ATM / POS Fraud , Fraud Management & Cybercrime , Fraud Risk Management

Dozens Arrested in ATM Cash-Out Scheme

Suspected Fraudsters Targeted Santander Bank Branches in 3 States
Dozens Arrested in ATM Cash-Out Scheme

Dozens of suspects have been arrested in connection with an ATM cash-out scheme that targeted Santander Bank branches in New Jersey, New York and Connecticut, according to police and news media reports.

See Also: Live Webinar | Securing Mobile Endpoints to Protect IP in the Pharma Industry

In New Jersey, police made arrests Tuesday and Wednesday at Santander Bank branches, law enforcement officials say. In Hamilton Township, for example, 20 suspects have been charged with various offenses, including conspiracy to commit theft by deception, as well as minor drug charges, according to a police statement.

Police also suspect ATMs in New York City and Connecticut have been hit, according to a local NBC News report.

The South Windsor Police Department in Connecticut says fraudsters have attempted to use fake debit cards to withdraw cash.

Nancy Orlando, a spokesperson for Santander Bank, tells Information Security Media Group that the bank's customers are able to use its ATMs to obtain cash, and non-bank customers would be able to use the machines "in the near future."

"All Santander employees are safe, and we continue to follow our safety and security protocols at all our locations," Orlando says. "Customers should know that there has been no impact to their accounts, data or funds, and we continue to cooperate with law enforcement as they investigate this situation."

Boston-based Santander Bank, a subsidiary of a Spanish firm, has about 650 branches and 2,000 ATMs in the U.S., mainly in the Northeast, according to its website.

The FBI is working with local police to investigate the bank fraud, an FBI spokesperson tells ISMG, declining to provide further details.

Software Glitch?

The New Jersey Star-Ledger newspaper, citing three law enforcement sources, reports that fraudsters took advantage of an apparent software "glitch" in the bank's ATM system, making continuous withdrawals of cash using prepaid payment cards or fraudulent ATM cards.

Some of the fraudsters started sharing details of the software bug on social media accounts, which drove others to attempt to cash out ATM machines in three states, sources told the Star-Ledger.

Hank Schless, a senior manager for security solutions at security firm Lookout, notes that fraudsters will continually look for weak spots in any business and then share that information.

"This ATM-related incident shows what happens when a device isn't secured the same way as other parts of the infrastructure," Schless tells ISMG.

"Once a vulnerability is identified, it will be exploited until the victim realizes it needs to be fixed. Having visibility into every potential entry point into your organization is key if you want to truly secure your organization. Whether you're talking about ATMs, building entrances or mobile devices, it's critical to understand what risk they pose to the organization if they're not secured."


About the Author

Prajeet Nair

Prajeet Nair

Principal Correspondent

Nair is principal correspondent for Information Security Media Group's global news desk. He has previously worked at TechCircle, IDG, Times Group and other publications where he reported on developments in enterprise technology, digital transformation and other issues.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.