Bitcoin ATM Scams

Good morning, folks! Welcome back to Fraud Fridays! Today on the docket: Bitcoin ATM scams! Bitcoin ATM scams are one of the most prevalent forms of scams. In fact, if you've watched any popular scam baiters, such as Kitboga on YouTube, you are likely aware of this scam. I will be linking a video recommendation below, so if you’ve time, I’d highly recommend this content. Not only is it extremely satisfying, but it is also educational. Without further ado, The Bitcoin ATM Scam: Someone calls you claiming to work for tech support from a popular company. They claim your computer, information, or bank account is in immediate danger, and they have the fix for it. During the process, they will often use a program such as Team Viewer to access your desktop remotely. They lead you to open your bank account. Suddenly, your screen goes black, you can't pull anything up, the individual who called you is saying it's a hacker who is in your computer!! But no. The "hacker" is the person on the line. They're not even clever enough to be a hacker though. They're just a scammer. So, let’s talk about what happened before we continue.

Firstly, let’s talk about Team Viewer. Team Viewer is a remote access and remote-control computer software. It is generally used to assist computer technicians by allowing computer maintenance and device maintenance remotely. Programs such as team viewer are used by reputable companies to help their customers. It is unfortunately also used by malicious entities to weave their webs of deceit. Team Viewer, and similar programs, contain features known as "local input" and "local blackscreen." Local blackscreen is generally used by tech professionals to hide their own login credentials or otherwise confidential company information while they assist you. The local input is used to stop the customer from inputting extra information. Although this is used primarily to cut down on mistyped information, it also helps to control unruly customers that think they're helping. Now, a fraudster uses these same tools to a different effect. They will “disable local input.” This will stop you from inputting any information, effectively preventing you from closing windows, typing, or really doing anything to truly control the situation. The disable of the input is ultimately done so you can’t mess up their side of the process, so let's focus on local blackscreen. As the name would imply, it makes your screen go black. This renders you unable to read or see anything happening on your computer. So, they’re now preventing you from typing or seeing anything. Now what?

Now, let's go behind the screen! The scammer gets you to log into your financial website, you suddenly can’t type, your screen goes black, and now they can then go full hackerman. By full hackerman, I mean they can't hack anything at all. What they actually do is simply pull up developer tools (A.K.A., dev tools, dev console). You can see what this is by pressing F12 on your keyboard! Pressing F12 a second time will close dev tools. Dev tools gives you access to the html script running on the webpage. It is also where you have the capability to change what is displayed on the screen. Meaning, you can change letters, names, numbers, and the locations of each, displayed in the page. This is important. They can only adjust what is shown. Adjusting what is shown means that they can’t accomplish anything substantial.

Why is this important? They will make it look like you've sent them (or they've sent you) money in large quantities. Then, they will give a sob story stating that they may be fired for this. All in an effort to convince you to go to a bitcoin ATM or get gift cards. Then, the profitable part of their scam begins. They will ask you to purchase bitcoin in the amount of the difference and send it to them. The sheer fact that it is a bitcoin transaction makes it nigh untraceable without expensive help to recover. This is especially true if you are a person who has never dealt with the crypto market; however, anyone can be a target.

That all sounds terrifying, but how do you avoid it? Simply put, if someone claiming to be from a reputable company is demanding payment in crypto or gift cards, it’s a scam. Hang up and call your financial institution. The scammer may have made it look like your money disappeared, but a call to your institution or simply refreshing the page would prove that there was no action through the account. They just tried to make it look like there was. You can also hang up the phone and call the company they claim to be from to verify information. The company will let you know if that is how they operate, though I can assure you they will say it's not. These scams revolve around fear mongering and speed. Just like any scam, vigilance is key. Thank you very much, stay safe online, and have a wonderful day!

As seen above, this scam is very convoluted and difficult to explain. If you'd like to see scammers get incredibly mad and lose a lot of money, I highly recommend checking out Kitboga on YouTube. If you'd like to watch him combat this scam directly, here's a good place to start: KitBoga on Youtube