Explosive Attacks

South Africa reported continuing ATM bombing attacks. In Germany, a bank was almost completely destroyed when the attackers used an excessive quantity of explosives in a failed attack.

Leaving Transaction Live Fraud

The USA reported leaving transaction live fraud which primarily exploits ATMs with Dip or Swipe card readers.

Card Trapping / Card Theft / Distraction / Card Swapping

Throughout May, the UK continued to report card trapping incidents. Card trapping was also reported in the USA. In Canada, distraction techniques included the spraying of victims with faeces to facilitate pick-pocketing of cash from victims who had recently used ATMs.

ATM Skimming / Skimming / EFTPOS Compromise

The UK, Australia, Macedonia, India, Switzerland, China, Thailand, USA, Canada, Finland and South Africa were among the countries reporting ATM skimming attacks. Endorsing the benefits of consumer education, a number of ATM skimming devices were spotted by consumers before they became victims. The Central Bank of Nigeria (CBN) articulated the liability conditions covering ATM fraud in the country. Examples of law enforcement activity that demonstrates the international aspects of ATM skimming included Romanian authorities shutting down a large scale ATM skimming factory and seizing ATM skimming devices and other evidence. In the USA, the FBI closed down two Bulgarian organized crime groups linked to ATM skimming. In Thailand, arrests included that of Malaysian nationals.

Phishing / Vishing / Advanced Fee / Funds Transfer Fraud

Phishing attacks in India included funds transfer fraud which went undetected for some time as the attacker deactivated the SMS / Text alert service that the victim had set up on his on-line bank account. The Phishing e-mail was traced to Nigeria, but the funds were transferred into local Indian accounts which were subsequently seized by the authorities. The USA continued to report a large number of vishing attacks with the common theme of encouraging the victims to reactivate cards. In Uganda, a Kenyan national was arrested following fraudulent spend and funds transfer fraud.

Ram Raid Attacks / Theft of ATM / Smash-and-Grab

Ram raids in the UK and the USA involved a range of vehicles including mechanical diggers, forklift trucks and vans. In one UK incident which failed, the perpetrators deployed homemade Stingers (nail spiked pipes) to delay a police response. In India, failed attempts included an incident where a guard prevented the manual removal of an ATM. Also in India, a separate attack succeeded while the guards were apparently asleep. In the USA, one suspect was partially crushed as the ATM he was stealing fell on top of him (it was not reported whether he subsequently attempted to submit a claim for personal injury).

Safe Cutting / Safe Breaking / Theft from ATM

In a failed theft incident in the USA during May, the perpetrator was able to relatively easily break through a banks brick wall but was unable to break open the ATM security enclosure. In India, thefts from ATMs included an internal theft which exploited a failure to follow dual control procedures. Successful thefts in the USA included incidents of CCTV and alarm sabotage. Oxyacetylene torches were a common type of cutting tool used in May.

Quick Search Strings:

Theft of ATMs >                                         Failed Theft of ATMs >

Theft From ATMs >                                   ATM Skimming >

Card Trapping >                                         Leaving Transaction Live >

Advertising Opportunities

If your company supplies products, services and solutions relevant to ATM fraud and security, and you would like to explore the various advertising and marketing opportunities with ATMsecurity.com, please use the 'contact us form' to request further details:

Contact Us >

The above digest is provided by DFR Risk Management, who provide consultancy services advising ATM and self-service terminal deployers and manufacturers, as well as law-enforcement agencies, on how to manage ATM and self-service terminal fraud and security threats.

Contact us: contact@dfrRiskManagement.com

www.dfrRiskManagement.com