ATM Fraud : Be Alert!! If you are withdrawing money from ATMs!New type of fraud is happening.
Banks have been asked to strengthen security norms regarding ATMs (Automated Teller Machines) amidst increasing cyber attacks. This instruction has been given to banks in the midst of growing cases of wrongful withdrawal of money through technology (MITM-man in the middle) in ATMs through communication process between two parties.
Banks have been directed to ensure ‘end-to-end encryption’ (use of native language from beginning to end). That is, whatever message is there, only two parties connected to it can read it.
In a recent letter sent to all banks by the central government, MITM attacks are increasing.
In this, attackers take money out of fraud by making changes in the message sent to ‘ATM host’ by ‘Atom Switch’. It is a type of cyber attack. A security official associated with the case said that investigations by security agencies have found that the cyber fraud gang has started adopting a new way of withdrawing money from ATMs.
According to investigators, fraudsters first tamper with the network of ATM (LAN) cable. The rejected messages of ‘ATM Switch’ are converted into successful cash withdrawal transaction responses, and cash is subsequently withdrawn from the ATM. The attackers first place a device between the ATM machine and the router or switch at the ATM premises.
The device has the ability to modify responses back to the ‘ATM switch’ which is connected to the ATM through the network. The attacker then uses a restricted card (or blocked card) to present the withdrawal request. When the ‘ATM switch’ sends the rejected message, the attacker intercepts the response so that the transaction is cleared and cash can be withdrawn.
The official said that in view of this type of fraud, banks have been instructed to ensure ‘end-to-end encryption’ between the ATM terminal or PC and the ATM employee. Banks have been asked to hide the network cable, input / output port of the ATM premises and secure it through security guards. Similarly, the advisory of the Reserve Bank of India has also been issued.
In 2018, a total of 1,59,761 cyber security related cases related to digital banking were reported, according to the information received by the Indian Computer Emergency Response Team (CERT-In) and kept an eye on things. At the same time, its number increased to 2,46,514 in 2019 and 2,90,445 in 2020. In these attacks, data breach includes network scanning, virus and website hacking.
Digital transactions in the country have increased by 46 percent in 2019-20 as compared to 2018-19 in the country. According to the official, the Ministry of Home Affairs has been in regular dialogue with the state governments and the administrators of the Union Territory and advising them for speedy disposal of cases related to cyber attacks. CERT-In is the national technology unit for dealing with cyber attacks and cyber security.
0 Comments
Remember to keep comments respectful and follow our community guidlines, Otherwise your Comment will Be Removed.