According to a recent bulletin from the U.S. Federal Bureau of Investigation, ATM “jackpotting” incidents are rising sharply in the country. The agency said it has “observed an increase in ATM jackpotting incidents across the United States,” with more than 700 attacks in 2025 alone, leading to over $20 million in losses. Since 2020, about 1,900 such incidents have been reported.
The method blends physical access with malware. Threat actors “exploit physical and software vulnerabilities in ATMs and deploy malware to dispense cash without a legitimate transaction,” the FBI said.
One strain, Ploutus, targets the Windows systems that power many ATMs and abuses XFS software, the layer that connects the machine’s keypad, card reader and cash dispenser. “Ploutus attacks the ATM itself rather than customer accounts, enabling fast cash-out operations that can occur in minutes and are often difficult to detect until after the money is withdrawn,” the agency said.
These attacks usually don’t empty individual bank accounts directly. They target the machine. Still, customers can feel the effects through temporary shutdowns, cash shortages, and tighter controls.
So how do you stay safe?
First, use ATMs in well-lit, high-traffic areas, ideally inside bank branches. Jackpotting often involves physical tampering, so isolated machines are riskier.
Second, look closely before you insert your card. Check for loose panels, unusual devices around the card slot, or anything that looks recently forced open. If something feels off, walk away and notify the bank.
Third, set up real-time transaction alerts through your banking app. Even though jackpotting targets machines, broader ATM fraud still exists. Instant alerts give you a quick window to react if anything unusual happens.
Finally, consider limiting daily withdrawal amounts and reviewing statements regularly. It sounds basic, but consistent monitoring remains one of the strongest personal defences.
Ogbonda Chivumnovu
