EAST Publishes Fraud Update 3-2021

EAST has just published its third Fraud Update for 2021. This is based on country crime updates given by representatives of 22 countries in the Single Euro Payments Area (SEPA), and 6 non-SEPA countries, at the 5th (virtual) EAST Interim Meeting held on 6th October 2021.

The following countries supplied full or partial information for this Update:

Armenia; Austria; Belgium; Canada; Cyprus; Finland; France; Germany; Greece; Hungary; Italy; Liechtenstein; Luxembourg; Malta; Mexico; Netherlands; Norway; Poland; Portugal; Romania; Russia; Slovakia; South Africa; Spain; Sweden; Switzerland; Ukraine; United Kingdom.

FRAUD TYPE

Fraud Update

To date in 2021 the EAST Expert Group on Payment and Transaction Fraud (EPTF) has published two related Payment Alerts and one related Security Alert, and the EAST Expert Group on All Terminal Fraud (EGAF) has published six related Fraud Alerts.

Fraud Update

To date in 2021 EAST EPTF has published one related Payment Alert.

FRAUD ORIGIN

 

To date in 2021 EAST EPTF has published one related Payment Alert and EAST EGAF has published two related Fraud Alerts.

DUE DILIGENCE

PHYSICAL ATTACKS

 

To date in 2021 the EAST Expert Group on ATM and ATS Physical Attacks (EGAP) has published two related Physical Attack Alerts.

The full European Fraud Update is available to EAST Members (National, Global and Associate).

Information on the Fraud Definitions and Terminology used by EAST can be found as follows:

FRAUD  DEFINITIONS

FRAUD TERMINOLOGY

TERMINAL FRAUD DEFINITIONS

TERMINOLOGY FOR LOCATIONS OF CDC DEVICES AT ATMS AND OTHER TERMINALS

TERMINAL PHYSICAL ATTACK DEFINITIONS AND TERMINOLOGY

ATM Explosive Attacks fall in Europe

EAST has published a European Payment Terminal Crime Report covering the first 6 months of 2021 which shows a significant fall in ATM explosive attacks.

While overall ATM related physical attacks were up 2% (from 1,829 to 1,873 incidents), mainly driven by a rise in vandalism, ATM explosive attacks (including explosive gas and solid explosive attacks) were down 52% (from 505 to 241 incidents).  Attacks due to ram raids and ATM burglary were down 42% (from 405 to 234 incidents).  Losses due to ATM related physical attacks were €4.9 million, a 61% decrease from the €12.6 million reported during the same period in 2020.  35% of these losses were due to explosive attacks, which were down 58% from €7.6 million to €3.2 million.

EAST Executive Director Lachlan Gunn said, “The first 6 months of this year have been influenced by the Covid-19 pandemic, although travel restrictions have eased across Europe. This significant fall in explosive attacks at ATMs is welcome news for all of us, given the destructive nature of such attacks and the resultant risks to life and property. However, the prize remains an attractive option for criminals and the average cash loss per successful solid explosive attack is now estimated at €40,877. To address the issue our EGAP expert group has worked closely with Europol and other Law Enforcement Agencies, and all parties remain vigilant to the threat.”

ATM malware and logical attacks against ATMs were down 74% (from 129 to 33) and all but one of the reported attacks were Black Box attacks. A Black Box attack is the connection of an unauthorised device which sends dispense commands directly to the ATM cash dispenser, to ‘cash-out’ or ‘jackpot’ the ATM. Related losses were down 37% from €1.0 to €0.63 million. Most such attacks remain unsuccessful.

Terminal related fraud attacks were down 24% (from 3,631 to 2,775 incidents). Card skimming fell to another all-time low (down from 321 to 279 incidents) and transaction reversal fraud (TRF) at ATMs decreased by 100% (down from 108 to zero incidents). Total losses of €102 million were reported, down 6% from the €109 million reported during the same period in 2020. Most losses remain international issuer losses due to card skimming, which were €86 million.

A summary of the report statistics under the main headings is in the table below.

