|ATM Fraud and Security Digest - September 2009|
|Written by Douglas Russell|
|Tuesday, 13 October 2009 12:00|
Ram Raid Attacks / Theft of ATM / Smash-and-Grab
September saw a number of ram raid attacks around the globe although many were unsuccessful. In the UK, a gang were thwarted by the presence of an ATD (Anti-Theft Device) which successfully prevented the ATM from being removed by a forklift truck. Various incidents across the USA and elsewhere failed due to the chains or straps being used breaking under the strain when ATMs were anchored in place. In cases where ram raid attacks failed, as well as where they succeeded, the collateral damage caused to the premises being attacked was often significant.
Safe Cutting / Safe Breaking / Frontal Attacks / Theft from ATM
The use of fire-fighting tools, including hydraulic tools continued in the USA during September. It is believed the equipment was previously stolen from a fire truck. CCTV images of the attacks demonstrate just how quickly certain ATM security enclosures can be breached using such tools. A blowtorch attack failed in MA (USA) and a suspect was arrested in OH (USA) allegedly using a cutting torch to attack an ATM. Manual tools used in September included axes, crowbars and sledgehammers. In the UK, frontal attacks were detected in September.
Following a previous reduction in ATM explosive attacks in South Africa, the incident rate increased in September. In one incident a supermarket was destroyed during the process of blowing open two ATMs. In Belgium, two suspects blew themselves up while attempting an explosive gas attack against an ATM. Improvised Explosive Devices (IEDs) were used against ATMs in Malaysia.
Transaction Reversal Fraud / Manipulation / Denomination Fraud / Leaving Transaction Live
In China a suspect avoided charges after attempting to return cash taken from an ATM by exploiting and completing a transaction that had been left live.
An alleged Slovakian gang based in the UK obtained an estimated £330,000 after 50 card holders travelled to France and exploited a system anomaly which allowed cash to be withdrawn from ATMs without the UK issuer enforcing a withdrawal limit. Questions over whether any crime was actually committed have been raised.
Vishing / Phishing / Smsishing / Advanced Fee / Funds Transfer Fraud
An unusual twist in funds transfer fraud was reported in the UK in September. The ‘victim' was contacted and advised that a large sum of money had been transferred into her account. If she agreed to transfer most of it to the perpetrators account she could keep a percentage. Officials were alerted and the account frozen to prevent money laundering.
Phishing , Smsishing (smishing) and Vishing attacks in September included the impersonation of utility companies in the USA. More commonly in many geographical areas, victims were informed that their cards had been cancelled to prevent fraud and instructed on how to reactivate their accounts. Two Romanian nationals suspected of involvement in phishing attacks dating back to 2008 were extradited to the USA in September. A third arrest in South Africa was made in September related to an alleged SMS intercept (to obtain one time passwords) and phishing scam.
Card Trapping / Card Theft / Distraction
Lebanese loop card traps were used in the UK and elsewhere in September. The motivation to obtain the genuine card, rather than more commonly skimming the cards data, is likely to be the result of the wide issuance of EMV chip cards in the UK. One suspect in the UK was sentenced to 15 months imprisonment.
Distraction techniques were detected in Malaysia and elsewhere in September. Cards were stolen after the victims were distracted by the perpetrator dropping a sum of cash on the ground. Other distraction thefts included the theft of cash from the cash slot as victims were distracted just before the cash was delivered by the ATM.
ATM Skimming / Skimming
ATM skimming continued to spread globally during September with more incidents being detected and more equipment seized. A Bulgarian national was sentenced to four and a half years detention in the USA following a guilty plea to charges of conspiracy, access device fraud and aggravated identity theft. In the UK, two Romanian nationals pleaded guilty and were sentenced to two years imprisonment to be followed by deportation. Police in Kosovo arrested two Bulgarian nationals suspected of using ATM skimming equipment and cameras to compromise cards and PINs.
The European Network and Information Security Agency (ENISA) published statistics in September estimating that thefts from ATMs in Europe increased 150% last year to reach 500 million Euros. The most common ATM fraud techniques included card cloning and card theft. Physical attacks increased by a third and included the use of ram raids, rotary saws, thermal lances and diamond drills.
The above digest is provided by DFR Risk Management, who provide consultancy services advising ATM and self-service terminal deployers and manufacturers, as well as law-enforcement agencies, on how to manage ATM and self-service terminal fraud and security threats.
ATMsecurity.com is focused on ATM Fraud and ATM Security related issues, providing insight, intelligence and information via ATM security news, the ATM security knowledge centre, ATM monthly digest and ATM security articles.