Transaction reversal fraud soars as ATM fraudsters go low-tech

By : Owen Wild

December 30, 2015 02:00 PM

In security, it is a never ending story of measure and counter-measure.


The latest developments indicate that as banks and other deployers invest in more advanced ATM security, criminals are reverting to low-tech attack vectors. On the one hand, this is promising as it shows that fraudsters are coming up against tougher security measures, but a rise in losses from ATM fraud is worrying.


EAST - The European ATM Security Team - reported that ATM fraud incidents were up 15 per cent in the first six months of 2015 when compared to the same period a year before.


The incidents were focused in just two key fraud approaches. There was an 18 percent rise in card trapping attacks, from 2,579 to 3,043 incidents. But above all, it was the 985 percent increase in Transaction Reversal Fraud (TRF) attacks that was most noticeable.


TRF cases were up from 117 in the first half of 2014 to 1,270 in the same period this year. TRF involves the creation of an error that makes it appear as though the cash had not been dispensed. The account is re-credited the amount ‘withdrawn’ but the criminal pockets the money. It could be a physical grab (similar to cash trapping) or a corruption of the transaction message.


In better news, the number of skimming incidents fell by nearly a fifth (18 percent), although skimming remains a big factor in terms of losses.


EAST said overall losses were up 18 percent versus last year, from €132 million to €156 million. Here, skimming was largely to blame as international skimming losses were up from €111 million to €131 million.


Asia-Pacific and the USA were the worst areas for international skimming losses - a fact that ought to change as EMV is widely adopted.


EAST Executive Director Lachlan Gunn said, "International skimming losses have risen for the past four reporting periods and EAST is working closely with Europol to raise awareness of this issue in Asia-Pacific and the Americas.”


Perhaps the most interesting statistic from the report is the relative lack of malware attacks.  EAST said there were just five ATM malware incidents, so-called ‘cash out’ or ‘jackpotting’ attacks, with losses of €0.14 million.


ATM fraud patterns change and while certain attack approaches may be favored by criminals one month it can shift quickly. Moreover, just because one area is particularly common - say TRF - it does not mean that it is the most pressing risk in terms of losses. Deployers need to be braced for a full range of ATM security threats.


Owen Wild

Security Marketing Director

Other articles by this author

Owen Wild is responsible for marketing strategies for the NCR Security Solutions within NCR’s Financial Solution Portfolio. Over the past 15 years, Owen has held several sales and marketing positions with leading travel and tech cos.