 

The full Crime Report is available to EAST Members (National, Global and Associate)

ATM Explosive Attack OCG taken down by Police

An organised crime group (OCG) specialised in ATM explosive attacks has been taken down by a coordinated cross-border police operation.  9 suspects were taken into custody after the action by a joint investigation team (JIT) between the Dutch and German authorities.  The 18-month investigation was coordinated by Europol and Eurojust.

The criminals produced step-by-step tutorials on how to blow up ATMs and have been linked to at least 15 ATM attacks in Germany.  The ATMs were blown open using homemade improvised explosive devices (IEDs), posing a serious risk to life.  During one test run by the criminals, one suspect died and another was seriously injured.

Some key facts relating to the investigation are:

  • It was initiated in February 2020 after authorities in Osnabrück, Germany, identified suspicious orders of ATMs from a German company.
  • Special surveillance measures were put in place, which led the investigators to Utrecht, the Netherlands, where a 29 year-old individual and his 24 year-old accomplice were running an illegal training centre for ATM attacks.
  • The pair was ordering different models of ATMs and recording tutorials on how to most effectively blow them up.
  • Links were also established between this criminal organisation and at least 15 ATM attacks in Germany. The total damage, including both the losses and the property damage, is estimated at approximately €2,150,000.

The investigation culminated in a series of police raids on 28 September for which two Europol experts were deployed in the field.  Seven house searches were carried out in the Netherlands in the triangle of Utrecht, Amsterdam and the Hague, resulting in the arrest of three suspects.  These three individuals are currently in custody in the Netherlands and are to be extradited to Germany.

Given the cross-border nature of this case, a Joint Investigation Team (JIT) was set-up in April 2021 between the Dutch and German authorities with the assistance and financing of Eurojust.  Furthermore, the Agency organised the judicial cooperation and supported the execution of European Investigation Orders (EIOs).

In addition, an Operational Taskforce (OTF) was set up between Europol, Germany and the Netherlands to pool investigative resources and expertise.  In the framework of this OTF, 18 operational meetings were held at Europol to prepare for the final phase of the action.

ATM explosive attacks are a growing concern, as they often put innocent lives in danger.  In order to prevent and tackle this type of crime, close cooperation between law enforcement and the ATM industry is paramount.  Europol and the European Crime Prevention Network (EUCPN) have worked on a number of recommendations to prevent physical attacks against ATMs.

The EAST Expert Group on ATM and ATS Physical Attacks (EAST EGAP) is a European specialist expert forum for discussion of ATM,  ATS and CIT related physical attack trends, attack methodologies and counter-measures, threat protection, and for the provision of regularly updated lists of manufacturers of ATM protective devices.

The EAST EGAP meets twice each year to enable in-depth and technical discussion to take place.  The Group held its 16th Meeting on 1 September 2021.  To date it has published 46 Physical Attack Alerts for EAST members, 35 of which relate to ATM Explosive Attacks (22 Explosive Gas and 13 Solid explosive).

EAST EGAP holds 16th Meeting

The 16th Meeting of the EAST Expert Group on ATM and ATS Physical Attacks (EGAP) took place on Wednesday 1st September 2021.  Due to the Covid-19 situation, it was conducted as a virtual meeting and was chaired by Graham Mott of the LINK Scheme.

  • Europol gave a central assessment of the ATM physical attack situation in Europe
  • National Threat Assessments were shared by representatives from 19 countries:
CountryUpdate(s) Given By
AustriaCriminal Intelligence Service
BrazilTecBan
BulgariaNational Police
CroatiaMUP Croatia
Czech RepublicCriminal Police
FranceGendarmerie - OCLDI
GermanyBKA
GreeceHellenic Police
HungaryNational Bureau of Investigation
IrelandAn Garda Siochana
ItalyMIB
LuxembourgService de Police Judiciare
NetherlandsNational Police
PolandNational Police
PortugalPolicia Judiciare
South AfricaSABRIC
SpainGuardia Civil / National Police / Autonomous Police of Catalonia
SwitzerlandFederal Office of Police (FEDPOL)
United KingdomSaferCash / West Midlands Police (ROCU)

Experts from the following organisations also participated in the meeting:  ATM Safe, Barclays, Cyprus Police, Danish National Police, Feerica S.A., Gunnebo, Guarda Nacional Republicana, HSBC, Mactwin Security, Malta Police Force, NatWest Group, National Bureau of Intelligence (HU), National Bureau of Investigation (FI), NCR, Oberthur Cash Protection, Policia de Seguranca Publica,  Scotia Security Group, Spinnaker.

