lied? Now for my wild speculation. I think the banks or related big business frims are doing a 'snow job' with the media. They have tossed in the MS XP thing along with some actual news about how ATMs are failing to safeguard money. To date, I have never read any story the shows XP ever was the primary cause of ATM loss or breakdown. What do you think? Quote from: Geek-9pm on February 01, 2014, 09:23:04 PM 4. Videos from cameras show the ATM was not anchored and placed by the recommended guidelines the USA. (Other countries would have similar rules.) Look at this photo: http://wfxg.images.worldnow.com/images/24605891_BG1.jpg (Notice the ATM is apparently NOT in a reenforced enclosure.) https://www.pcisecuritystandards.org/pdfs/PCI_ATM_Security_Guidelines_Info_Supplement.pdf Quote The security guidelines in this document build upon a series of existing standards (IT, security, payment card,and ATM industry). As compromise prevention best practices,they are NOT intended to: Provide a set of security requirements for the formal security certification of ATMs Be used as fraud prevention guidelines (transaction monitoring, card authentication procedures, etc.) Identify guidelines preventing the physical access to the cash stored in the ATM or to the site where the ATM is deployed. Identify guidelines for the placement of ATMs The claim that the ATM(s) were not anchored according to recommended guidelines in the USA seems to be at odds with that very same guideline document saying that it does not provide those guidelines. Quote It should be apparent there is ome kind of negligence non the part of the companies that install and maintain the stand alone ATM units in that area. OK, let's read that article. The crooks backed into the ATM 6 times with a truck. They got nothing out of it and were unable to break the ATM from it's position. They left only with a damaged truck. Perhaps you could explain how installing an ATM in such a way that it can be hit by a truck 6 times and still be unmovable and it's money inaccessible is "negligence on the part of the companies that install and maintain the stand-alone ATM units"? I won't even point out how if a Pickup truck running into an ATM 6 times can't get anything from it I don't know what a child could get out of it. Is there a way to install an ATM such that it can be undamaged by being backed into by a pickup truck several times? Probably not. Quote Security guidelines were punished over 5 years back. Stand alone ATMs were especially marked as having a high risk. They are not to be placed where a vesicle can enter. They were to be strongly anchored. So somebody was not paying attention... or misinforming the risk assessment to small store owners. Except the "guidelines" clearly say they are not intended to "Identify guidelines for the placement of ATMs". There is a difference between making an assumption about what guidelines are in place and taking a few seconds to actually find the document and realize that the very document to which you effectively refer actually says the exact opposite. You also conveniently ignore that in the very case you mention, the ATM was inside of the restaurant. Quote Now the above reasoning should be obvious. These physical security things were already know in the industry. Who forgot? Who lied? Well, so far, you've lied about these things being guidelines, so there is that. Basically the owner of the store or other establishment get's to choose where it goes. Banks don't choose where it goes and neither do "big business firms". Quote They have tossed in the MS XP thing along with some actual news about how ATMs are failing to safeguard money. To date, I have never read any story the shows XP ever was the primary cause of ATM loss or breakdown. Certainly not the primary cause, but I think it could be argued that the malware on the USB stick would have had a much more difficult time if the system was running Vista, 7, or 8 (or a Linux distribution). The only reason it was able to function as it did was because of security considerations that, while mitigable, were also XP's defaults. Quote Certainly not the primary cause, but I think it could be argued that the malware on the USB stick would have had a much more difficult time if the system was running Vista, 7, or 8 (or a Linux distribution). The only reason it was able to function as it did was because of security considerations that, while mitigable, were also XP's defaults. The flaw was putting a USB port in the system. A SD memory port, properly implemented, would not present the same weakness as a USB port. The SD card under Windows XP would have a digital protection that is not easily circumvented. The guileless do say tat the stand alone ATM must no be where a vehicle can get to it. Being in the middle of the restaurant does not fulfill that requirement. Here in the USA interior walls are not vehicle proof. To prevent vehicle attack there has to be steel and concrete barriers. The ATM vendors know this. Yes, the rules are not legislation, yet. But there were made by a group representing the industry. Quote from: Geek-9pm on February 02, 2014, 01:03:16 AM The flaw was putting a USB port in the system. A SD memory port, properly implemented, would not present the same weakness as a USB port. The SD card under Windows XP would have a digital protection that is not easily circumvented. This is FALSE. the SD cards "security" feature is key revocation and pretty much protects the data on the SD cards. Windows XP still auto-runs an inserted SD card. Quote The guileless do say tat the stand alone ATM must no be where a vehicle can get to it. I just quoted the guidelines saying they provide no such guidelines. Page number? BC , learn to thin k. When they say 'Not here" it implies another place. It is in another place. It means then don't want the liability. Quote Windows XP still auto-runs an inserted SD card. Not on my machine. And a properly setup embedded XP won't either. The XP system treats SD memory and USB interface as different tings. Besides, they should not even have a USB interface on a ATM. No resin for it. Bad design. Quote from: Geek-9pm on February 02, 2014, 05:11:55 PM BC , learn to thin k. When they say 'Not here" it implies another place. It is in another place. Then show us where this 'other place is'. Also, I seem to recall people saying that "a church is no place for child abuse", so I guess they were implying that it was OK elsewhere? Quote Not on my machine. I tested a clean XP Install before I posted. It showed the auto-RUN dialog. With XP however there are ways to prevent that dialog from ever showing up in the first place, with a proper autorun.inf file. (and, indeed, SD cards are auto-run and their autorun.inf files are used). Quote And a properly setup embedded XP won't either. The only way to disable Autorun in XP is to use a third-party program (tweakUI) or to manually edit the registry. Quote The XP system treats SD memory and USB interface as different tings. They are treated entirely 100% equivalent. They are removable drives. Quote Besides, they should not even have a USB interface on a ATM. No resin for it. Bad design. Pinpads, receipt printers, the cash drawer, and touchscreens generally use a USB interface. It would make more sense to FORCIBLY remove the USB Mass storage class driver, but that would require fiddling with some of WIndows' innards. [/quote] Quote from: Geek-9pm on February 02, 2014, 05:11:55 PM And a properly setup embedded XP won't either. A properly set up XP embedded shouldn't autorun USB cards either. Quote they should not even have a USB interface on a ATM. No resin for it. Bad design. As far as I'm aware ATMs tend to use fairly standard PC components which of course will include USB ports, even if there was no USB ports there would still be some other sort of interface like serial. And there is a reason for having USB interfaces - Maintenance. I'd be willing to bet that the companies that design and manage ATMs will use USB devices to diagnose the system and that's completely excluding the very real possibility that the different devices within the ATM may actually interface with the PC through USB. The self service CHECKOUTS in my local supermarket also run XP and also use standard PC components which includes USB ports - I've never heard of them being "hacked". And I mean, I've had those things crash and dump me at an XP desktop which can actually be interacted with using the touchscreen!

