Wow! I didn’t know this works!

“Citibank machines in 7-Eleven convenience stores across America were the target of the biggest and most effective remote PIN code theft scam in US banking history between last autumn and this spring when at least $2 million (£1 million) was stolen…”

“PIN codes have always been the most closely guarded secrets in banking transactions, and the are supposed to be encrypted the very second they are tapped into a keypad. Until recently, it was virtually impossible to get at them without physically looking over someone’s shoulder as they punched in their digits to withdraw money. Indeed, scams involving strategically placed mirrors or tiny video cameras have become something of a common threat for banks.

You’d better survey the entire area around an ATM next time before you draw 10 bucks from the machine.

“…Other cash machine crime has involved fraudsters setting up fake keyboards to glean PINs — or, for less sophisticated criminals, simply crashing a car into the wall of a bank and hoping it breaks open the part of the cash machine where the banknotes are stored. PIN codes have also been obtained through so-called e-mail “phishing” scams.

But technology has changed over the past few years. The infrastructure is now built on Microsoft’s Windows operating system, and the cash machines themselves can be remotely diagnosed and repaired online. Unfortunately, this means that PIN codes have started to “leak” along the way — suggesting that industry guidelines on encryption are not always being followed.”

Fortunately, I don’t use Citibank. 😛