ATM / POS Fraud , Fraud Management & Cybercrime

ATM Attacks: Terminal Fraud Dives in Europe During Pandemic

Malware Attacks and Losses Due to Explosives Increased, While Skimming Plummeted
ATM Attacks: Terminal Fraud Dives in Europe During Pandemic
Aftermath of a black box attack against an ATM (Photo: Europol EC3)

Criminals continue to target ATMs with black boxes to run cash-out attacks and use explosives to get cash out of machines. But during the pandemic, most other types of attacks used to target ATMs, payment terminals and point-of-sale devices sharply declined, the European Association for Secure Transactions, also known as EAST, says in a new report.

See Also: The 10 Essential Capabilities of a Best-of-Breed SOAR

Whether such fraud trends will continue is uncertain, give that "2020 was a highly unusual year due to the COVID-19 pandemic, and crime and fraud patterns changed accordingly," says Lachlan Gunn, executive director of EAST. "Despite national lockdowns and border closures, mobile organized crime groups continued to operate across Europe."

The report from EAST is based on full-year 2020 information shared by 21 Western European nations, including the five most populous - Germany, the U.K., France, Italy and Spain. The 21 nations collectively count about 335,000 ATMs, 223,000 unattended payment terminals and 14.5 million point-of-sale terminals.

When comparing 2020 to the prior year, EAST found:

  • Card skimming fell to an all-time low;
  • Transaction reversal fraud decreased by 97%;
  • Ram raids and ATM burglary decreased by 33%;
  • ATM explosive attacks decreased by 6%, although annual losses due to such attacks increased from $12.6 million to $17.6 million;
  • Malware and logical attack losses increased by 14%.

The report breaks down payment terminal crime into three categories: terminal-related fraud attacks, malware and logical attacks, and physical attacks.

Terminal-Related Fraud Attacks

The category of terminal-related fraud attacks includes card skimming, card trapping, ATM cash trapping and transaction reversal fraud. Compared to the previous year, in 2020, the total number of such attacks in Europe declined by 64% - from 18,217 to 6,523 incidents - although total reported losses declined by only 12%, from $300 million to $262 million.

ATM skimming attacks, in which thieves use a small device to copy card data, sometimes backed by a camera to record PIN codes, have been declining for the past decade as a result of wider use of the EMV smart payment card standard. "Since 2011, there has been a continuing shift away from high-tech skimming attacks to lower-tech card and cash trapping attacks, as well as to transaction reversal fraud," EAST says.

This chart shows the shift in high-tech and low-tech attacks against European ATMs since they became EMV-compliant. (Source: EAST)

Transaction reversal fraud means "the unauthorized, physical manipulation of an ATM cash withdrawal which makes it appear to the ATM system that cash has not been dispensed despite the criminal gaining access to and taking the cash," EAST says. "This causes a reversal message to be generated and sent to the card-issuing organization, ultimately resulting in a free cash withdrawal. Criminals will typically use prepaid cards, or stolen or skimmed cards, making it difficult to detect the identity of the perpetrator."

But such attacks in Europe declined markedly from 2019 to 2020 - from 9,054 incidents to just 250.

Malware and Logical Attacks

All malware and logical attacks seen in 2020 involved the use of black boxes, which EAST describes as "the connection of an unauthorized device which sends dispense commands directly to the ATM cash dispenser in order to 'cash-out' or 'jackpot' the ATM."

Overview of all ATM malware and logical attack incidents and losses reported on a six-monthly basis since 2014 (Source: EAST)

Total black box losses in Europe increased from $1.3 million in 2019 to $1.5 million in 2020. But "most such attacks remain unsuccessful," EAST says (see: 'Black Box' and Physical Attacks Against ATMs Surge).

Physical Attacks

The number of physical attacks against European ATMs decreased from 4,571 in 2019 to 3,722 in 2020 - a 19% decline - although reported losses remained steady at $26.5 million.

"While it is good news to see such a significant fall in terminal fraud attacks, there is concern that explosive attacks at ATMs have only fallen by 6% and that related losses are up by 39%," EAST's Gunn says. "The average cash loss for a solid explosive attack is estimated at 28,218 euros ($33,938), and collateral damage to equipment and buildings can be significant. There are also major safety issues."


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.