EAST published European Fraud update for 2016 – „one country reported contactless card fraud”

The European ATM Security Team (EAST) has just published its second European Fraud Update for 2016. This is based on country crime updates given by representatives of 17 countries in the Single Euro Payments Area (SEPA), and 6 non-SEPA countries, at the 39th EAST meeting held at Europol in The Hague.

Card skimming at ATMs was reported by eighteen countries. An emerging trend is the usage of M3 – Card Reader Internal Skimming devices. This type of device is placed at various locations inside the motorised card reader behind the shutter. Five countries reported such attacks.

The trend of losses due to skimming occurring outside of EMV# Chip liability shift areas continues.
International losses were reported in 52 countries and territories outside of the Single Euro Payments Area (SEPA) and in 9 within SEPA. The top three locations where such losses were reported are the USA, Indonesia and Jamaica.

Skimming attacks on other terminal types were reported by nine countries and eight countries reported such attacks on unattended payment terminals (UPTs) at petrol stations.

ATM malware and logical security attacks were reported by five countries – three of them reported the successful usage of ‘black-box’ devices to allow the unauthorised dispensing of cash. To help counter such attacks the Europol document ‘Guidance and Recommendations regarding Logical attacks on ATMs’ is now available in three languages: English, German and Spanish.

Ram raids and ATM burglary were reported by ten countries and eight countries reported explosive gas attacks. The use of solid explosives continues to increase and five countries reported such attacks.
For the first time this European Fraud Update also includes information on Payment Fraud, with nine countries reporting related issues. Three of them reported data leakage from hotel booking sites and one country reported contactless card fraud.

Source: www.european-atm-security.eu