Casino Rollers Use Security Loophole to Steal Over $1 Million from Citigroup
Simultaneous use of advance cash kiosks fools Citigroup’s account reconciliation system
Fourteen people have been arrested and are now on trial for allegedly organizing a bank robbery and stealing more than $1 million dollars from Citigroup.
The scam targeted a loophole Citigroup’s account security protocols handles electronic payments and took advantage of their cash advance kiosks. The group organized multiple nearly identical cash requests from the kiosks, each within 60 seconds of each other. The system interpreted these multiple requests as identical withdrawals and treated them as duplicates of only a single withdrawal. With this technique, they were able to multiply their actual withdrawal by fourteen while only drawing one of those payments from the actual account.
Using this method, the group was able to steal more than $1 million, one $10,000 transaction at a time. Keeping each withdrawal amount under $10,000 allowed them to avoid federal transaction reporting requirements. After they acquired the money, the group used the stolen cash to gamble at the local casinos.
It has been reported that the Citigroup loophole has now been closed.
Original article by Dan Goodin.
Read the full story here.
Leave a comment
K-12 teachers offered training to help give every student an education in cybersecuri Read more
Battling Procedure Fatigue in Cybersecurity . . . Or . . . making sure we don’t just Read more
Weekly themes for the annual event have been announced… An article review. October is Read more
Another awareness poster for YOUR customers (and users). Now that we have our own em Read more