The below terminology is used by the EAST Expert Group on Payment and Transaction Fraud (EPTF) and the EAST Expert Group on All Terminal Fraud (EGAF) when producing Payment Alerts and other documents. The aim is for this terminology to be adopted globally when describing or reporting payment and terminal fraud.
For a definition of each term under the ‘Main Classification’ and ‘Sub-Sets’ headings, see the Fraud Definitions page on this website.
EAST also publishes Terminology for the Location of Fraudulent Devices, Central/Host Fraud Definitions, Terminal Fraud Definitions, Terminal Physical Attacks Definitions and Terminology and Countermeasures against ATM Malware and Black Box Attacks.
FRAUD TYPE
Main Classification | Sub-Sets |
---|---|
Technological Fraud (Attacks against Technology) | • CNP – Card Not Present • CP – Card Present • Merchant Fraud • Virtual Currency Fraud • Cheque Fraud • Digital fraud • Mobile Fraud • Telephone Fraud • Standing Order Fraud • Invoice Fraud • Romance Fraud • CEO Fraud • Investment Fraud • Money Laundering • BIN Attack • Black Box Attack • DoS - Denial of Service attack • MITM – Man-in-the-Middle attack • Transaction Reversal Fraud • Transaction Message Adulteration |
Non-Technological Fraud (Attacks against the Victim) | • Account Takeover Fraud • First Party (Friendly) Fraud • Identity Spoofing (or hacking) • Authorised Push Payment Fraud Scams • Direct Debit Fraud • Extortion • Cash Trapping • Lost/Stolen Card |
FRAUD ORIGIN
Main Classification | Sub-Sets |
---|---|
Social Engineering | • Phishing • Spear Phishing • Vishing • Smishing • Shoulder Surfing • Distraction • Push Payments |
Data Compromise | • Malware • ATM Malware • Ransomware • Data Breach • Fake Website • Fake App • e-Skimming • Skimming – CPP ATM • Skimming – CPP UPT • Skimming – CPP POS • Skimming – CPP Virtual Terminal • Card Trapping |
DUE DILIGENCE
Main Classification | Sub-Sets |
---|---|
Due Diligence | • Lack of Patching / Security • Bad implementation • Deployment Error • Merchant Negligence • Implementation not according to Standards |