ATM scam

[Quentin Campbell]

An aquaintance of ours recently lost 600 pounds through unauthorised
withdrawls from ATMs. It transpires that 200 pounds was withdrawn each day
from her account over the Bank Holiday weekend. She had previously used
her card in an ATM at a local supermarket just before the Bank Holiday. 

I understand that there has been a spate of similar thefts of card info
recently by tampering with the ATM in such a way that card details and PIN
can be recorded remotely. Does anyone have any further information on the
technique(s) used?  Are ATMs in bank lobbies less vulnerable? 

Is this another example of a poorly implemented security system (ref. 
Brian Gladman and others) or is this classed as a different type of
failure? 

The other interesting feature of this incident is that the bank appears to
be up-front about what has been going on. There has been no attempt to
hide the fact that other customers have been stung in a similar way
recently and it has even given some details on how the scam operates. It
was the garbled version that I got that has prompted this posting. 

The bank appears to be responding rapidly to restore the accounts affected
(and presumably their customers' confidence in the bank). 

The bank involved was Lloyds-TSB. Are UK banks' ATMs all of very similar
technology and security features or are some more vulnerable than others
to the sort of tampering that appears to have gone on here? Just curious
since we also are with Lloyds-TSB.  :-(

Quentin