CRIME FACTORY : Thousands hit in ATM scam in Canada Eight people face a total of 101 charges in scheme that spread across Toronto, York, Peel
TIMOTHY APPLEBY
The Globe and Mail
June 19, 2008
http://www.theglobeandmail.com/servlet/story/RTGAM.20080619.wbank19/BNStory/National/?page=rss&id=RTGAM.20080619.wbank19
Thousands of bank customers have been defrauded of millions of dollars in one of the most elaborate automatic-teller theft operations ever seen in the Toronto area, police said yesterday, announcing multiple arrests and the dismantling of a network of what they termed "debit-card labs."
Dozens of bank machines were compromised - possibly more - and investigators are still trying to assess the scope of the mass ripoff, said Staff Inspector Steve Harris of the Toronto fraud squad.
The scam involved surreptitiously recording customers' debit-card data as they did their banking and then transferring it to assorted types of phony, custom-modified cards being churned out in at least three different locations.
"I wouldn't say it's easy, it takes sophistication and you have to have the right equipment," Staff Insp. Harris said. "But this particular gang was sophisticated."
Eight people face a total of 101 charges, mostly fraud-related, in a scheme police say was spread across Toronto, York Region and Peel Region.
One of the counterfeit-card labs was in a large industrial complex in York. A second was in a Toronto apartment. A third was discovered in a car.
The scam was far from unique. Canadians are among the world's most prolific users of debit cards, and last year, thieves defrauded roughly 159,000 card holders of more than $100-million, statistics compiled by the Interac Association show. (As with credit-card theft, the losses are almost always picked up by the financial institution.)
This operation, however, displayed particular finesse.
After six weeks of surveillance and other covert work, the joint-forces investigation netted $120,000 in cash, skimmers, card readers, cameras, embossers, moulding machines, and other hardware.
And while all the major banks appear to have been hit, until experts have examined the 40 computers that were also seized, they won't know how many customers were defrauded.
"It's going to be thousands and thousands," Staff Insp. Harris said. As to the number of compromised bank machines, "I'd start with dozens, but that may expand."
Debit-card theft entails stealing and marrying up two sets of details: the data in the car's magnetic stripe and the user's PIN - personal identification number.
In this instance, the primary target was high-volume, 24-hour teller machines in satellite locations rather than on bank premises.
As lookouts kept watch, police said, the thieves were able in a matter of minutes to install near-invisible pinhole cameras in and around the ATM booths.
Simultaneously, they would insert plastic overlays over the machine's card-reader, containing reading equipment that would relay the data to a remote storage device.
The data would then be transferred on to all types of cards, new and discarded. Cards originating from outlets as diverse as Wal-Mart, Royal Bank, CIBC, Old Navy, Starbucks and Toys "R" Us were seized in the police raids.
Even long-discarded hotel-room cards can be custom-fitted with the data needed to drain or deplete a bank account.
"These were pretty much start-to-finish labs," Detective Ian Nichol said. "Anything with a magnetic stripe can ultimately be adapted for that use."
Police would not disclose the locations of the ATMs that were tampered with, but said the investigation was triggered when bank authorities began noticing unusually high levels of cash withdrawals.