Cybercrime: Shoulder surfing…

In 29 November 2007, a Connecticut man had been a victim of shoulder-surfer in the Grand Central Terminal. They exploit the yawning loophole in the ATM system and the crowded spots like Grand Central Terminal where people move at high speed. The man withdrew $40 from a cash machine to buy a beer. As he was trying to catch a train, he just left with his ATM card and cash. However, a question still posted on the screen: Do you want to continue another transaction? Another guy step in and tapped “yes” and enter the password to withdraw all the money. How the guy get the password? It is through shoulder surfing. Although this kind of ATM machines were phased out in US to prevent Lebanese Loop, it still pose the danger for the pin number to be stolen via shoulder surfing.

Source: http://www.nytimes.com/2008/01/12/nyregion/12about.html?_r=0

What is shoulder surfing?

As suggested by the name, shoulder surfing is basically looking over someone’s shoulder or spying in order to get the personal information of that person. The information could be the personal access number such as ATM pin number or account password or any other personal information of that electronic device user. Shoulder surfing can be done through direct observation technique as well as other vision-enhancing devices such as pinhole camera to capture the photo. This had gain popularity especially in a crowded places as it will be easy to pretend standing behind the victim and look over the shoulder of the victim. Also, it will be hard for the victim to realize in a crowded places or catch the spy as it often difficult to find prove to charge them. The shoulder-surfer can easily look over the shoulder using eyeballs to steal the victim personal information.

Source: https://en.wikipedia.org/wiki/Shoulder_surfing_(computer_security)