Aspen police in 2012 took in 144 reports of ATM-related fraud alone, about five times as many as the previous year, and with 36 so far this year, 2013 has already surpassed the total number of such cases in 2011, crime statistics show.
And those are only the cases that police know about. Aspen police detective Walter Chi has said that in many cases, the issue is handled between the victim and the financial institution, with authorities never being notified.
But what is known is that those who are stealing cash from ATMs using others’ personal information are brazen, in Aspen and elsewhere.
In December culprits attached a skimming device — a small, hard-to-detect electronic device that copies data from the cards inserted into the machine or other automatic pay stations — onto the ATM of an Aspen bank. The information allows thieves to make duplicates of victims’ cards and use them to withdraw cash at any other ATM.
In March, three men fraudulently withdrew about $20,000 from an Aspen bank’s ATM over a six-hour period. They didn’t bother covering their faces in front of surveillance cameras.
Neither did three other men who stole $1,300 from a Snowmass Village couple using ATMs in Aspen and Glenwood Springs.
No arrests have been made in the cases, and police don’t know if they are related.
Glenwood police have also turned over to the U.S. Secret Service three skimming devices installed inside gas pumps that recorded debit and credit card information.
“The problem is getting worse and worse,” Aspen police detective Ian MacAyeal said Thursday.
The valley, of course, isn’t alone. The New York Times on Thursday reported on what “authorities said was one of the most sophisticated and effective cyber-crime attacks ever uncovered.”
Working in more than 24 countries, a syndicate was able to withdraw some $40 million from thousands of ATMs in a matter of hours in February, the paper reported.
“This is a business,” MacAyeal said. “They are practically setting up office buildings” in some countries to run the criminal enterprises.
“This is way beyond the Nigerian scams,” he said, referring to the now-common offers that are emailed to people promising them fortunes if they would only provide some personal and banking information.
MacAyeal said he learns weekly of completely new types of scams. There are fake, but incredibly realistic, websites that collect money and personal information; creditor rouses in which a person is told they owe money; and hackers able to access email contact lists.
Regarding the latter scam, MacAyeal recounted the ordeal of a local man who was emailed by his “son,” who said he had been arrested in Mexico and needed cash. The man withdrew $75,000 and mailed it off. His son was fine and was not in Mexico.
When a Kazakhstani woman was arrested in Aspen in 2011 for her role in an Internet scam, she wasn’t talkative.
“She was stone-faced,” MacAyeal recalled Thursday of Elvira Gumarova. “She never said a word.”
Gumarova, then 22, used Western Union offices in Aspen and San Francisco to collect and send at least $17,000 from a scam involving a Craigslist posting for an RV trailer and a fake eBay motor-vehicle website. Gumarova sent money to Romania, Kazakhstan and Vietnam.
A California company hired a local attorney for her within a few days of her arrest, and less than four months later she pleaded guilty to a reduced trespassing charge, received a deferred sentence and was deported.
“We knew she was working for someone else,” MacAyeal said.
Nancy Ozawa is the head of marketing at Javelin Strategy & Research, which annually releases a Card Issuers’ Safety Scorecard.
She said banks are much better at stopping identity fraud more quickly, meaning their authentication protocols are cutting down the length of time thieves have to use pilfered information.
Still, Ozawa’s company in 2012 recorded $21 billion stolen from 12 million victims in the United States. Both numbers were all-time highs, she said.
Culprits are “getting smarter and smarter,” Ozawa said. “It used to be dumpster diving or going through your mailbox” to get personal information.
Now cyber-thieves troll social media websites like Facebook looking for personal information. Ozawa advised against putting things like a maiden name, a dog’s name or a birthday on such sites.
She and MacAyeal said people need to be better partners with their financial institutions, availing themselves of automatic withdrawal notifications, checking bank statements religiously and taking other measures to ensure that private information remains just that.
Because, as MacAyeal said, “The scams get better and better every week.”