News

EAST finds use of ATM card reader internal skimmers on the rise

July 14, 2016

The European ATM Security Team has published its second European Fraud Update for 2016. The update is based on country crime updates provided by representatives of 17 countries in the Single Euro Payments Area, and six non-SEPA countries.

According to an EAST press release about the update, 18 countries reported card skimming at ATMs.

Increasingly, attacks involve the use of card reader internal skimming devices, EAST said. This type of device can be placed at various locations inside the motorized card reader behind the shutter. Five countries reported this type of attack.

The trend of losses due to skimming attacks outside of EMV chip liability shift areas continues. International losses were reported within nine SEPA countries and 52 non-SEPA countries and territories. The top three reported locations for such losses are the United States, Indonesia and Jamaica.

Nine countries reported skimming attacks on other types of terminals and eight countries reported such attacks on unattended payment terminals at filling stations.

Five countries reported ATM malware and logical security attacks; three countries reported the successful use of black box devices, which allow unauthorized cash dispensing.

Ten countries reported ram raids and ATM burglary; eight countries reported explosive gas attacks. Five countries reported the use of solid explosives, a worrisome rising trend.

For the first time, the European Fraud Update includes information on payment fraud, with nine countries reporting related issues. Three countries reported data leaks from hotel booking sites; one country reported contactless card fraud.

EAST members can obtain the full report from the organization's website.