Fake smoke detectors and compromised lobby doors are among the newly favored ways criminals steal cardholders' information from ATMs, Krumm said, while there is also a rising trend to compromise point of sale (POS) card readers. Typically, POS readers are removed after-hours from the retailer's premises; a skimming device is installed, and over the next few weeks the essential data for all customers paying by card is recorded.
POS scams are 10 times more lucrative than ATM scams, typically netting 250,000 per incident, Krumm said, "which means POS tampering will increase for sure," he added. While POS scams allow for undetected, wholesale cardholder data capture over a reasonably long period, the typical ATM haul is data on 50 to 100 cards.
In the newest ATM scams, the international crime gangs use fake smoke detectors in combination with tampered ATM lobby doors. They replace the entire lock in the door, so that theirs captures all the mag-stripe information when the customer swipes his or her card to gain access to the ATM lobby. Then, a micro-camera, disguised as a smoke detector, captures the customer's PIN. This information can be used to make duplicate cards and withdraw from the consumer's account.
Krumm asked banks to consider whether they need locked doors on ATM vestibules at all, since they may actually pose more of a security risk rather than alleviate the risk. He showed a video of an actual bank fraud in which two men installed one of these "smoke detectors" in daylight, without anyone paying them any notice. A single lock cylinder is all the criminals need to compromise many ATM lobbies, Krumm explained, adding, "It's not helpful that with one key a criminal can open all the doors of this (ATM) company."
Co-opted ATM service technicians are often pivotal figures in the scams Germany is now experiencing—part of a crime wave coming from Romania that has already washed over other European countries, such as Spain, Italy and Britain, he said.
In 2008, just 800 of Germany's 60,000 ATMs were defrauded, but each machine was targeted an average of three times.