EAST Publishes Fraud Update 2-2022

EAST has published its second Fraud Update for 2022.  This is based on country crime updates given by representatives of 19 countries in the Single Euro Payments Area (SEPA), and 6 non-SEPA countries, at the 1st EAST Global Congress held on 16th June 2022.

The following countries supplied full or partial information for this Update:

Armenia, Austria; Belgium; Canada; Finland; France; Germany; Greece; Hungary; Italy; Liechtenstein; Luxembourg; Mexico; Netherlands; Norway; Poland; Romania; Slovakia; South Africa; Spain; Sweden; Switzerland; Turkey; Ukraine; United Kingdom.

FRAUD TYPE

EAST Fraud Update 1

To date in 2022 the EAST Expert Group on All Terminal Fraud (EGAF) has published two related Fraud Alerts.

EAST Fraud Update 2

To date in 2022 the EAST EGAF has published three related Fraud Alerts.

FRAUD ORIGIN

To date in 2022 EAST EGAF has published two related Fraud Alerts.

DUE DILIGENCE

PHYSICAL ATTACKS

To date in 2022 the EAST Expert Group on ATM and ATS Physical Attacks (EGAP) has published two related Physical Attack Alerts.

The full EAST European Fraud Update is available to EAST Members (National, Global and Associate).

Information on the Fraud Definitions and Terminology used by EAST can be found as follows:

FRAUD  DEFINITIONS

FRAUD TERMINOLOGY

TERMINAL FRAUD DEFINITIONS

TERMINOLOGY FOR LOCATIONS OF CDC DEVICES AT ATMS AND OTHER TERMINALS

TERMINAL PHYSICAL ATTACK DEFINITIONS AND TERMINOLOGY

 

National & Global Fraud Intelligence sharing – 1st EAST Global Congress

The 1st EAST Global Congress took place on Thursday 16th June 2022 at Europol’s HQ in the Hague as a hybrid meeting, with some delegates participating online. This was the first in-person meeting of EAST Global and National Members since February 2020.  Six virtual interim meetings were held between that meeting and the Global Congress.

The meeting was chaired by Graham Mott from the LINK Scheme and the key focus was on the sharing of payment and terminal fraud intelligence (global, regional, national).  A special welcome was given to Olesya Danylchenko from the Ukrainian Interbank Payment Systems Member Association (EMA).

Law enforcement overviews were provided by Europol, the Gulf Cooperation Council Police (GCCPOL), and the United States Secret Service (USSS).  An update was provided from Europol’s European Cybercrime Centre (EC3) on various fraud types and an updated version of the document Guidance and Recommendations Regarding Logical Attacks Against ATMs‘  was officially launched.  A presentation from Europol’s Organised Property Crime Unit covered recent Physical ATM attacks across Europe. The USSS update covered recent reports from the FBI’s Internet Crime Complaint Centre (IC3), as well the latest fraud trends seen.

Private sector fraud intelligence updates were received from 25 countries, either directly or via regional/global updates by HSBC and Worldline.  Regional Updates were also provided for ASP, and MENA.  Each update covered Fraud Types, Fraud Origin, Due Diligence and Physical Attacks (ATM, ATS and CIT).  The importance of raising consumer awareness to counter the rising threats related to social engineering remains a key issue.

Updates were also given by the Chairs of the three EAST Expert Groups:

EAST Fraud Update 2-2022 will be produced early next month, based on the country updates provided at the EAST Global Congress.  EAST Fraud, Payment, and Physical Attack Alerts are available on the EAST Intranet to EAST Members.

The 2nd EAST Global Congress, scheduled for 5th October 2022, will also be held as a Hybrid Meeting.

EAST Publishes Fraud Update 1-2022

EAST has published its first Fraud Update for 2022.  This is based on country crime updates given by representatives of 22 countries in the Single Euro Payments Area (SEPA), and 6 non-SEPA countries, at the 6th (virtual) EAST Interim Meeting held on 9th February 2022.

The following countries supplied full or partial information for this Update:

Armenia, Austria; Belgium; Canada; Cyprus; Czech Republic; Finland; France; Germany; Greece; Hungary; Italy; Liechtenstein; Luxembourg; Malta; Mexico; Netherlands; Norway; Poland; Portugal; Romania; Russia; South Africa; Spain; Sweden; Switzerland; Ukraine; United Kingdom.

