"ATM cash-out." It's a phrase that has the ring of a game show but the reality of a nightmare, at least according to the FBI, which has issued a warning about the scheme. Per Krebs on Security, the FBI has been on the receiving end of "unspecified reporting" suggesting cybercriminals are preparing to carry out a so-called cash-out, in which they hack a bank or payment card processor—often gaining entry by successfully phishing an employee at the institution—and then visit ATMs armed with cloned cards and begin pulling out money, as much as millions over the course of a few hours. The alert made to banks on Friday indicated the scheme would take place in the coming days, with Krebs reporting such attacks typically occur after close-of-business on Saturdays.
Krebs delves more into the process, which typically involves loosening fraud controls—like doing away with the cap on the amount of cash that one can withdraw in an ATM transaction—and jacking up account balances so there's more cash to take. The alert explained "historic compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cyber security controls," and Krebs backs that up by recalling an alleged cash-out scheme that occurred at the National Bank of Blacksburg in Virginia that saw $2.4 million taken over two cash-outs in May 2016 and January 2017. The Roanoke Times reported in July that the bank is suing its insurer, which has said it will only reimburse the bank $50,000; more on how it arrived at that amount here.