3rd EAST FCS Forum – the most successful yet!

EAST FCS ForumThe sun has set on another successful EAST Financial Crime & Security (FCS) Forum which was held for the second time at the Grand Hotel Amrâth Kurhaus, in Scheveningen, The Hague. Feedback from delegates has been hugely positive.  This year marked a new format which included plenary sessions covering expert information from global regions: Asia-Pacific (ASEAN), Latin America, USA, Russia and Europe. 19 expert speakers travelled from 14 countries around the world to share their knowledge of ATM crime prevention.

In addition an afternoon of breakout sessions was held covering topics related to ATM and payment terminal fraud, and to ATM physical attacks.

Networking opportunities were abundant – a welcome cocktail the evening before the event, ensured all delegates were comfortable to kick off the Forum having met with their peers in a relaxed environment. Exhibitors enjoyed increased traffic through the exhibition hall, giving demos to attendees during coffee breaks, lunch and demonstration sessions.


Day One of the EAST FCS Forum opened with keynote speaker Steven Wilson, Head of the Europol Cyber Crime Centre (EC3) who spoke about the multi-faceted approach to countering cybercrime and the success of public private partnerships, especially the cooperation between EC3, non-EU States and EAST members.

Lachlan Gunn, Executive Director EAST, provided relevant statistics from the EAST European ATM Crime Report. He also announced a name change for EAST which is now the European Association for Secure Transactions. A milestone for EAST which has mainly focused on issues facing the ATM industry thus far, but which will now look at all threats against payment terminals (ATM, SST and POS), as well the security of payments and transactions.

Lachlan was followed by presenters from ASEANAPOL, the US Secret Service, the Russian Mastercard Members Association, and from the Latin American Association of Operators Electronic Funds Transfer and Information Services (ATEFI), who all gave the audience the most current information on activity in their regions.

In the afternoon breakout sessions Otto de Jong, EAST EGAF Chair, led discussions which covered R&D by fraudsters on EMV and old school ATM Fraud, and Graham Mott, EAST EGAP Chair, facilitated discussions on banknote degradation, physical attack types and countermeasures and traditional attacks.

The day closed out nicely with a BBQ by the beach!

Day Two kicked off with Group-IB providing an overview on the evolution of logical attacks on financial institutions. This was followed by a case study on Black Box attacks from NCR Czech Republic and an update from ING Netherlands on the evolution of gas and solid explosive attacks. There was a case study on countering such explosive attacks from the UK’s West Midlands Regional Organised Crime Unit, and the final talk of the day came from Rui Carvalho, Development Director EAST, who is building the EAST Payments Task Force and provided an overview on current and future activities for EAST.

In her closing address, conference Chairman Úna Dillon, Development Director of EAST, summarised the two-day conference by noting the importance of cross-border public-private sector cooperation in the fight against financial crime – stressing the need for private sector industry stakeholders to collaborate with law-enforcement agencies. She added that whilst EAST delivered the conference, the people charged with building the event are also deeply involved in the collaborative work already going on. Their ‘on-the-ground’ involvement means the EAST FCS Forum agenda will always be relevant and current.

This 3rd EAST FCS Forum has proven to be a successful platform in bringing together the perfect mix of banking representatives, security experts, law enforcement, payments associations, government agencies and many other stakeholders in the ATM and payment crime prevention sector  –  the dialogue and learning from  across Europe, the USA, Latin America, Russia and Asia-Pacific will no doubt help all participants to better detect and prevent current and future financial crime threats.

The event could not have taken place without the support of sponsors, exhibitors, speakers and delegates. EAST hugely appreciates the participation of all who took part and thanks everyone for their contribution to making the event a success.

Overall sponsor of the EAST FCS Forum 2017 was 3SI Security Systems.

Other sponsors and exhibitors included, the ATM Security Association, ACG, BVK, GMV, MIB, Startech Ltd. and TMD Security.

153 detained for ticket fraud following Global Airport Action Days (GAAD)

GAAD control room153 individuals have been detained following the sixth Global Airport Action Days (GAAD) major international law enforcement operation targeting airline fraudsters. The individuals are suspected of flying using airline tickets purchased with stolen, compromised or fake credit card details.

