Data relay attacks drive up European terminal related fraud incidents
EAST has just published a European Payment Terminal Crime Report covering 2025 which highlights a massive increase in reported data relay attacks.
Terminal related fraud attacks were up 40% (from 14,664 to 20,465 incidents). This increase was primarily due to a rise in data relay attacks. Data relay attacks increased by 1,811% (from 381 to 7,282 incidents), ATM card trapping attacks decreased by 8% (from 2,704 to 2,500 incidents), ATM cash trapping attacks increased by 8% (from 9,811 to 10,574 incidents), and ATM TRF attacks decreased by 93% (from 1,577 to 109 incidents). Within the data relay attack total 2,967 attacks were ‘Terminal-to-Terminal’ and 4,315 were ‘Card-to-Terminal’ attacks. Total losses of €3 million were reported, down 96% from the €71 million reported in 2024. Given the low level of skimming attacks in Europe, EAST has stopped reporting losses due to card skimming, which reflects the 96% decrease in reported losses when compared to 2024.
EAST Executive Director Lachlan Gunn said,“”Data relay attacks were first reported by EAST in 2022 and remained at low levels until 2025 when reported incidents surged. In ‘Terminal-to-Terminal’ relay attacks, the legitimate customer/user operates a Compromised Terminal with their card for either a contact or a contactless transaction. In ‘Card-to-Terminal’ relay attacks the customer is the victim of a phishing campaign disclosing confidential account data including the PIN to enable transaction data relay from the customer card. Within such relay attacks the customer is not using a terminal and no Active Shimming Device is utilised. Two of our Expert Groups, EAST EGAF and EAST EPTF, continue to monitor and analyse these attacks, with close cooperation between industry partners, Europol, and law enforcement in the affected countries.”
ATM malware and logical attacks were down 57% (from 3 to 1). No losses were reported. Europol, supported by EAST EGAF, has published guidelines to help the industry and law enforcement counter the ATM Logical Attack threat. It is believed that the adoption by the industry of the recommendations has helped to drive down attacks. Given the low levels of such attacks in Europe, from 2026 onwards it is likely that EAST will stop reporting on them.
ATM related physical attacks were down 50% (from 5,593 to 2,986 incidents), primarily due to a fall in reported non-specific attacks. Within this total, ATM explosive attacks (including explosive gas and solid explosive attacks) were down 6% (from 602 to 565 incidents), attacks due to ATM Theft (Rip-out)/ATM burglary (In-situ) were down 11% (from 592 to 525 incidents) and non-specific attacks were down 60% (from 4,754 to 1,889 incidents). Losses due to ATM related physical attacks were €19 million, a 58% increase from the €12 million reported during 2024. 71% of these losses were due to explosive attacks, which were up 57% from €8.6 million to €13.5 million. While on average around 40% of such attacks do not result in cash loss, the loss figures shown do not take into account collateral damage to equipment or buildings, which can be significant and often exceeds the value of the cash lost in successful attacks.
A summary of the report statistics under the main headings is in the table below.
The full Crime Report is available to EAST Members (National, Global and Associate)