EAST EGAP is a European specialist expert forum for discussion of ATM,  ATS and CIT related physical attack trends, attack methodologies and counter-measures, threat protection, and for the provision of regularly updated lists of manufacturers of ATM protective devices. The latest lists can be downloaded from the ‘Stained Banknotes’ page on this website (bottom of page).

The Group meets twice each year to enable in-depth and technical discussion to take place. The areas covered include:

  • The latest incidents and criminal MOs
  • The collection and distribution of best practice guidelines
  • The evolution of threats and counter-measures
  • Lessons from and on law enforcement

EAST Publishes Fraud Update 2-2021

EAST has just published its second Fraud Update for 2021. This is based on country crime updates given by representatives of 22 countries in the Single Euro Payments Area (SEPA), and 9 non-SEPA countries, at the 4th (virtual) EAST Interim Meeting held on 9th June 2021.

The following countries supplied full or partial information for this Update:

Armenia, Austria; Belgium; Brazil; Canada; Cyprus; Finland; France; Germany; Greece; Hungary; Ireland; Italy; Liechtenstein; Luxembourg; Mexico; Netherlands; Norway; Poland; Portugal; Romania; Russia; Slovakia; South Africa; Spain; Sweden; Switzerland; Turkey; Ukraine; United Arab Emirates; United Kingdom.

FRAUD TYPE

EAST

To date in 2021 the EAST Payments Task Force (EPTF) has published one related Payment Alert and the EAST Expert Group on All Terminal Fraud (EGAF) has published four related Fraud Alerts.

EAST

To date in 2021 the EPTF has published one related Payment Alert.

FRAUD ORIGIN

Social Engineering

Data Compromise

To date in 2021 the EPTF has published one related Payment Alert and EAST EGAF has published two related Fraud Alerts.

DUE DILIGENCE

EAST

PHYSICAL ATTACKS

Ram Raids

Robbery

The full European Fraud Update is available to EAST Members (National, Global and Associate).

Information on the Fraud Definitions and Terminology used by EAST can be found as follows:

FRAUD  DEFINITIONS

FRAUD TERMINOLOGY

TERMINAL FRAUD DEFINITIONS

TERMINOLOGY FOR LOCATIONS OF CDC DEVICES AT ATMS AND OTHER TERMINALS

TERMINAL PHYSICAL ATTACK DEFINITIONS AND TERMINOLOGY

EAST presents at the ATEFI Security Committee 2021

EAST Development Director Rui Carvalho presented at the ATEFI Security Committee on 30th April 2021, a virtual event.  The impact of the Covid-19 pandemic has made it more important than ever for the sharing of threat intelligence to strengthen security strategies in Electronic Payments.  The event focussed on both physical and cyber security.  Rui shared key information and statistics from the latest EAST Payment Terminal Crime Report, as well as insights from the 9th Meeting of the EAST Payments Task Force (EPTF) held on 14th April 2021.  He covered:

  • ATM Malware & Logical Attacks
  • Terminal Related Fraud
  • ATM Physical Attacks
  • Payment Fraud (social engineering, ransomware, e-skimming)

The event was attended by public officials, law enforcement agencies, regulatory entities, representatives of international organisations, Managers and Network Security Officials, ATEFI Members from the entire LATAM region and Spain, as well as bank officials, representatives of the Latin American Bank Associations, Credit and Debit Card executives, and specialised media.

ATEFI is the Latin American Association of Operators Electronic Funds Transfer and Information Services and represents 20 ATM networks in 14 countries throughout Latin America.