From 6 to 8 June 2017, 64 countries, 84 airlines and eight online travel agencies worked jointly with law enforcement officers to carry out operational actions in 230 airports across the world.

During the operation, 312 suspicious transactions were reported. As a result, 153 people were detained, denied boarding, questioned by police and criminally charged; several investigations are ongoing.

During the actions, new modi operandi were identified as being used by organised crime networks to gain access to transit areas in airports in order to facilitate illegal immigration and drug trafficking.

GAAD checksSince many individuals use credit cards and fake identification documents to facilitate illegal immigration, Europol’s European Migrant Smuggling Centre (EMSC) joined this year’s GAAD to provide better support to EU Member States and partners for fighting human smuggling networks. Europol specialists and analysts equipped with special technical equipment were deployed to several European airports.

Representatives from airlines, online travel agencies, payment card companies, Perseuss, and the International Air Transport Association (IATA), worked together with experts from Europol’s European Cybercrime Centre (EC3) to identify suspicious transactions and provide confirmation to law enforcement officers deployed in the airports.

GAAD was coordinated from operational centres at Europol in the Netherlands, INTERPOL Global Complex for Innovation in Singapore, NCFTA in the U.S., and Ameripol in Bogota. GAAD was also supported by UNODC (AIRCOP for Africa), the Latin American and Caribbean Intelligence Police Community (CLACIP), Canadian and US law enforcement agencies.

Law enforcement is now tackling this international phenomenon on a daily basis in close cooperation with the private sector. This has enhanced trust between all involved parties and will continue to inflict damage to the criminals involved in airline ticket fraud.

For more information visit the Europol website

Europol helps to dismantle Payment Card Fraud network

A successful operation that took down an international payment card fraud network was carried out by the Public Prosecution Office at the Audiencia Nacional and National Police of Spain, and the General Directorate Combating Organized Crime in Bulgaria, with the support of Eurojust and Europol’s European Cybercrime Centre (EC3).

As a result of the cross-border action, 31 suspects were arrested (21 in Spain, 9 in Bulgaria and one in the Czech Republic) and 48 house searches (14 in Spain and 34 in Bulgaria) were carried out. The suspects were in possession of equipment used to forge payment cards, payment card data readers-recorders, skimmers, micro cameras, devices to manipulate ATMs, as well as cash and numerous counterfeit cards.

Between 2014 and 2017, the criminal network installed skimming devices on an average of 400 ATMs every year, to copy and clone the data contained on the bank cards. The forged cards were then used to make illegal transactions in 200 ATMs outside the European Union, mainly in the USA, the Dominican Republic, Malaysia, Indonesia, Vietnam, Peru, the Philippines and Costa Rica. Approximately 3,000 EU citizens were affected by the criminal network, with losses of at least EUR 500,000.

For more information visit Europol’s website.

42nd EAST Meeting hosted by EC3 at Europol

EAST National Members - badgeThe 42nd Meeting of EAST National Members was hosted by the European Cybercrime Centre (EC3) at Europol on 7th June 2017.  National country crime updates were provided by 26 countries, and a global update by HSBC.

EAST Fraud Update 2-2017 will be produced later this month, based on the updates provided at the meeting.  EAST Fraud Updates are available on the EAST Website to EAST Members.

The 42nd EAST Meeting was the final meeting of EAST as the ‘European ATM Security Team’.  As announced by EAST Executive Director Lachlan Gunn, at the EAST FCS Forum on 8th June 2017, EAST has now changed to become the ‘European Association for Secure Transactions’.

EAST changes name




EAST is changing its name to the European Association for Secure Transactions (EAST).  The announcement was made by EAST Executive Director Lachlan Gunn at the EAST Financial Crime and Security (FCS) Forum in The Hague.  The name change is in line with a new strategic direction for EAST.

EASTEAST was formed in 2004 to focus on ATM security when card skimming was a rising issue in Europe.  Since then there have been significant changes in the payment landscape, which continues to evolve at great speed.  EAST will continue to report on ATM crime issues as part of a wider reporting structure, which will be broadly split into Terminal Security and Payment Security.  The core strength of EAST is the National Member platform, backed up by interaction with Associate Members, and this change will enable EAST to keep serving all its members as their needs change.

