Homepage Sophos newsroom
Register as BUSINESS Register as PR AGENCY Register as JOURNALIST

UK cybercriminal convicted over 9000 skimmed ATM cards

Announcement posted by Sophos 29 Nov 2012

Last week, we warned you about ATM skimming during the December "retail season".

The Queensland Police Service (QPS) went public with a nicely educational picture of a modern cash machine skimmer found on a city-centre ATM in one of Brisbane's busiest shopping precincts.

You can see how the device covers the regular card slot.

When you insert your card, it gets read in twice - first by the crook's add-on skimmer, then by the regular card reader inside the machine.

(Some cash machines grab your card and suck it in slowly, in a series of jerky movements, in an effort to corrupt the data read in by an add-on skimmer.)

This skimmer is an all-in-one device that includes a tiny camera to film you through a pinhole typing in your PIN. The crooks can then clone your card, match it up to your PIN, and start draining your account.

As we reported, QPS nabbed some skimming devices, but were still on the lookout for a person of interest in the case.

It turns out that skimming stories are like buses - you don't get one for a while, and then two come along at once.

So we are pleased to report that police in Somerset, England, also have a skimming investigation to talk about.

They're a bit further along in their latest battle, having just secured a conviction against 32-year-old UK-based skimmer Leonid Rotaru.

Rotaru, who hails from Romania, pleaded guilty to fraud yesterday in Taunton, Somerset.

He was already wanted by police elsewhere in the UK, so he'll presumably be facing the courtroom music all over again in the near future.

According to reports, Rotaru was caught with skimmed data from a whopping 9000 bank cards. If you've ever wondered whether skimming makes much money for the crooks, that should settle the matter.

In both cases mentioned here - Queensland and Somerset - the investigations got started because members of the public spotted the skimming devices and reported them.

So keep your eyes open, and if you see something, say something!

Since a skimmer on a working ATM is effectively a crime in progress, the Queensland Police actually encourage you to make an emergency call - 000, or triple-zero, in Australia - to make your report. By letting the cops know instead of or as well as the bank, you ensure that the incident is logged as a crime.