It's hard to remember life without ATMs. In Hong Kong, we can transfer funds, pay our utility bills and even settle tax demand-notes using an ATM. And they even dispense cash.
We're so used to these handy machines that we may not always view them as security risks. But we should. As security gurus like Bruce Schneier point out, we make security decisions all the time--some conscious, some subconscious.
It's time to put your ATM security strategy into your conscious personal security perimeter, if it's not there already. You may know that ATMs can be fitted with "skimmers": snap-on devices that include card readers and pinhole cameras. The crooks want to steal your account number and watch you type in your PIN, then clone your card for nefarious purposes.
According to a recent story in the South China Morning Post, illegal skimming equipment is believed to have been installed on at least 10 Hong Kong ATMs since September. From October to December 2012, 18 people reported losing money--14 in December alone.
Mainland authorities have been contacted because illegal withdrawals using fake cards and the stolen data were made across the border, according to the SCMP.
ATM cards are being replaced with ones bearing an embedded microchip for greater security by Hong Kong banks, and this process should be completed in 2015. But as ever, your awareness and alertness are the best weapons against thieves using technology.
ATM-skimmers are uncommon, but should you suspect an ATM has been tampered with, please report it to the HKP on their Commercial and Technology Crime Hotline hotline: 2860 5012.
Secure locations for ATMs
ATMs located on public streets are accessible to anyone at any time, making them prime targets for a skimmer. One security-measure worth checking: streetside ATMs attached to a bank sometimes have a security camera (look for the half-dome on the underside).
Another factor: the bad guys like to keep visual contact with the ATM they've illegally modified. An ATM inside a bank-lobby, or shopping mall, or other facility that is locked during non-business hours, is a better choice than a streetside ATM.
Be aware of your ATM's surroundings. You're making a transaction involving valuable personal data and cash. Now is not the time to check Facebook on your mobile phone.
Skimmers use pinhole-cameras which can record your PIN (Personal Identification Number) when you type it on the keypad.
Hong Kong ATMs have useful shields around the keypad, but this is important: always cover your typing hand when entering your PIN. You can use your free hand, purse, or wallet to cover the keypad.
Follow the instructions on the ATM: cover your typing hand when you enter your PIN. Every time. This simple practice just might save you from a substantial loss of funds.
Be alert when you use an ATM. Don't let anyone distract you--complete your transaction, be sure you've tucked away your card (and cash) safely, and leave.
More information on ATM-skimmers is available from the website of Charles Krebs: a US-based security researcher who documents these criminal devices. Krebs compiles his ATM-skimmer stories here:
Basic security practices are important when you use any ATM. Refuse to be a victim. Remain alert, cover the keypad when entering your PIN, and urge others to do the same.