This is an important alert to inform you about a scheme that could affect the payments industry.
"Unlimited Operation" Schemes Threaten Financial Institutions
Unspecified reporting obtained by the FBI indicates cyber criminals are planning to conduct a global automated teller machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an “unlimited operation.” Such schemes involve the use of malware to access bank customer card information from financial institutions or card processors, enabling large-scale theft of funds from ATMs. Specifically, malware is used to manipulate/remove system controls, including balances, withdrawals, and daily transaction limits. Information obtained in the cyber attack can then be copied, sold, and subsequently used to withdraw an unlimited amount of funds from ATMs. Funds obtained from these schemes are often laundered via conversion to virtual currency, investments in local or regional criminal enterprises, or overseas transfers.1
ATM cash-out operations are usually launched on weekends, often just after financial institutions begin closing for business on Saturday. These schemes are expected to continue and possibly increase in the future.2
Recommendations and Best Practices
The FBI recommends financial institutions take steps to enhance security measures against these types of attacks and educate consumers on preventive and reactive actions. For a detailed list, please see the full private industry notification published by the FBI. Included below are practices that can help protect your institution and customers:
• Know your customers
• Regularly review transaction monitoring rules
• Increase daily and weekend transaction monitoring
• Contact members or customers to validate unusual or suspicious activity
• Contact law enforcement if a financial crime is confirmed or suspected
• Respond to electronic cash management (ECM) unusual activity notifications quickly
If you require legal assistance, please contact your legal counsel or a professional practitioner. This compliance update is the property of SWBC and is intended for informational purposes only. SWBC does not render legal advice or recommendations.