TRF

Central/Host FraudEAST has published new Central/Host Fraud Definitions, produced by the EAST Expert Group on All Terminal Fraud (EGAF).  Central/Host Fraud Definitions cover attacks against central infrastructure like banking host systems in order to perform different Modus Operandi not directly connected to a Terminal.

The compromise of a corporate network is the first step with these types of incidents. This can be done by external attackers as well as by internal employees of the institution. The document provides an explanation of how a Corporate Network Attack is prepared and how attackers typically try to get access to this critical infrastructure, enabling the three different Modus Operandi:

  • Card Processing – Control of a financial institution’s card processing infrastructure leading to illegitimate ATM withdrawals using genuine transactions from an ATM perspective. This is also known as ‘Unlimited Operations / Cash Outs’.
  • Fund Transfer – Control of a financial institution’s fund transfer infrastructure leading to illegal funds transfer using SWIFT/electronic banking.
  • Remote Malware Distribution and Control – Control of a financial institutions network leading to illegitimate file distribution in order to install and execute ATM specific malware. The different malware Modus Operandi actually used within the attack can be Jackpotting, Man-in-the-Middle (MITM) and SW-Skimming (see EAST Terminal Fraud Definitions).

The aim is for these fraud definitions to be adopted globally by the Industry and Law enforcement when describing or reporting payment and terminal fraud.

EAST EGAF has also produced Terminal Fraud Definitions which cover onsite attacks against endpoints, not limited to but mainly focusing on ATM related attacks. These definitions describe Card Skimming, Card Trapping, Card Shimming, Eavesdropping, Cash Trapping, Transaction Reversal Fraud (TRF), Malware and Black Box attacks.

All definitions fit under the overall Fraud Definitions published by EAST, and are the basis of a new template used by EAST National and Global Members when preparing Country Updates for EAST Global Congress Meetings.  This template was first used at the EAST Interim Meeting held on 10th June 2020, which resulted in the publication of EAST Fraud Update 2-2020.