The EAST Expert Group on All Terminal Fraud (EGAF) will continue to focus on fraud at all terminal types, and the EAST Payments Task Force (EPTF) is focussed on the security of payments and transactions.  The EAST Expert Group on ATM and ATS Physical Attacks (EGAP) will continue to be mainly ATM focussed, to help counter the growing threat of solid explosive and explosive gas attacks.

EAST has national representation from the following 26 European countries:  Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Liechtenstein, Luxembourg, Netherlands, Norway, Malta, Poland, Portugal, Romania, Slovakia, Spain, Sweden, Switzerland, United Kingdom.  EAST is still seeking national representative members from:  Estonia, Iceland, Latvia, Lithuania and Slovenia.

Brazil, Canada, Indonesia, Mexico, Russia, Serbia, South Africa, Turkey, Ukraine and the United States are represented at EAST as non-SEPA members and EAST is seeking to establish links with parties in any country, able to share national incident and loss statistics for terminal related fraud and physical attacks.  For more information contact us.

Countering ATM Black Box attacks

black boxBlack box attacks on ATMs are a form of logical attack.  To perform these ‘cash-out’ or ‘jackpotting’ attacks the criminals connect an unauthorised device (typically an unknown box or laptop) to an ATM.  This device then sends dispense commands directly to the ATM cash dispenser in order to get it to spit out banknotes.  In order to physically connect such a device the criminals gain access to the ATM’s Top Box by either drilling or melting holes.

The latest statistics published by EAST show that, while the number of black box attacks in Europe is increasing, related losses have fallen when comparing 2016 with 2015.  This drop can be partly attributed to the recent arrests by law enforcement agencies across Europe (in an operation supported by EC3, Europol’s European Cybercrime Centre) and partly to actions taken by the industry to counter such attacks.  The first black box attacks in the Czech Republic took place in August 2016 and three arrests were subsequently made there by the Police.  The industry also took actions to counter such attacks and, at the upcoming EAST Financial Crime & Security Forum (EAST FCS 2017), Petr Ullmann from NCR in the Czech Republic will give an update on the actions taken.

About Petr Ullmann

After graduating in 2007 Petr Ullmann started his career as an IT and network administrator in the automotive industry and went on to work for various Czech companies in IT administration and project management roles.  His key area of expertise was Enterprise Resource Planning (ERP) software – business process management software that allows an organization to use a system of integrated applications to manage the business and automate many back office functions related to technology, services and human resources.

In 2011 he joined NCR Česká republika, initially working as a member of a team working on a project for Tesco Plc in Central Europe.  Since then he has worked on several specific projects for NCR customers (banks and financial institutions) including the migration to Windows 7 and implementation of McAfee ePO.

Who Is Attending?

Over 150 delegates will attend EAST FCS 2017 from ATM networks, banks, law enforcement, vendors, and EAST national and associate members.

Book soon to ensure you don’t miss this great opportunity to attend what has been described as an “excellent event for helping to make a difference in the area of financial crime prevention”.

There are some sponsorship slots still available so, if you are in the business of ATM crime and fraud prevention and wish to showcase your brand to a key audience, contact us.

27 arrested in connection with ATM Black Box attacks

ATM Black Box attackEuropol has announced that 27 arrests have been made across Europe in connection with ATM Black Box attacks.  This success is due to actions taken by a number of EU Member States and Norway, supported by Europol’s European Cybercrime Centre (EC3) and the Joint Cybercrime Action Taskforce (J-CAT).  The arrests were made in the Czech Republic, Estonia, France, the Netherlands, Romania, Spain and Norway.  Most of the arrests took place in 2016 and 2017 with the most recent in Spain this month.  The criminals involved with ATM Black Box attacks mainly originate from Romania, Moldova, Russia and Ukraine.

Since ATM Black Box attacks first started in Western Europe EAST has produced 19 Black Box related ATM Fraud Alerts from the following countries:  Cyprus, Czech Republic, France, Greece, Ireland, Italy, the Netherlands, Norway, Romania, Russia, Spain, Turkey, Ukraine, the United Kingdom.  These Alerts are available to EAST members and to Law Enforcement.  To date 142 Alerts have been issued. In a recently published European ATM Crime Report covering 2016, EAST reported a 287% increase in ATM Black Box attacks, up from 15 attacks in 2015 to 58 attacks in 2016.  EAST works closely with Europol and other law enforcement agencies to help counter financial crime.

