EAST EGAF holds 28th Meeting in Amsterdam

28th EGAF Meeting

The 28th Meeting of the EAST Expert Group on All Terminal Fraud (EGAF) took place on Wednesday 18th January 2023 hosted by Group-IB in Amsterdam.  The hybrid meeting was chaired by Otto de Jong from ING Bank.

It was attended by 26 key representatives from Terminal Deployers, Terminal Vendors, Networks, Card Schemes, Security Equipment and Software Vendors, Law Enforcement and Forensic Analysts. 13 people were in the room and there were 13 virtual participants.

Experts from the following organisations contributed to the meeting: Atruvia AG, Bits A/S, BKA, BNP Paribas, Cennox, Damage Control, Diebold Nixdorf, Dutch Banking Association, Europol, Gendarmerie Nationale (IRCGN), GMV, Group-IB, ING Bank, KAL, LINK Scheme, Mastercard, NatWest Group, NCR, Payment Services Austria (PSA), Polish Banking Association (ZBP), TietoEVRY, and Visa.

EAST EGAF, which meets three times a year in advance of each of the meetings of EAST National and Global Members, enables in-depth and technical discussion to take place on Logical and Malware attacks, Card Data Compromise and other issues relating to terminal fraud.

Discussion at the meeting focussed on the follow up to three EAST Fraud Alerts relating to Active Shimmer (Wedge) / Relay attacks, to contactless fraud, and to prevention measures relating to black box attacks.

EAST EGAF generates EAST Fraud Alerts for all EAST Members (National, Global and Associate). In total 276 Fraud Alerts have been issued as can be seen in the table below.


EAST publishes European Fraud Update 2-2016

EAST - EUROPEAN FRAUD UPDATE 2 - 2016EAST has just published its second European Fraud Update for 2016. This is based on country crime updates given by representatives of 17 countries in the Single Euro Payments Area (SEPA), and 6 non-SEPA countries, at the 39th EAST meeting held at Europol in The Hague on 8th June 2016.

Card skimming at ATMs was reported by eighteen countries.  An emerging trend is the usage of M3 – Card Reader Internal Skimming devices.  This type of device is placed at various locations inside the motorised card reader behind the shutter.  Five countries reported such attacks.

The trend of losses due to skimming occurring outside of EMV Chip liability shift areas continues.  International losses were reported in 52 countries and territories outside of the Single Euro Payments Area (SEPA) and in 9 within SEPA.  The top three locations where such losses were reported are the USA, Indonesia and Jamaica.

Skimming attacks on other terminal types were reported by nine countries and eight countries reported such attacks on unattended payment terminals (UPTs) at petrol stations.

ATM malware and logical security attacks were reported by five countries – three of them reported the successful usage of ‘black-box’ devices to allow the unauthorised dispensing of cash.  To help counter such attacks the Europol document ‘Guidance and Recommendations regarding Logical attacks on ATMs’ is now available in three languages: English, German and Spanish.

Ram raids and ATM burglary were reported by ten countries and eight countries reported explosive gas attacks.  The use of solid explosives continues to increase and five countries reported such attacks.

For the first time this European Fraud Update also includes information on Payment Fraud, with nine countries reporting related issues.  Three of them reported data leakage from hotel booking sites and one country reported contactless card fraud.

The full Fraud Update is available to EAST Members (National and Associate) and Subscribers.