Security researcher, Brian Krebs, has been writing extensively about ATM and credit card skimming devices. Typically, these are devices attached to the outside of a terminal - they record card data for later retrieval by criminals. This scam, however, is different. It is installed inside the ATM, and the data is retrieved wirelessly. And it would appear that the crime ring responsible has compromised nearly every ATM in the tourist regions of Mexico.
If you're planning a trip to Mexico, bring all the cash you need in advance. After reading these articles, I wouldn't use my ATM/debit card anywhere in that country. Pay cash where possible. Use credit (preferably with a chip-and-PIN card or something encrypted like Apple Pay) everywhere else. It's clear to me that (at least until this crime ring is brought to justice - which might be a long time) no ATM in the country should be consider trustworthy. (To be fair, part 3 points out that all the compromised machines were standalone machines. ATMs owned and operated by banks appeared to be clean.)
There are currently three parts to this article: