Avoid generic passwordsPublished 9:48pm Wednesday, December 28, 2011
BERRIEN SPRINGS — Stand-alone ATM machines can be vulnerable to manipulation if the default password is not customized, Police Chief Milt Agay said at Wednesday’s press conference.
On Tuesday, following a several-month interstate investigation into the theft of several thousands of dollars from the automatic teller machine at the Express Mart/Phillips 66 station on St. Joseph Avenue in Berrien Springs, an arrest warrant was issued for John L. Crabtree, 50, a white, 5-foot-11 Kalamazoo County parole absconder last seen in Georgia.
During the initial complaint in August, a person entered the Express Mart and made the machine dispense thousands of dollars without charging it to an account.
“The first thing they need to do is change that password,” Agay said. “If they haven’t, and someone knows what it is, they can manipulate the machine to do whatever they want. My crime prevention tip would be that if you have one of these machines inside your store, make sure you create a unique password. We were able to track Crabtree through an organization we belong to, the International Association of Financial Crime Investigators.”
Det. Sgt. Patrick Teed followed up the case and found similar offenses occurring throughout the Midwest as far away as South Dakota.
Once police identified Crabtree as a suspect, Berrien County Trial Court charged him with obtaining money under false pretenses greater than $1,000 and less than $20,000.
His Michigan Department of Corrections record shows him having been in prison for forgery, attempting to receive stolen property and breaking and entering.
How would Crabtree obtain a generic password?
“We don’t know the answer to that yet,” Agay said.
“Just like we ask people to do with their personal stuff, make a password that’s not your birthday or your address or your telephone number. Make it unique, with a variety of characters so someone’s not going to be able to figure it out.”