Protecting Our Customers


Brute Force BIN Attacks

A Brute Force Attack is a hacking method that uses trial and error to crack passwords, login credentials, and encryption keys. It is a simple yet reliable tactic for gaining unauthorized access to individual accounts and organizations’ systems and networks. The hacker tries multiple usernames and passwords, often using a computer to test a wide range of combinations, until they find the correct login information.

The name "brute force" comes from attackers using excessively forceful attempts to gain access to user accounts. Despite being an old cyberattack method, brute force attacks are tried and tested and remain a popular tactic with hackers.

Below we have more information related to Brute Force BIN attacks, and what you need to know as a Pittsfield Co-op customer.

What is a Brute Force BIN Attack?

  • It is a trial and error method used by fraudsters to obtain debit card information such as an account number, card expiration date, PIN, or CVV2.
  • BIN (bank identification number) is the first six digits on the debit card. This is public information.
  • Brute force attacks are completely random. Initially, it is a $0 transaction to see if it’s a real card, and then it quickly progresses to dollar transactions.
    • All card numbers are susceptible to attacks.

How do fraudsters do this?

  • First, they gain access to a merchant’s retail terminals or website payment system using malware installation, a phishing scheme, or both.
  • Once access is gained to the network, the fraudster can use the merchant’s terminal or online system to perform computer-generated test transactions until the hacker receives a valid authorization.
  • Fraudsters use software that can generate thousands of card number combinations in a matter of seconds.
  • Using the valid authorization, the fraudster then tries combining it with expiration dates, and card numbers obtained via the brute force attack to perform fraudulent, card-not-present transactions in the following ways:
    • E-commerce
    • POS Keyed
    • Mail-order
    • Phone order
    • Create counterfeit cards for card-present POS or ATM transactions

What you need to know:

  • The security parameters Pittsfield Cooperative Bank has in place are working appropriately.
  • Pittsfield Cooperative Bank has NOT been hacked.
  • The merchant where your transaction(s) is being processed has had their point-of-sale (POS) system compromised, but the bank’s systems have not been affected.
  • The vast majority of brute force attempts are declined by the security parameters we have in place.
    • This means the transaction is declined, and the fraudster will move on to the next card number attempt.
    • If your card was tried by the fraudster and the transaction was declined, you can continue using your card. Fraudsters do not know the reason why the transaction was declined. They only know the transaction did not work.
  • If you have had fraudulent transactions, contact the Card Center at 833-660-0464 to begin an EFT Complaint to reclaim those funds.
Find UsLocation & Hours Talkto a real person Email Us Spanish Language Icon Banca Bilingüeen español
Toolbar Button

Why Bank with Us?

Our History

Contact Us

Locations & Hours

Career Opportunities

Press Releases

Financial Results

Corporate Governance

Next Section

Back to Top