Skip to content
Naked Security Naked Security

Advent tip #19: Grab hold and give it a wiggle!

Watch out for booby-trapped ATMs! If crooks can copy your card and record your PIN when you withdraw money, they can raid your account.

The suggestion to “grab hold and give it a wiggle” may not sound like useful security advice.

But if you’re using an ATM to withdraw money then “wiggling” can be a good idea.

That’s because a quick scrutiny of the ATM and its components (e.g. the card slot, the keypad, the moulded surrounds) can help you spot things that are iffy, such as skimming devices.

That’s where crooks glue fake add-on parts onto or around the ATM in the hope of covertly reading in both your card data and your PIN.

Typical skimming components include:

  • A fake card slot stuck over the real one, so your card is read twice when you insert it – first by the crooks, and then by the bank.
  • A fake keypad layered over the real one, so your PIN registers both on the crooks’ keyboard and on the bank’s.
  • A hidden camera and transmitting device, such as a modified mobile phone, that takes a video of your PIN as you enter it.

With a copy of your card data and your PIN, the crooks may be able to clone your card and send other gang members around town with fake cards to make phantom withdrawals.

If you see something, say something!

Inform both the bank and the police, which not only protects you but also protects the next guy, too.

A map from the US Attorney’s Office showing the speed at which cloned ATM cards are used in mass withdrawals:

Images of Christmas tree and Advent calendar courtesy of Shutterstock.

5 Comments

I thought “giving a wiggle” to a suspected ATM was NOT advised because sometimes the crooks are watching (either optically or electronically) and they tend to take an intense dislike to anyone who interferes with the tools of their trade.

If in doubt walk away and report your doubts .

I understand your concern, especially in the UK, where a trick using a loop of tape (it used to be video tape) is still sometimes used to retain your card so the crooks can recover it, meaning they need to hang around the general area.

But the idea of “give it a wiggle” is simply to make it more likely you’ll spot something that doesn’t quite fit. We’re not suggesting “try to rip the glued-on parts off” and make away with them :-)

Fiscal the Fraud Fighting Ferret………….Loving this series of you tube videos, and, the Queensland police! The police here in Melbourne are also excellent as a friend and I discovered when we went to unlock the car and the keys remained firmly wedged in the lock. It was on a busy street and despite us giving the appearance of car thieves for the next twenty minutes or so not one person walking past glued to their phones even noticed what we were doing!

A police station nearby saw us quickly entering and the police officer escorted us to the vehicle complete with a can of WD 40! Thankyou Melbourne Police.

This article is excellent and I have enjoyed every one of this series of Advent Tips. Even though we often know this information a timely reminder is important especially around the festive season.

I would like to take this opportunity to thank you Paul and all the team at Naked Security for all of your ongoing and excellent work…………Sincerely Rosie

Unfortunately, the video is private now and can’t be viewed.
No doubt there’s a law of diminishing returns when maintaining articles over five years of age, but I figured I’d notify anyway.

PS: I followed two hops from an article this week (2021-04-26) to reach a typosquatting one from 2015, and the prior article link “wiggle it” piqued my curious mouse finger:
https://nakedsecurity.sophos.com/2015/12/18/advent-tip-18-avoid-typosquatting-type-carefully-at-christmas/

Thanks. Technically the link is still valid… so it doesn’t show up as at 404.

I removed the video. The Queesland Police Service still has articles about the animated creature in the video (Fiscal the Fraud-fighting Ferret), but their own links to the fraud-fighting site set up way back when are now defunct, so I guess his time has been and gone :-)

(The idea of a fraud-fighting ferret in Queensland was a bit weird because at the time, ferrets – as well as rabbits – were illegal to keep as pets in the state. Whether that law has been relaxed in recent years I don’t know.)

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?