In May 2016 EAST and ATEFI joined forces in order to further strengthen cross border cooperation in combating all types of payment crime including payment card fraud, hi-tech crime and ATM cyber and physical attacks.

Terminal fraud attacks in Europe drop during the Covid-19 pandemic

Terminal fraud attacks in Europe drop during the Covid-19 pandemicEAST has published a European Payment Terminal Crime Report covering 2020 which shows that terminal related fraud attacks have dropped significantly during the Covid-19 pandemic.

Terminal related fraud attacks were down 64% (from 18,217 to 6,523 incidents). Card skimming fell to another all-time low (down from 1,496 to 656 incidents) and transaction reversal fraud (TRF) at ATMs decreased by 97% (down from 9,054 to just 250 incidents). Total losses of €218 million were reported, down 14% from the €249 million reported during 2019. Most losses remain international issuer losses due to card skimming, which were €183 million.

EAST Executive Director Lachlan Gunn said, “2020 was a highly unusual year due to the Covid-19 pandemic, and crime and fraud patterns changed accordingly.  While it is good news to see such a significant fall in terminal fraud attacks, there is concern that explosive attacks at ATMs have only fallen by 6%, and that related losses are up by 39%.  The average cash loss for a solid explosive attack is estimated at €28,218, and collateral damage to equipment and buildings can be significant.  There are also major safety issues.  Despite national lockdowns and border closures, mobile organised crime groups continued to operate across Europe.

ATM related physical attacks were down 19% (from 4,571 to 3,722 incidents).  Attacks due to ram raids and ATM burglary were down 33% (from 1,122 to 749 incidents).  ATM explosive attacks (including explosive gas and solid explosive attacks) were down 6% (from 977 to 923 incidents).  Losses due to ATM related physical attacks were €22.4 million, a 1% increase from the €22.1 million reported during 2019.  47% of these losses were due to explosive attacks, which were up 39% from €10.49 to €14.59 million.

ATM malware and logical attacks against ATMs were up 44% (from 35 to 129) and all the reported attacks were Black Box attacks.  A Black Box attack is the connection of an unauthorised device which sends dispense commands directly to the ATM cash dispenser, in order to ‘cash-out’ or ‘jackpot’ the ATM.  Related losses were up 14% from €1.09 to €1.24 million.  Most such attacks remain unsuccessful.

A summary of the report statistics under the main headings is in the table below.

The full Crime Report is available to EAST Members (National, Global and Associate)

EAST EGAP holds 15th Meeting

The 15th Meeting of the EAST Expert Group on ATM and ATS Physical Attacks (EGAP) took place on Wednesday 3rd March 2021.  Due to the Covid-19 situation, it was conducted as a virtual meeting and was chaired by Graham Mott of  the LINK Scheme.

The meeting was attended by 54 key representatives from Law Enforcement, Terminal Deployers, ATM Networks and Security Equipment Vendors.

  • Europol gave a central assessment of the ATM physical attack situation in Europe.
  • The ECB gave an update on the latest bank notes in circulation, cash usage statistics, and Intelligent Banknote Neutralisation Systems (IBNS) used in the Euro area.
  • National Threat Assessments were shared by representatives from 17 countries:
CountryUpdate(s) Given By
AustriaCriminal Intelligence Service
BrazilTecBan
FinlandAutomatia / National Bureau of Investigation
FranceGendarmerie - OCLDI
GermanyBKA
GreeceHellenic Police
HungaryNational Bureau of Investigation
IrelandAn Garda Siochana
ItalyMIB
LuxembourgService de Police Judiciare
NetherlandsNational Police
PolandNational Police HQ
PortugalPolicia Judiciare / Policia de Seguranca Publica
RomaniaRomanian Police - CID
SpainGuardia Civil / Autonomous Police of Catalonia
SwitzerlandFederal Office of Police (FEDPOL)
United KingdomSaferCash / West Midlands Police (ROCU)

Experts from the following organisations also particpated in the meeting:  ATM Safe, Barclays, Cennox, Diebold Nixdorf, Feerica S.A., Gunnebo, HSBC, Malta Police Force, NCR, Oberthur Cash Protection, Payment Services Austria (PSA), Petersen-Bach A/S, Professional Witnesses Group,  Spinnaker, Swedish Police, TMD Security.