Answer»

It's not hard to rob a ATM . Here, there, everywhere.

Suspect in attempted ATM robbery turns himself in to police

Another.
Gardaí appeal for witnesses to Sligo ATM robbery
More: (Video)
Another ATM stolen from a local convenience store I see nothing whatsoever in the links you posted that removing an ATM in easy. Indeed, it's very, very difficult, as indicated by the extreme measures used an the attempted robberies covered the news sources you posted.

And, by the way, your title is just ridiculous; in no way does it indicate the theft covered in the sources you posted. They show attempts to steal money by physically removing the ATM. This is quite different from fraud, which would involve trickery rather than physical destruction to steal cash from an ATM. On that note i seriously doubt a child could do it....

Sometimes Geek's posts are more sensationalised than his sources.... Quote from: patio on February 01, 2014, 10:03:30 AM

On that note i seriously doubt a child could do it....

Sometimes Geek's posts are more sensationalised than his sources....

Hey, I have to get your attention.

However, if I did report the stories showing children doing it, that would just encourage more children to do it.

The fraud in the crimes was the ATM vendors telling the store owners that nobody could heist a ATM box bolted to a wall. In cone case the thugs used a stolen vehicle to take the ATM by force. That stunt could be replicated by a gang of pee-teen hoods.

My point is here. Store owners know already know that they have to HIDE money in a hidden safe that is near impossible to remove. But the banks and ATM vendors came along and told a story about how secure the things would be. That was tantamount to fraud. The damage done to the store was grater Hahn the loss of the money in the ATM.

The ATM fraud, kidnapping and vandalism of ATM locations is on then rise. More like an erupting volcano.
Somewhere else they are ranting about how Windows XP ruins ATMs. But that is just another sensational story.
http://www.businessweek.com/articles/2014-01-16/atms-face-deadline-to-upgrade-from-windows-xp
Nothing to worry about.
Your money is safe.
Quote from: Geek-9pm on February 01, 2014, 02:53:01 PM

The fraud in the crimes was the ATM vendors telling the store owners that nobody could heist a ATM box bolted to a wall.

Nothing in the articles you posted indicates that the ATM vendors told anybody this.

Quote

But the banks and ATM vendors came along and told a story about how secure the things would be.

Or this.*** sigh ***OK, I will explain. We have three or four problems with the ATM thing.
1. Crooks compromise the ATM and get it no give money them. The fraud goes unnoticed for hours or every days.
2. Persistent use of older software, embedded XP, is said to be the problem in the above. (I don't think so. It is bad implementation. Don't get me started.)
3. Other crooks are physical removing or smashing any stand alone AYM in a small store. Use of a vehicle helps the crooks pull or smash the machine loose.
4. Videos from cameras show the ATM was not anchored and placed by the recommended guidelines the USA. (Other countries would have similar rules.)
Look at this photo:
http://wfxg.images.worldnow.com/images/24605891_BG1.jpg

(Notice the ATM is apparently NOT in a reenforced enclosure.)