FRAUD TYPE

EAST Update

EAST Update

To date in 2022 the EAST Expert Group on All Terminal Fraud (EGAF) has published one related Fraud Alert.

FRAUD ORIGIN

DUE DILIGENCE

PHYSICAL ATTACKS

The full European Fraud Update is available to EAST Members (National, Global and Associate).

Information on the Fraud Definitions and Terminology used by EAST can be found as follows:

FRAUD  DEFINITIONS

FRAUD TERMINOLOGY

TERMINAL FRAUD DEFINITIONS

TERMINOLOGY FOR LOCATIONS OF CDC DEVICES AT ATMS AND OTHER TERMINALS

TERMINAL PHYSICAL ATTACK DEFINITIONS AND TERMINOLOGY

National & Global Fraud Intelligence sharing – 6th Interim EAST Meeting

The sixth Interim Meeting of EAST National and Global Members took place on Wednesday 9th February 2022 as a virtual meeting. The meeting was chaired by Thomas Von der Gathen from Payment Services Austria (PSA).  The key focus was on the sharing of global, regional, and national, payment and terminal fraud intelligence.

Law enforcement overviews were provided by Europol, the Gulf Cooperation Council Police (GCCPOL), and the United States Secret Service (USSS).  An update was provided from Europol’s European Cybercrime Centre (EC3) on various fraud types and a presentation from Europol’s Organised Property Crime Unit covered recent Physical ATM attacks across Europe.  The GCCPOL presentation covered payment and fraud issues seen by their 6 member countries focussing on Technological Fraud (crimes committed using different forms/types of machines and technology) and Non-Technological Fraud (conducted directly against the victim). The USSS update covered card fraud and recent man-in-the-middle black box attacks.

Private sector fraud intelligence updates were received from 28 countries, either directly or via regional/global updates by Citi, HSBC and Worldline.  Regional Updates were also provided for ASP, MENA and LATAM. Each update covered Fraud Types, Fraud Origin, Due Diligence and Physical Attacks (ATM, ATS and CIT).  The importance of raising consumer awareness to counter the rising threats related to social engineering remains a key issue, particularly for elderly people.

EAST Fraud Update 1-2022 will be produced early next month, based on the country updates provided at the Interim EAST Meeting.  EAST Fraud, Payment and Physical Attack Alerts are available on the EAST Intranet to EAST Members.

The next meeting of this group, scheduled for 16th June 2022, will hopefully be the 1st EAST Global Congress, which is planned as Hybrid Meeting.  This is dependant on the prevailing travel situation at that time, and the meeting will revert to a virtual Interim Meeting if required.

Dutch ATMs to be shut down overnight to counter ATM explosive attacks

ATM explosive attacksTo counter the high level of ATM explosive attacks (known as ‘Plofkraken’ ) Dutch ATMs will temporarily be shut down at night between 2300 and 0700 hours.  This situation will be reviewed at the end of January. Also any ATMs that are deemed to have a high risk for local residents will be relocated to safer locations.  This will be done in close consultation with local government, police, shopkeepers, building managers and residents,

Geldmaat, the operator of the Dutch banking sector’s joint ATM network, is working with De Nederlandsche Bank and the police to take swift action to implement new measures which will render banknotes worthless in the event of an ATM explosive attack.

“ATM explosive attacks undermine our society,” says Chris Buijink, chairman of The Dutch Banking Association. “We cannot be resigned to an explosion going off every few days in our country, often in the vicinity of homes. I am therefore pleased that, together with Ministers Grapperhaus and Hoekstra and all the public and private institutions involved, we are forming a front against this disruptive form of crime.

The night closure is expected to have limited consequences for the availability of cash. Less than 2 percent of all cash withdrawals at ATMs are made at night. Although this will create difficulties for some people, safety is paramount. Anyone can still withdraw or deposit money at ATMs from 0700 to 2300 hours daily.  More information (in Dutch) can be found here.

This year more than 70 arrests were made related to ATM explosive attacks in the Netherlands. The detection of this crime is centrally coordinated nationally and there is also strong international cooperation with law enforcement agencies and the private sector.  The EAST Expert Group on ATM & ATS Physical Attacks (EGAP) provides a public/private sector platform for such liaison.

 

47th EAST Meeting hosted by SIBS in Lisbon

The 47th Meeting of EAST National Members was hosted by SIBS at the SANA Metropolitan Hotel in Lisbon on 6th February 2019. National country crime updates were provided by 21 countries, and a global update by HSBC.  Topics covered included payment fraud and the evolution of payment technology, ATM malware and logical attacks, terminal related fraud attacks and ATM related physical attacks.

Presentations were also given by the EAST Payments Task Force (EPTF) and the EAST Expert Group on All Terminal Fraud (EGAF).  An update was given by the EAST Expert Group on ATM and ATS Physical Attacks (EGAP).

EAST Fraud Update 1-2019 will be produced in early March, based on the national country crime updates provided at the meeting.  EAST Fraud Updates are available on the EAST Website to EAST Members.

ATM Black Box Attacks continue to rise

ATM black box attacksEAST has just published a European Payment Terminal Crime Report covering the first six months of 2017 which reports that ATM black box attacks took place in eleven countries.

A total of 114 such attacks were reported, up from 28 during the same period in 2016, a 307% increase.  ‘Black Box’ is the connection of an unauthorised device which sends dispense commands directly to the ATM cash dispenser in order to ‘cash-out’ the ATM.  Related losses were up 268%, from €0.41 million to €1.51 million.  EAST Executive Director Lachlan Gunn said, “This sees the continuation of a trend that we first reported in April of this year when we published full year statistics for 2016.  Our Expert Group on All Terminal Fraud (EGAF) is actively monitoring all logical threats against payment terminals and against the wider banking infrastructure.”

Overall payment terminal related fraud attacks rose 10% when compared with H1 2016 (up from 10,820 to 11,934 incidents).  This rise was mainly driven by an 88% increase in transaction reversal fraud (up from 4,840 to 9,081 incidents).  The downward trend for card skimming continues with 1,221 card skimming incidents reported, down 22% from 1,573 in H1 2016.  This is the lowest number of skimming incidents reported since EAST first began gathering data in 2004.

Losses due to payment terminal related fraud attacks were down 29% when compared with the same period in 2016 (down from €174 million to €124 million).  Within these totals international skimming losses fell 32% (down from €142 million to €96 million) and Domestic skimming losses fell 15% (down from €26 million to €22 million).

ATM related physical attacks rose 6% when compared with H1 2016 (up from 1,604 to 1,696 incidents).  Within this total ATM explosive attacks (including explosive gas and solid explosive attacks) were down 2% (down from 492 to 481 incidents).  Losses due to ATM related physical attacks were €12.2 million, a 55% drop from the €27 million reported during the same period in 2016.  Part of this decrease is due to the fact that one major ATM deploying country that used to report this data is currently unable to do so.

The average cash loss per explosive or gas attack is estimated at €14,575, the average cash loss for a robbery is €10,357 per incident and the average cash loss for a ram raid or burglary attack is €9,761.  These figures do not take into account collateral damage to equipment or buildings, which can be significant and often exceeds the value of the cash lost in successful attacks.

A summary of the report statistics under the main headings is in the table below.

ATM Black Box Attacks

The full Crime Report is available to EAST Members (National and Associate)

The Evolution of ATM Explosive Attacks (Gas and Solid Explosive)

ATM Explosive attacksExplosive attacks on ATMs are a rising problem in Europe and in many other parts of the world.  In a report covering the first six months of 2016 EAST reported a total of 492 explosive attacks in Europe, a rise of 80 percent compared to the same period in 2015.  Such attacks do not just present a financial risk due to stolen cash, but also are the cause of significant collateral damage to equipment and buildings.  Of most concern is the fact that lives can also be put in danger, particularly by the usage of solid explosives.  Over the past few years the Netherlands has been particularly hard hit by such attacks.

At the upcoming EAST Financial Crime & Security Forum (EAST FCS 2017) Job Galesloot, Security Officer ING Domestic Banking, will share the Dutch experience and also how neighbouring countries have been impacted.

About Job Galesloot

Job is a specialist in physical crimes against ING Bank branches. His main concerns are explosive gas attacks on ATMs, physical attacks on the bank’s branches and physical or verbal aggression against branch staff.  Since 2015 he is the Physical Security Officer for ING Domestic Banking. Responsible for threat analysis, trend monitoring and development of countermeasures. In 2016 Job chaired the Dutch Banking Association Expert Pool IBNS which tested several IBNS systems. IBNS stands for Intelligent Banknote Neutralisation Systems.

Who Is Attending?

Over 150 delegates will attend from ATM networks, banks, law enforcement, vendors, and EAST national and associate members.

Book soon to ensure you don’t miss this great opportunity to attend what has been described as an “excellent event for helping to make a difference in the area of financial crime prevention”.

There are some sponsor and exhibitor slots still available so, if you are in the business of ATM crime prevention and wish to take a space alongside a key audience, see our Sponsorship Brochure for details.

ATM Explosive Attacks surge in Europe

european-atm-crime-report-h1-2016In a European ATM Crime Report covering the first six months of 2016 EAST has reported that ATM explosive attacks were up 80% when compared to the same period in 2015.

A total of 492 explosive attacks were reported, up from 273 during the same period in 2015.  While the majority were explosive gas attacks, 110 were solid explosive attacks.  EAST Executive Director Lachlan Gunn said, “This rise in explosive attacks is of great concern to the industry in Europe as such attacks create a significant amount of collateral damage to equipment and buildings as well as a risk to life.  The EAST Expert Group on Physical Attacks (EGAP) is working to analyse the attacks and to share intelligence best practice information across the industry and law enforcement that can help to mitigate the threat.”

Overall ATM related physical attacks rose 30% when compared with H1 2015 (up from 1,232 to 1,604 incidents).  Losses due to ATM related physical attacks rose 3% to €27 million (up from €26.3 million in 2015).  The average cash loss for a ram raid or burglary attack is estimated at €17,327, the average cash loss per explosive attack is €16,631 and the average cash loss for a robbery is €20,017.  These figures do not take into account collateral damage to equipment or buildings, which can be significant and often exceeds the value of the cash lost in successful attacks.

EAST also reported a 28% increase in ATM related fraud attacks, up from 8,421 in H1 2015 to 10,820 in H1 2016.  This rise was mainly driven by a 281% increase in Transaction Reversal Fraud (up from 1,270 to 4,840 incidents).  The downward trend for card skimming continues with 1,573 card skimming incidents reported, down 21% from 1,986 in H1 2015.

Losses due to ATM related fraud attacks were up 12% when compared with H1 2015 (up from €156 million to €174 million).  This rise was largely driven by an 8% rise in international skimming losses (up from €131 million to €142 million).  The Asia-Pacific region (particularly Indonesia) and the USA are where the majority of such losses were reported.  Domestic skimming losses rose 24% over the same period.

The number of ATM logical attacks reported continues to rise.  28 incidents were reported (all ‘cash out’ or ‘jackpotting’ attacks), up from just 5 during the same period in 2015.  Related losses were €0.4 million.

A summary of the report statistics under the main headings is in the table below:

h1-2016-crime-report-summary-stats

The full Crime Report is available to EAST Members (National and Associate).

EAST Publishes European Fraud Update 3-2015

EAST - EUROPEAN FRAUD UPDATE 3 - 2015EAST has just published its third European Fraud Update for 2015. This is based on country crime updates given by representatives of 17 countries in the Single Euro Payments Area (SEPA), and 3 non-SEPA countries, at the 37th EAST meeting held in London on 7th October 2015.

Card skimming at ATMs was reported by seventeen countries. One country reported the successful usage of a stereo-skimming device, the first time that this has been reported. Another country reported an unsuccessful attack using an ATM shimming device.

The trend of losses due to skimming occurring outside of EMV* Chip liability shift areas continues. International losses were reported in 53 countries and territories outside of the Single Euro Payments Area (SEPA) and in 10 within SEPA. The top three locations where such losses were reported were the USA, Indonesia and the Philippines.

Skimming attacks on other terminal types were reported by nine countries and one country reported such attacks at payment terminals linked to docking stations for the hire of bicycles.

Eleven countries reported cash trapping attacks and six countries card trapping incidents.

ATM malware and logical security attacks were reported by two countries – one of them reporting malware used for ‘cash-out’ attacks and the other black-box attacks used for the same purpose.

Ram raids and ATM burglary were reported by seven countries and seven countries also reported explosive gas attacks. In one country the average duration of an ATM explosive gas attack is 3-5 minutes.

The full Fraud Update is available to EAST Members (National and Associate) and Subscribers.