Read the full announcement from Europol here.

An ATM Black Box case study from the Czech Republic will be presented at EAST’s 3rd Global Financial Crime and Security (FCS) Forum on 9th June 2017 following on from a presentation by Group-IB on the Evolution of Logical Attacks on Financial Institutions. Steven Wilson, Head of Europol’s European Cybercrime Centre, will give the Keynote Address.  The event will be held in the Netherlands at the Grand Hotel Amrâth Kurhaus (see below) in Scheveningen, the popular seaside resort which is located in The Hague.  Book soon to ensure you don’t miss this great opportunity to attend what has been described as an “excellent event for helping to make a difference in the area of financial crime prevention”.

Evolution of Logical Attacks on Financial Institutions

logical attacks - black boxLogical attacks on ATMs are on the increase in Europe and in many other parts of the world.  In a report covering 2016 EAST reported 58 black box (or ‘cash out’) attacks in Europe, a rise of 287 percent compared to 2015.  ATM related malware is also a growing problem and, while Europe has been largely unaffected by this, in other parts of the world there have been some significant attacks.  In order to perpetrate such attacks the criminals are looking to get inside the networks of financial institutions and then to start an attack from within.

At the upcoming EAST Financial Crime & Security Forum (EAST FCS 2017) Tim Bobak of Group-IB, an organisation that specialises in preventing and investigating high-tech crimes and online fraud, will talk about global developments in ATM related theft – tactics, techniques and procedures – alongside new trends in attacks on card processing and payment systems.

About Tim Bobak

Tim Bobak moved to Moscow in 2012 from the UK. Before joining Group-IB, the leading source of threat intelligence from the former USSR and Eastern Europe, Tim worked investigating fraud and financial crime in Russian business.  Currently, Tim works with the forensic lab and analyst team at Group-IB to share Russian-speaking cyber threat intelligence worldwide.

Who Is Attending?

Over 150 delegates will attend EAST FCS 2017 from ATM networks, banks, law enforcement, vendors, and EAST national and associate members.

Book soon to ensure you don’t miss this great opportunity to attend what has been described as an “excellent event for helping to make a difference in the area of financial crime prevention”.

There are some sponsor and exhibitor slots still available so, if you are in the business of ATM crime and fraud prevention and wish to take a space alongside a key audience, contact us.

Cyber Attack Threat Mitigation

Cyber AttackThe European Cybercrime Centre, EC3, at Europol is working closely with affected countries cybercrime units and key industry partners to mitigate the threat of cyber attack and assist victims. The recent Wannacry ransomware attack is at an unprecedented level and will require a complex international investigation to identify the culprits. The Joint Cybercrime Action Taskforce (JCAT), at EC3 is a group of specialist international cyber investigators and is specially designed to assist in such investigations and will play an important role in supporting the investigation.

For further information on Ransomware, how to protect your data, devices, what to do when infected with ransomware and access to unlocking tools please visit https://www.nomoreransom.org/, a free online resource developed by Europol, Dutch Police and industry partners.

At the EAST Financial Crime & Security Forum (EAST FCS 2017) that will be held in The Hague next month, Group-IB, an organisation that specialises in preventing and investigating high-tech crimes and online fraud, will present on global developments in ATM related theft – tactics, techniques and procedures – alongside new trends in attacks on card processing and payment systems.

Viewpoint: Has your payment card been compromised and , if so, where?

In a website research poll that ran from January to April 2017 cardholders who had had a payment card compromised were asked if they knew where the compromise took place. 33% of respondents answered ‘during an online transaction’, 14% ‘at an ATM’, 14% ‘at a petrol (gas) station’ ,10% ‘due to a data breach’. and 5% ‘at a merchant terminal’.  24% did not know where the compromise took place. The poll results can be seen in the chart below.


How safe you feel as a cardholder when making a card-based payment transaction is of paramount concern to the industry.  The EAST Payments Task Force (EPTF) is focusing on payment research.

The current website research poll, which closes at the end of August is on ATM fraud and asks what you feel is the biggest fraud risk to the ATM channel over the next few years?  To take it, and to see all past results, visit the ATM Research Page on this website.