European Fraud

EAST has just published its first European Fraud Update for 2020. This is based on country crime updates given by representatives of 18 countries in the Single Euro Payments Area (SEPA), and 2 non-SEPA countries, at the 50th EAST meeting held in Vienna on 12th February 2020.

Payment fraud issues were reported by eighteen countries. Seven countries reported CNP fraud occurring worldwide. One reported that the card data is either bought in bulk or obtained via card testing/BIN attacks. The attackers use scripts/bots (not real people) to conduct the fraud. Four countries reported BIN attacks. One reported that they are originating from the Middle East for the first time and another reported them in relation to both CP and CNP fraud, with losses reported in the USA, the UK and Brazil. Two countries reported Account Takeover Fraud, one of them in connection with SIM swapping.

Six countries reported phishing. One reported the use of fake emails by criminals to impersonate bank customers, claiming that their bank account details have changed. Another reported that online banking was targeted, and a third country reported phishing using social networks, with related fraud occurring in China. Three countries reported SMS phishing (Smishing). One of them reported this related to token validation transactions – the IP addresses are in Morocco and the fraud occurs in an EU country with losses via Western Union.

To date in 2020 the EAST Payments Task Force (EPTF) has published one related Payment Alert.

ATM malware and logical attacks were reported by twelve countries – one reported successful ATM malware attacks where ‘Cutlet Maker’ was used, and ten reported the usage (or attempted usage) of ‘black-box’ devices to allow the unauthorised dispensing of cash. To date in 2020 the EAST Expert Group on All Terminal Fraud (EGAF) has published one related Fraud Alert.

Card skimming at ATMs was reported by ten countries, and the downward trend continues. Six countries reported the usage of ‘M3 – Card Reader Internal Skimming devices’, and the usage of ‘M1 – Overlay Skimming Devices’ and ‘M2 – Throat Inlay Skimming Devices’ was also reported. Skimming attacks on other terminal types were reported by eight countries. Four reported attacks on unattended payment terminals (UPTs) at petrol stations, and three reported attacks at railway ticket machines. To date in 2020 EAST EGAF has published four related Fraud Alerts.

Year to date International skimming related losses were reported in 14 countries and territories outside SEPA and in 4 within SEPA. The top three locations where such losses were reported remain Indonesia, India and the USA.

Five countries reported card trapping attacks, one of them reporting a new method that allows several cards to be captured in one attack. Three countries reported transaction reversal fraud (TRF) incidents. To date in 2020 EAST EGAF has published two related Fraud Alerts.

Ram raids and ATM burglary were reported by eleven countries and eleven countries reported explosive gas attacks, one of which resulted in a fatality. Eight countries reported solid explosive attacks. The usage of Triacetone Triperoxide (TATP) for solid explosive attacks continues to increase across Europe. Mixing TAPT is a complicated procedure that requires good knowledge of the chemicals, as there is a danger of setting off an unexpected explosion. The spread of such attacks is of great concern to the industry due to the risk to life and to the significant amount of collateral damage to equipment and buildings.
To date in 2020 the EAST Expert Group on ATM & ATS Physical Attacks (EGAP) has published two related Physical Attack Alerts.

The full European Fraud Update is available to EAST Members (National, Global and Associate).