EAST EGAP is a European specialist expert forum for discussion of ATM,  ATS and CIT related physical attack trends, attack methodologies and counter-measures, threat protection, and for the provision of regularly updated lists of manufacturers of ATM protective devices. The latest lists can be downloaded from the ‘Stained Banknotes’ page on this website (bottom of page).

The Group meets twice each year to enable in-depth and technical discussion to take place. The areas covered include:

  • The latest incidents and criminal MOs
  • The collection and distribution of best practice guidelines
  • The evolution of threats and counter-measures
  • Lessons from and on law enforcement

Preventing Physical ATM Attacks – advice in all EU Languages

physical ATM attacksTo counter the increase in physical ATM attacks in Europe, affecting an increasing number of European countries, the European Crime Prevention Network (EUCPN) and Europol organised a conference (January 2019) bringing together law enforcement and public and private partners to look at the prevention of this crime. EAST was represented at the event by Executive Director Lachlan Gunn.  The output was a recommendation paper summarising the conclusions of the conference and aimed at raising authorities’ awareness of physical ATM attacks and preventive measures.

This recommendation paper has now been translated into all the EU languages and is available for download from the EUCPN website.

In the most recent European Payment Terminal Crime Report published by EAST on 13 October 2020, and covering the first 6 months of this year, ATM explosive attacks (including explosive gas and solid explosive attacks) were up 0.4% (from 503 to 505 incidents). Losses due to physical ATM attacks were €12.6 million, an 11% increase from the €11.4 million reported during the same period in 2019. This increase was driven by a rise in losses due to explosive and gas attacks, which were up 49% from €5.1 million to €7.6 million.

Black Box attacks increase across Europe

Black BoxEAST has just published a European Payment Terminal Crime Report covering the first six months of 2020 which reports a sharp increase in Black Box attacks on European ATMs.

ATM malware and logical attacks against ATMs were up 269% (from 35 to 129) and all the reported attacks were Black Box attacks. A Black Box attack is the connection of an unauthorised device which sends dispense commands directly to the ATM cash dispenser, in order to ‘cash-out’ or ‘jackpot’ the ATM. Related losses were up from less than €1,000, to just over €1 million.

EAST Executive Director Lachlan Gunn said, “Overall crime at terminals has decreased during the lockdown phase of the pandemic. While this rise in Black Box attacks is of concern, most such attacks remain unsuccessful. Our Expert Group on All Terminal Fraud (EGAF) is focussed on addressing this issue, with close cooperation between industry partners and law enforcement. In January 2019 EGAF worked with Europol to update a document, published by Europol, entitled ‘Guidance & recommendations regarding logical attacks on ATMs’. This is currently available in English, French, German, Russian, Spanish and Turkish”.

Terminal related fraud attacks were down 66% (from 10,723 to 3,631 incidents). Card skimming fell to another all-time low (down from 731 to 321 incidents) and transaction reversal fraud (TRF) at ATMs decreased by 97% (down from 3,405 to just 108 incidents). Total losses of €109 million were reported, down 12% from the €124 million reported during the same period in 2019.

ATM related physical attacks were down 23% (from 2,376 to 1,829 incidents). Attacks due to ram raids and ATM burglary were down 34% (from 610 to 405 incidents) and ATM explosive attacks (including explosive gas and solid explosive attacks) were up 0.4% (from 503 to 505 incidents). Losses due to ATM related physical attacks were €12.6 million, an 11% increase from the €11.4 million reported during the same period in 2019. This increase was driven by a rise in losses due to explosive and gas attacks, which were up 49% from €5.1 million to €7.6 million.

A summary of the report statistics under the main headings is in the table below.

The full Crime Report is available to EAST Members (National, Global and Associate)