<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=905697862838810&amp;ev=PageView&amp;noscript=1">


    Payments | 2 min read

    Warning: ATM Global Cash-Out Scheme

    This is an important alert to inform you about a scheme that could affect the payments industry.

    "Unlimited Operation" Schemes Threaten Financial Institutions

    Unspecified reporting obtained by the FBI indicates cyber criminals are planning to conduct a global automated teller machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an “unlimited operation.” Such schemes involve the use of malware to access bank customer card information from financial institutions or card processors, enabling large-scale theft of funds from ATMs. Specifically, malware is used to manipulate/remove system controls, including balances, withdrawals, and daily transaction limits. Information obtained in the cyber attack can then be copied, sold, and subsequently used to withdraw an unlimited amount of funds from ATMs. Funds obtained from these schemes are often laundered via conversion to virtual currency, investments in local or regional criminal enterprises, or overseas transfers.1<

    ATM cash-out operations are usually launched on weekends, often just after financial institutions begin closing for business on Saturday. These schemes are expected to continue and possibly increase in the future.2

    Recommendations and Best Practices

    The FBI recommends financial institutions take steps to enhance security measures against these types of attacks and educate consumers on preventive and reactive actions. For a detailed list, please see the full private industry notification published by the FBI. Included below are practices that can help protect your institution and customers:

    • Know your customers

    • Regularly review transaction monitoring rules

    • Increase daily and weekend transaction monitoring

    • Contact members or customers to validate unusual or suspicious activity

    • Contact law enforcement if a financial crime is confirmed or suspected

    • Respond to electronic cash management (ECM) unusual activity notifications quickly

    https://epayresources.informz.net/ePayResources/data/images/20180809001PIN%20FBI.pdf August 15, 2018

    2 https://krebsonsecurity.com/2018/08/fbi-warns-of-unlimited-atm-cashout-blitz/ August 15, 2018

    If you require legal assistance, please contact your legal counsel or a professional practitioner. This compliance update is the property of SWBC and is intended for informational purposes only. SWBC does not render legal advice or recommendations.


    Related Categories


    Elizabeth Cardenas

    As a payments compliance supervisor, Elizabeth Cardenas is responsible for identifying fraud and money laundering concerns in electronic cash management (ECM) to support SWBC's Payments clients. Elizabeth is CAMS certified, has a bachelor's degree in modern languages and linguistics from the University of Texas at San Antonio and is fluent in Japanese and proficient in several other languages.

    You may also like:

    Outsourcing Payments

    Tactfully Overcoming the Top 5 Delinquent Borrower Objections

    It’s been a tough 18 months for millions of Americans. The COVID-19 pandemic caused major job losses and employment inte...


    Keeping Pace with Digital Demand for Self-Service Payments Options

    It’s hard to believe that we’re approaching the end of 2021. It’s been nearly two years since COVID-19 began reshaping t...

    Technology Payments

    The Essential Software Development Toolkit for Your Payments Program

    If you’ve ever worked with a payments product development team, you may have heard the term SDK technology. SDK stands f...

    Let Us Know What You Thought about this Post.

    Put your Comment Below.


    Free Executive Briefing:

    Through Partnerships and Technology, SWBC Deploys Account Validation Solution

    Learn More