CONTINUE TO SITE »
or wait 15 seconds

News

EAST publishes 2nd fraud update for 2018

July 12, 2018

The European Association for Secure Transactions has published its second European Fraud Update for 2018. The report is based on in-country crime statistics provided by representatives of 18 nations in the Single Euro Payments Area, and three non-SEPA nations, an EAST press release said.

Following are the compiled statistics:

Payment fraud

  • Fifteen countries reported payment fraud issues.
  • Seven countries reported card-not-present as a key fraud driver.
  • Two countries reported attempted "forced post" fraud, which can occur on some POS terminals with force sale functionality.
  • One country reported a new form of malware on android mobile phones, distributed through a fake application uploaded from third-party Android stores.
  • One country reported cases of SIM swap fraud, in which fraudsters authorize a bank transfer by switching the customer’s mobile phone number over to a new SIM and intercepting the authorization message.

To date in 2018, the EAST payments task force has published five payment alerts covering phishing, malware on mobile phones, fraudulent mobile apps and card-not-present fraud.

ATM malware and logical attacks

  • Nine countries reported these types of attacks.
  • Five of the nine countries reported ATM related malware. In addition to Cutlet Maker, representatives reported a new variant called WinPot, which is used to determine the number of bank notes in an ATM.
  • Six countries reported the use of black box devices to enable unauthorized cash dispensing.

To date in 2018 the EAST Expert Group on All Terminal Fraud has published seven related fraud alerts.

To help counter these threats, Europol, with support from EAST EGAF, has published Guidance and Recommendations regarding Logical attacks on ATMs. The publication — available in English, German, Italian and Spanish — covers risk mitigation, lines of defense and responses to logical attacks.

Card skimming at ATMs

  • Fourteen countries reported card skimming at ATMs.
  • Five countries reported skimming on terminals other than ATMs; in four of the five these attacks involved unattended fuel terminals.
  • Six countries reported M3 card reader internal skimming devices.
  • One country reported the use of M2 throat inlay skimming devices.
  • One country reported the arrest of a Chinese national — a first — in connection with skimming attacks.

To date in 2018, EAST EGAF has published 10 skimming-related fraud alerts. Year to date, 31 countries outside of SEPA and three countries within SEPA have reported monetary losses. The top three locations for such losses remain Indonesia, the United States and India.

Transaction reversal fraud at ATMs

To date in 2018, EAST EGAF has published four related fraud alerts.

Physical attacks on ATMs

  • Eight countries reported ram raids and ATM burglaries.
  • Six countries reported explosive gas attacks.
  • One country reported the first case of an explosive attack on an assisted teller service machine.
  • One country reported its first incidences of explosive gas attacks.
  • Five countries reported solid explosive attacks.

To date in 2018, the EAST expert group on ATM and ATS physical attacks has published five physical attack-related alerts.

The full fraud update is available to EAST members.


Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf
Recent Posts


©2025 Networld Media Group, LLC. All rights reserved.
b'S2-NEW'