A Possible Cyber Attack Targeting ATMs


An incident involving various banks has raised alarms among financial institutions and security companies responsible for safeguarding their systems. As a result, surveillance measures have been reinforced. However, no incidents have been reported thus far.

According to SEPROBAN (Security and Banking Protection), a company dedicated to supporting banks in security matters in coordination with law enforcement and justice authorities, an alert was issued and sent to various financial institutions.

This ‘maximum alert’ was issued approximately a week ago and contains sufficient evidence to confirm that a criminal group divided into 53 cells is planning a large-scale hack of ATMs. Some of the states where this attack may occur are already known.

States and Banks Potentially Affected

According to SEPROBAN, this hacking attempt could impact Mexico City and states such as Querétaro, Puebla, and others in the central region of the country.

In response to this situation, the different banks served by SEPROBAN (Security and Banking Protection) have decided to enhance security measures within their systems.

SEPROBAN provides protection to 46 out of the 52 banks operating in the country. These include BBVA, Citibanamex, Banco Azteca, BanCoppel, HSBC, Inbursa, Mifel, Multiva, Banorte, Banregio, Banjercito, Scotiabank, Banco del Bienestar, Santander, as well as the Bank of Mexico (Banxico) and the Mexican Bankers Association (ABM).

How to Prevent ATM Hacks and Frauds

ATMs have become an easy target for fraud, theft, and even hacking. In fact, the National Institute of Statistics and Geography (INEGI) revealed that from January to March, ATMs were perceived as the most insecure places among the population, according to data from the National Urban Public Safety Survey (ENSU).

Additionally, criminal groups have exploited cardless withdrawals as a fraudulent method affecting millions of people. They impersonate bank employees through phone calls, leading victims to generate references for cardless withdrawals based on a supposed unrecognized charge.

To mitigate risks, both SEPROBAN and the National Commission for the Protection and Defense of Financial Services Users (CONDUSEF) recommend the following:

  1. Avoid using ATMs located in poorly lit, crowded, or isolated areas, especially at night.
  2. Refrain from using ATMs if you notice suspicious individuals nearby or inside the cabin.
  3. When approaching an ATM, have your card ready to minimize time and distraction during the transaction, as this reduces risk.
  4. Always inspect the ATM for possible alterations or unusual parts that are not typically seen.
  5. Be wary of ATMs displaying signs or messages, as financial institutions never request confidential information through such notices.
  6. If an ATM appears faulty, cancel the transaction before leaving.
  7. Do not allow anyone to distract you while conducting a transaction.

Stay vigilant and prioritize safety when using ATMs. If you have any concerns, report them promptly to your bank or relevant authorities.

Source: Telediario