Card fraud has risen by a third in the last five years, to pounds 135m, nearly half the cost of all UK motor thefts, or a quarter of burglaries. Yet up until the early Nineties, banks insisted their systems were impenetrable.
In those days customers had to foot the bill for suspicious or disputed withdrawals. Then the 1992 Banking Code made banks prove customers had actually made the withdrawal. Suddenly card fraud rocketed.
A typical fraud involved a customer losing his card in the machine, which was picked up by an insider. Meanwhile an outside accomplice in the queue memorised the Personal Identification Number (PIN). The crooks then emptied the account.
Abbey National was plagued by a variation on this scam. Villains used video equipment with powerful lenses to record the numbers customers were keying into the ATMs, plus the details from the front of the plastic. Then a gang installed a fake machine in an east London shop front - bodged together from the discarded shell of a dispenser never used in this country, and a PC screen. They got away with pounds 100,000.
Richard Tyson-Davies, a spokesman for Apacs, that controls the banks' payment and accounting systems, says: "When customers used the machine, a message appeared saying it was out of cash. Some came back four times, without noticing that they were looking into a PC screen - nothing like an ATM screen." The latest heist used a more sophisticated version of this. Villains mounted a false keypad over the real one, so they could record people's PINs. They also inserted a false slot in the real slot, and recorded information coded in the card's magnetic stripe. This time customers got both the cash and their cards back.
The banks are cagey about exactly how these false instruments work. But sophisticated security cracking electronic equipment of this kind is available on the black market in Europe. Though the scam first came to light in York, and police believe attacks on dispensers have been limited to the Midlands and the North, mainly at supermarket ATMs, fake cards have been used all over the country, far into the South.
A basic read-write machine can be bought legitimately via a specialist business supplier, or, more typically, change hands in a pub for about pounds 400. It lets information stored in a card's magnetic stripe be read and copied on to a dummy card. Customers who let their credit cards out of their sight in restaurants are particularly vulnerable to what is called "hot card" spending. Where criminals counterfeit a card like this, and also get the PIN number - perhaps by following their victim to an ATM - they can empty the account.
Whatever we have been told, until PIN and magnetic cards are replaced by an alternative system, our money is not as safe as we think.
So what are the alternatives? Nationwide successfully conducted a trial on cash machines using the iris of an eye to recognise ownership and access. But the prohibitive cost of installing them across the country has ruled them out for now.
Banks are placing their hopes on smart cards using a computer chip. Barclays has issued about 500,000 so far, and hopes to have rolled out three million by year's end. They say these are almost impossible to copy. Impossible? Or just another challenge for the criminal fraternity?
HOW TO BEAT
Use the same cash dispensers regularly, so you become familiar with them. Never touch a machine which looks in any way suspicious.
Be particularly wary
about so-called remote machines, away from bank branches. These are the most vulnerable to fraud.
Never allow anyone
to watch over your shoulder when tapping in a PIN. If possible conceal the number with your other hand.
Always check your bank statements carefully.
Try never to let your card out of your sight, particularly in restaurants. Ask the waiter to bring the machine to the table, or take your card to the till yourself.