(832) 467-0000 [email protected]

“ATM Cash Out” operations hinges of massive phishing operation

Fortune Magazine and KrebsOnSecurity detail warnings issued by the FBI of a pending “ATM Cash Out” attack. Highly organized crime operations are poised to execute a worldwide attack across small to medium sized banking operations. Generally, these operations have limited security controls to detect intrusions and unauthorized movement inside a network.


The attackers are targeting banking systems through the use of phishing emails in order to compromise credentials. From there, they are moving inside networks to disable or eliminate fraud triggers. The FBI indicates the tactics include:
·       Removing fraud controls
·       Changing account balances
·       Eliminating daily maximum withdrawal limits
·       Launching physical attacks on the weekend when banks are closed

Krebs reports that the National Bank of Blacksburg was hit in two similar attacks within the last year totaling $2.4 million in stolen funds. 

Compromised credentials and unauthorized network movement are precursors to fraud schemes like this. Behavior Analytic solutions like Aruba’s IntroSpect can also help spot this behavior early. Monitoring network traffic as well as user and IoT behavior gives a well-rounded view of potential criminal activity. IntroSpect can detect, alert and take action to curtail malicious behavior by the compromised user.

Call us to discuss how Introspect can help keep your important data more secure.