UK cybercriminal convicted over 9000 skimmed ATM cards

Filed Under: Featured, Law & order

Last week, we warned you about ATM skimming during the December "retail season".

The Queensland Police Service (QPS) went public with a nicely educational picture of a modern cash machine skimmer found on a city-centre ATM in one of Brisbane's busiest shopping precincts.

You can see how the device covers the regular card slot.

When you insert your card, it gets read in twice - first by the crook's add-on skimmer, then by the regular card reader inside the machine.

(Some cash machines grab your card and suck it in slowly, in a series of jerky movements, in an effort to corrupt the data read in by an add-on skimmer.)

This skimmer is an all-in-one device that includes a tiny camera to film you through a pinhole typing in your PIN. The crooks can then clone your card, match it up to your PIN, and start draining your account.

As we reported, QPS nabbed some skimming devices, but were still on the lookout for a person of interest in the case.

It turns out that skimming stories are like buses - you don't get one for a while, and then two come along at once.

So we are pleased to report that police in Somerset, England, also have a skimming investigation to talk about.

They're a bit further along in their latest battle, having just secured a conviction against 32-year-old UK-based skimmer Leonid Rotaru.

Rotaru, who hails from Romania, pleaded guilty to fraud yesterday in Taunton, Somerset.

He was already wanted by police elsewhere in the UK, so he'll presumably be facing the courtroom music all over again in the near future.

According to reports, Rotaru was caught with skimmed data from a whopping 9000 bank cards. If you've ever wondered whether skimming makes much money for the crooks, that should settle the matter.

In both cases mentioned here - Queensland and Somerset - the investigations got started because members of the public spotted the skimming devices and reported them.

So keep your eyes open, and if you see something, say something!

Since a skimmer on a working ATM is effectively a crime in progress, the Queensland Police actually encourage you to make an emergency call - 000, or triple-zero, in Australia - to make your report. By letting the cops know instead of or as well as the bank, you ensure that the incident is logged as a crime.

, , , , ,

You might like

3 Responses to UK cybercriminal convicted over 9000 skimmed ATM cards

  1. alexanderino · 690 days ago

    Over 9000? Goku would be proud.

    • Paul Ducklin · 690 days ago

      Well, there I meant "over" as in "to do with". And the reported amount of cards was just "9000", not "more than 9000".

      I *could* have said, "UK cybercriminal convicted over over 8000 skimmed ATM cards" :-)

  2. Bedridden Abdul Al Barten · 689 days ago

    Bad design of ATM machines.
    Why was no requirement written that a 'skimming devices with a camera could not be attached'. Surely somebody should have thought of this obvious problem, or was it deemed to expensive to correct?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog