In a European ATM Crime Report covering the full year 2014 EAST has reported that ATM related fraud incidents fell 26% when compared to 2013, although related losses were up 13%.
EAST reported a 26% decrease in ATM related fraud attacks, down from 21,346 in 2013 to 15,702 in 2014. This fall was mainly driven by a 95% reduction in Transaction Reversal Fraud (TRF) attacks and a 31% reduction in cash trapping attacks. 5,631 card skimming incidents were reported, down 3% from 5,822 in 2013. Card trapping incidents fell 2% over the same period (down from 5,394 to 5,298). Trapped cards can be used in the EMV environment (if the PIN has also been compromised).
Losses due to ATM related fraud attacks were up 13% when compared with 2013 (up from €248 million to €280 million). This rise was largely driven by an 18% rise in international skimming losses (up from €201 million to €238 million). The USA and the Asia-Pacific region are where the majority of such losses were reported. Domestic skimming losses fell 9% over the same period.
EAST Executive Director Lachlan Gunn said, “The rise in international skimming losses is not being seen in European countries where regional card blocking, often known as geo-blocking, has been widely implemented. Keeping an active magnetic stripe on a European EMV card continues to make that card vulnerable to card skimming and geo-blocking significantly reduces the risk of successful compromise.”
ATM related physical attacks fell 6% when compared with 2013 (down from 2,102 to 1,980 incidents). This is partly explained by an 11% decrease in reported solid explosive and explosive gas attacks. 619 such attacks were reported, down from 696 in 2013. Nine countries reported such attacks, five of them countries with more than 40,000 ATMs installed.
Losses due to ATM related physical attacks rose 17% to €27 million (up from €23 million in 2013). The average cash loss for ram raids/ATM burglary was €25,640 per incident, up from €11,393 in 2013. While around 40% of such attacks do not result in cash loss, collateral damage to equipment and buildings can be significant.
In 2014 EAST began to collect statistics for ATM Malware after the first incidents were reported in Western Europe. These were ‘cash out’ or ‘jackpotting’ attacks. In 2014 51 such incidents were reported, with related losses of €1.23 million.
A summary of the report statistics under the main headings is in the table below.
The full Crime Report is available to EAST Members (National and Associate) and Subscribers.