News By Tag
News By Place
The European ATM Security Team (EAST) has just published its second European Fraud Update for 2014
This is based on country crime updates given by representatives of 19 countries in the Single Euro Payments Area (SEPA), and 3 non-SEPA countries, at the 33rd EAST meeting held at the European Cybercrime Centre at Europol in The Hague on 11 June 2014
European fraud counter-measures such as Geo-blocking, fraud monitoring capabilities and fraud detection continue to improve and most ATM related card skimming losses occur outside Europe and are migrating away from EMV* Chip liability shift areas. In 2014 such losses have been reported in 43 countries and territories outside of the Single Euro Payments Area (SEPA) and in 4 within SEPA. The USA is the top location for such losses, followed by Thailand and Indonesia.
Skimming attacks on other terminal types were reported by twelve countries. Attacks on unattended payment terminals (UPTs) at petrol stations were seen in eight countries, while six countries saw attacks at point-of-sale (POS) terminals. One of them has seen the usage of ghost terminals, genuine terminals that are stolen, and then have their internal workings removed and rebuilt by the criminals.
From March to May 2014 the European Cybercrime Centre (EC3) at Europol has supported four major cross-border police operations which have taken down criminal groups engaged in online auction fraud, online airline fraud, skimming fraud and electronic payment and document fraud. In many cases the criminals transferred stolen funds to unregistered pre-paid cards for cash withdrawal at ATMs.
Cash trapping incidents were reported by twelve countries, with one of them reporting related arrests, and eight countries reported transaction reversal fraud (TRF) incidents. The usage of the cash claw continues for both types of attack and a variant wrapped in tape has been seen for the first time.
Seven countries reported card trapping incidents and the usage of mobile phones for PIN compromise seems to be becoming more widespread.
ATM malware incidents were reported by four countries. These were related to ‘cash out’ or ‘jackpotting’
Ram raids and ATM burglary were reported by ten countries and in one of them three gangs involved with such attacks were broken up. Eight countries reported explosive gas attacks and two of them reported attacks on ATMs using solid explosives. The overall rise in explosive attacks in Europe appears to be continuing and EAST will publish updated statistics in its H1 2014 European ATM Crime Report, due for publication in October 2014.
The full Fraud Update is available to EAST members and subscribers and details of how to join or subscribe to EAST can be found at https://www.european-
*EMV (also known as ‘chip and PIN’) is an industry standard for Smart Cards and card readers, supported by the European Payments Council and the major payment schemes
(Background data on the Fraud Update & EAST follow)
For more information on EAST visit http://www.european-
EUROPEAN ATM FRAUD UPDATE 2-2014
The above release is based on a European Fraud Update prepared three times a year by EAST, based on country crime updates given at its meetings. These Updates are prepared by EAST to provide interested parties with an overview of the European ATM crime situation. They are produced for EAST National Members, EAST Associate Members (including Law Enforcement officers), and EAST Subscribers. The following countries supplied full or partial information for this Update:
Austria, Belgium; Canada; Cyprus; Czech Republic; Finland; France; Germany; Hungary; Ireland; Italy; Liechtenstein;
EAST has taken reasonable measures to develop this Update in a fair, reasonable, open, and objective manner. However, EAST makes no claims, promises, or guarantees about the completeness of the Update. In addition, as the information in the Update has been passed to EAST by other parties, errors or mistakes may exist or be discovered. Neither EAST nor its members, authors, or agents shall be liable for any loss, damage, or claim with respect to any such information being provided. All such liabilities, including direct, special, indirect, or consequential damages, are expressly disclaimed and excluded.
Founded in February 2004, EAST celebrated its 10th Anniversary at the 32nd Meeting of National Members held in Brussels on 12th February 2014.
EAST is a ‘non-profit’
Our mission is to gather and provide information to the European ATM industry and to facilitate effective representation of ATM related security issues at relevant European central institutions, through a pan-European co-ordination of ATM security resources.
EAST has set up a framework network structure to improve co-operation with industry, law enforcement, and in particular Europol, in order to achieve awareness and better results in the fight against organised cross-border crime. EAST National Members represent 29 countries with a total deployment of 640,582 ATMs.
The EAST Expert Group on ATM Fraud (EGAF), formed in May 2013, provides a European specialist expert forum for discussion of ATM related fraud trends, fraud methodologies and counter-measures, and for the provision of regularly updated lists of known devices used for card or PIN or data compromise, for cash trapping, and for lists of known counter-measures. Through a new system of ATM Fraud Alerts EAST is able to communicate important and timely information to its National and Associate Members.
The EAST Expert Group on ATM Physical Attacks (EGAP), formed in May 2014, provides a European specialist expert forum for discussion of ATM related physical attack trends, attack methodologies and counter-measures.
More information can be found at http://www.european-
European ATM Security Team Ltd