That below is from the south part of the USA. A new story was just released. The croaks are still at it.
Quote

ATM thefts believed to be connected
Posted: Jan 31, 2014 5:33 PM PST Updated: Jan 31, 2014 5:33 PM PST
By Ashley Edlund - email
Local News
Next weather maker brings showers
Updated: Feb 01, 2014 7:04 PM PST
The WAFF 48 Storm Team is tracking several weather ...
... fire Saturday.More >>

AUGUSTA, GA (WFXG) -
Rack and Grill owner Chris Kuneman hadn't seen anything like this in the six years he's been in business. Around 2:30A.M. Sunday morning, two people drove a pickup truck right into his restaurant.

Kuneman said, "They backed into it, backed into it six times, then went inside, tried to steal an ATM, and tried to break it lose. They left with nothing but a broken truck."

Deputies said, minutes before, they think three or four men stole that truck from someone on Heathers Way, then ran into a Citgo gas station on Mike Padgett Highway and stole items inside.

Just five days later, Thursday, Sgt. Michael McDaniel said another Ford pickup truck went missing.

"The 30th of January, another Ford pickup truck was stolen and was used to force entry into 2228 Rosier Road, where an ATM was stolen. That ATM was recovered at the Tobacco road Elementary School."

Sgt. McDaniel said there are several similarities between Sunday and Thursday. No suspects have been named yet, but deputies think the incidents are connected. Meanwhile for Kuneman, the damage is adding up.

He said the damage could range anywhere from 30 to 60 thousand dollars.

These have all been early morning incidents, when the businesses are closed. No one has been injured. If you have any information, contact the Richmond County Sheriff's Office at 706-821-1080 or the Criminal Investigation Division at 706-821-1020.
http://www.waff.com/story/24605891/atm-thefts-believed-to-be-connected

It should be apparent there is ome kind of negligence non the part of the companies that install and maintain the stand alone ATM units in that area. Security guidelines were punished over 5 years back. Stand alone ATMs were especially marked as having a high risk. They are not to be placed where a vesicle can enter. They were to be strongly anchored. So somebody was not paying attention... or misinforming the risk assessment to small store owners.

Now the above reasoning should be obvious. These physical security things were already know in the industry. Who forgot? Who lied?

Now for my wild speculation. I think the banks or related big business frims are doing a 'snow job' with the media. They have tossed in the MS XP thing along with some actual news about how ATMs are failing to safeguard money. To date, I have never read any story the shows XP ever was the primary cause of ATM loss or breakdown.

What do you think?
Quote from: Geek-9pm on February 01, 2014, 09:23:04 PM

4. Videos from cameras show the ATM was not anchored and placed by the recommended guidelines the USA. (Other countries would have similar rules.)
Look at this photo:

http://wfxg.images.worldnow.com/images/24605891_BG1.jpg

(Notice the ATM is apparently NOT in a reenforced enclosure.)

https://www.pcisecuritystandards.org/pdfs/PCI_ATM_Security_Guidelines_Info_Supplement.pdf

Quote

The security guidelines in this document build upon a series of existing standards (IT, security,
payment card,and ATM industry). As compromise prevention best practices,they are NOT intended to:

Provide a set of security requirements for the formal security certification of ATMs

Be used as fraud prevention guidelines (transaction monitoring, card authentication procedures, etc.)

Identify guidelines preventing the physical access to the cash stored in the ATM or to the site where the ATM is deployed.

Identify guidelines for the placement of ATMs

The claim that the ATM(s) were not anchored according to recommended guidelines in the USA seems to be at odds with that very same guideline document saying that it does not provide those guidelines.

Quote

It should be apparent there is ome kind of negligence non the part of the companies that install and maintain the stand alone ATM units in that area.

OK, let's read that article. The crooks backed into the ATM 6 times with a truck. They got nothing out of it and were unable to break the ATM from it's position. They left only with a damaged truck.

Perhaps you could explain how installing an ATM in such a way that it can be hit by a truck 6 times and still be unmovable and it's money inaccessible is "negligence on the part of the companies that install and maintain the stand-alone ATM units"?

I won't even point out how if a Pickup truck running into an ATM 6 times can't get anything from it I don't know what a child could get out of it.

Is there a way to install an ATM such that it can be undamaged by being backed into by a pickup truck several times? Probably not.

Quote

Security guidelines were punished over 5 years back. Stand alone ATMs were especially marked as having a high risk. They are not to be placed where a vesicle can enter. They were to be strongly anchored. So somebody was not paying attention... or misinforming the risk assessment to small store owners.

Except the "guidelines" clearly say they are not intended to "Identify guidelines for the placement of ATMs". There is a difference between making an assumption about what guidelines are in place and taking a few seconds to actually find the document and realize that the very document to which you effectively refer actually says the exact opposite.

You also conveniently ignore that in the very case you mention, the ATM was inside of the restaurant.

Quote

Now the above reasoning should be obvious. These physical security things were already know in the industry. Who forgot? Who lied?

Well, so far, you've lied about these things being guidelines, so there is that. Basically the owner of the store or other establishment get's to choose where it goes. Banks don't choose where it goes and neither do "big business firms".

Quote

They have tossed in the MS XP thing along with some actual news about how ATMs are failing to safeguard money. To date, I have never read any story the shows XP ever was the primary cause of ATM loss or breakdown.

Certainly not the primary cause, but I think it could be argued that the malware on the USB stick would have had a much more difficult time if the system was running Vista, 7, or 8 (or a Linux distribution). The only reason it was able to function as it did was because of security considerations that, while mitigable, were also XP's defaults. Quote

Certainly not the primary cause, but I think it could be argued that the malware on the USB stick would have had a much more difficult time if the system was running Vista, 7, or 8 (or a Linux distribution). The only reason it was able to function as it did was because of security considerations that, while mitigable, were also XP's defaults.

The flaw was putting a USB port in the system. A SD memory port, properly implemented, would not present the same weakness as a USB port. The SD card under Windows XP would have a digital protection that is not easily circumvented.

The guileless do say tat the stand alone ATM must no be where a vehicle can get to it. Being in the middle of the restaurant does not fulfill that requirement. Here in the USA interior walls are not vehicle proof. To prevent vehicle attack there has to be steel and concrete barriers. The ATM vendors know this. Yes, the rules are not legislation, yet. But there were made by a group representing the industry.

Quote from: Geek-9pm on February 02, 2014, 01:03:16 AM

The flaw was putting a USB port in the system. A SD memory port, properly implemented, would not present the same weakness as a USB port. The SD card under Windows XP would have a digital protection that is not easily circumvented.

This is FALSE. the SD cards "security" feature is key revocation and pretty much protects the data on the SD cards.

Windows XP still auto-runs an inserted SD card.

Quote

The guileless do say tat the stand alone ATM must no be where a vehicle can get to it.

I just quoted the guidelines saying they provide no such guidelines. Page number?

BC , learn to thin k. When they say 'Not here" it implies another place. It is in another place. It means then don't want the liability.
Quote

Windows XP still auto-runs an inserted SD card.

Not on my machine. And a properly setup embedded XP won't either. The XP system treats SD memory and USB interface as different tings. Besides, they should not even have a USB interface on a ATM. No resin for it. Bad design. Quote from: Geek-9pm on February 02, 2014, 05:11:55 PM

BC , learn to thin k. When they say 'Not here" it implies another place. It is in another place.

Then show us where this 'other place is'.

Also, I seem to recall people saying that "a church is no place for child abuse", so I guess they were implying that it was OK elsewhere?

Quote

Not on my machine.

I tested a clean XP Install before I posted. It showed the auto-RUN dialog. With XP however there are ways to prevent that dialog from ever showing up in the first place, with a proper autorun.inf file. (and, indeed, SD cards are auto-run and their autorun.inf files are used).

Quote

And a properly setup embedded XP won't either.

The only way to disable Autorun in XP is to use a third-party program (tweakUI) or to manually edit the registry.

Quote

The XP system treats SD memory and USB interface as different tings.

They are treated entirely 100% equivalent. They are removable drives.

Quote

Besides, they should not even have a USB interface on a ATM. No resin for it. Bad design.

Pinpads, receipt printers, the cash drawer, and touchscreens generally use a USB interface. It would make more sense to FORCIBLY remove the USB Mass storage class driver, but that would require fiddling with some of WIndows' innards.

[/quote] Quote from: Geek-9pm on February 02, 2014, 05:11:55 PM

And a properly setup embedded XP won't either.

A properly set up XP embedded shouldn't autorun USB cards either.

Quote

they should not even have a USB interface on a ATM. No resin for it. Bad design.

As far as I'm aware ATMs tend to use fairly standard PC components which of course will include USB ports, even if there was no USB ports there would still be some other sort of interface like serial. And there is a reason for having USB interfaces - Maintenance. I'd be willing to bet that the companies that design and manage ATMs will use USB devices to diagnose the system and that's completely excluding the very real possibility that the different devices within the ATM may actually interface with the PC through USB.

The self service CHECKOUTS in my local supermarket also run XP and also use standard PC components which includes USB ports - I've never heard of them being "hacked". And I mean, I've had those things crash and dump me at an XP desktop which can actually be interacted with using the touchscreen!

Solve : ATM fraud. So easy, a child could ndo it.?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment