Security Fails When Banks Try To Resemble Scammers
from the imitation-is-the-sincerest-form-of-flattery dept
We’ve discussed the threat to ATM security whereby a false front is attached to the machine, allowing attackers to scan a customer’s card when they try to make a transaction. One solution is to warn customers about suspicious attachments to the machines, so that they’ll know not to swipe their card when they see one. However, any effort to warn customers is undermined when banks attach their own devices to the machine that look just like illicit scanners. One security expert recently came upon an ATM in the UK that had an anti-scanning device attached to the slot so sloppily soldered on that he went to a different machine. This is similar to another mistake that banks make, sending out emails that look exactly like phishing scams. The goal of many scams is to trick people into giving away information to what appears to be a trusted party. But when institutions’ tactics so closely mimic the scammers, consumers don’t know who to trust.