CONTINUE TO SITE »
or wait 15 seconds

News

ATM malware, logical attacks see downward trend in Europe

October 10, 2019

ATM malware and logical attacks are on the decline in Europe, according to the latest report by the European Association for Secure Transactions, a non-profit that tracks criminal fraud in the EU financial sector.

In the first six months of 2019, ATM malware and logical attacks against ATMs were down 43% (from 61 to 35 incidences) and all bar one of the reported 'jackpotting' attacks were believed to have been unsuccessful, EAST said in a press release.

Three of those jackpotting attacks were the result of malware while and the remainder were so-called 'black box' attacks, where the perpetrators bore holes into the top of the cash machine to gain access to its internal infrastructure. Related losses were down 100% — from 250,000 ($250 million) to zero — although a small loss of less than 1,000 euro ($1,100) was reported in one case. 

"This fall in logical and malware attacks is very good news and reflects the work that has been put into preventing such attacks by the industry and law enforcement," EAST Executive Director Lachlan Gunn said in the release.

TRF attacks way up, skimming down

Terminal related fraud attacks were up 59% (from 6,760 to 10,723 incidents), the report said. This increase was primarily due to an increase in transaction reversal fraud attacks (up from 2,292 to 5,649 incidents), while card skimming incidents fell to an all time low (down from 985 to 731 incidents). 

In a TRF attack, a fraudster initiates a cash withdrawal and tricks the host into thinking the cash was not taken. The criminal gains access to and removes the cash, yet the ATM perceives that no cash was dispensed and passes a reversal message, and the host typically does not debit the account.

"This downward trend reflects the success of EMV and that measures to counter skimming at terminals, along with geo-blocking, are working well in Europe," EAST said.

Total losses of 124 million euro ($137 million) were reported, up 16% from the 107 million euro ($118 million) reported during the same period in 2018. 

This increase was primarily due to a rise in international losses due to card skimming — up from 87 million euro ($96 million) to 100 million euro ($110 million) — which indicates that EMV implementation is not yet complete globally with resultant risks for European cardholders, according to the report.

Other findings from the report:

  • Losses due to transaction reversal fraud were up 135%, from 1.36 million euro ($1.5 million) to 3.2 million euro ($3.5 million).
  • ATM related physical attacks were up 16% (from 2,046 to 2,376 incidents). 
  • Attacks due to ram raids and ATM burglary were up 3% (from 590 to 610 incidents).
  • ATM explosive attacks (including explosive gas and solid explosive attacks) were up 3% (from 490 to 503 incidents). 
  • Losses due to ATM related physical attacks were 11.4 million euro ($12.6 million), a 25% decrease from the 15.1 million euro ($16.5 million) reported during the same period in 2018.
  • The average cash loss for a robbery is estimated at 15,140 euro ($5,661) per incident, the average cash loss per explosive or gas attack is 10,161 euro ($11,195) and the average cash loss for a ram raid or burglary attack is 9,632 euro ($1,0611). 

These figures do not take into account collateral damage to equipment or buildings, which can be significant and often exceeds the value of the cash lost in successful attacks, EAST said.

The full fraud update is available to EAST members at the association's website.


Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf
Recent Posts


©2025 Networld Media Group, LLC. All rights reserved.
b'S1-NEW'