ATM fraud & security consultancy and training services. DFR Risk Management, ATM security specialist consultancy services

Who's Online

We have 212 guests online
Home DFR Observations & Comment Monthly Digest - Jan 2009 Monthly Digest - Jan 2009 E-mail
Written by Douglas Russell   
Friday, 13 February 2009 16:36

Data Compromise

Incidents of US based card processors being targeted attracted attention throughout January 2009.

Reports emerged in January about a serious data compromise which occurred during 2008 targeting Heartland Payments Systems. Speculation suggested the magnitude of the compromise could be greater than the 2007 attack against TJX. Further details emerged that while card data was compromised the corresponding PINs were not.

January 2009 also saw details emerging following the announcement by RBS WorldPay on December 23rd 2008 that the processor had been compromised in the later-half of 2008. In what may turn out to be one of the most co-ordinated attacks against ATM systems in recent times, PINs were compromised along with the card data.

While it may be too early to prove the relationship between the global economic slowdown and ATM crime, ATM skimming activity certainly appears to be growing globally as we enter 2009.

In New Zealand, police arrested two Romanian nationals suspected of being involved in ATM skimming between January 20th and 21st.

Australian police recovered an ATM skimming device following a report from an alert consumer who had experienced difficulty inserting their card into the ATM card reader.

A South African victim discovered R18,500 had been illegally taken from their account following an incident at an ATM. While the victim was attempting to use an ATM he experienced difficulty and a ‘helpful-stranger’ dressed like an employee of the bank offered assistance. From the victim’s statement, it appears the fake bank employee gained temporary access to the card and skimmed the data before returning the card to the victim. Shoulder surfing is suspected of being used to obtain the PIN.

Two petrol (gas) stations are under suspicion following at least 1000 incidents of card and PIN compromise in the UK during January. Fraudulent spend has been identified in Canada, India and Ghana.

In the US, an ATM skimming suspect was arrested following a report from a member of the public who became suspicious after using a drive-up ATM. One of the two ATMs at the location was apparently out-of-order and the consumer noticed that after driving away from the working machine that a male suspect walked up to the ATM he had just used.

Life assistance company CPP released statistics following a study of fraud in the UK. According to their figures, 25% of the British population were victims of card fraud in the last year. The average loss per incident was £650 and 5% of victims experienced losses of more than £2000.

Reports from Germany estimate that skimming attempts increased 70% during 2008.

Police in Finland, which has typically experienced a very low number of ATM skimming attacks, have raised concerns that with the adoption of the Single European Payments Act (SEPA) and the requirement for all cards to work throughout the zone, it will lead to an influx of ATM skimming attacks from neighbouring countries.

Authorities in the UAE have made calls for the banks in the region to adopt Chip and PIN technology.

Vishing / Phishing / Funds Transfer Fraud

Multiple incidents of vishing and phishing occurred in the US during January. Automatic dialling devices were used to target all telephone numbers within a certain telephone exchange, including the local police station. SMS text messages were also used to trick consumers into supposedly reactivating their card by supplying card and PIN details.

In Nigeria, more traditional phishing e-mails encouraged the receiver to register on-line for an enhanced security plan.

South Korea and Malaysia experienced a combination of vishing and funds transfer fraud where recipients were tricked into providing card and PIN information in addition to transferring cash to an account controlled by the perpetrator.

Insider Theft

An ex-employee of an ATM supplier in the US was identified from CCTV images following a break-in to an ATM located in a convenience store.

Police in India are trying to establish whether a CCTV camera was deliberately sabotaged prior to the theft of cash from an ATM. The suspect is reported to have been employed by a security company responsible for replenishing the ATM with cash.

Household domestic-staff were charged with using their employer’s ATM card to withdraw cash in Qatar during January. The suspects admitted making a note of their employer’s PIN when the employer’s son used the card previously at an ATM.

Ram Raid Attacks / ATM Theft

Arrests were made and an unopened ATM recovered in the US after the ATM was seen falling from the back of a pickup truck following a ram raid at a petrol (gas) station. A separate incident also targeting a petrol station involved the perpetrators smashing a truck into the building and using a rope to remove the ATM. In a further case, police appealed for witnesses after a man dressed in a black ‘ninja’ costume was caught on CCTV and is suspected of involvement in two failed ATM thefts.

Police in Greece forced an unknown number of suspects to abandon an ATM removed from a bank in Athens.

The brick wall of a supermarket was destroyed in a ram raid attack using a large forklift truck in the UK. The suspects escaped with an estimated £21,000 by loading the ATM onto a pickup truck.

Luxemburg police responded to a call from a member of the public who had witnessed an attempted ATM ram raid. Steel cable was attached to the ATM which had been pulled from its installation by a four wheel drive vehicle. The ATM security enclosure was intact.

Four criminals were sentenced to a total of 17 years in the UK following a number of ATM attacks. The thefts and damage to property was estimated at £500,000.

Suspects failed to pull an ATM from a store in New Zealand. Police believe they will be able to identify the suspects from CCTV recordings of the attack.

A suspect died after crashing his get-away vehicle in Japan in January. The ATM which had been removed using an excavator was later recovered unopened.

Explosive Attacks

Two persons were killed and twenty injured following an ATM explosive attack in Colombia. It is thought that a 5kg bomb was used to attack the ATM in Bogota. The explosion caused the first floor of the building to collapse.

Explosive attacks against ATMs in South Africa continued in January. Police recovered firearms and explosives amongst other stolen property following a raid on premises linked to stolen electrical appliances. It is believed the explosives were to be used against ATMs.

Police in China arrested a suspect following a small explosion on a bus. The suspect also admitted plotting to explode bombs at a newspaper office which he blamed for incorrect lottery information and a bank because he was dispensed five counterfeit notes from an ATM.

Despite a questionable success rate, explosive gas attacks against ATMs in Australia continued regularly throughout January. Police arrested another suspect believed to be linked to ATM explosive gas attacks and seized gas tanks and a firearm.

Card Trapping

Card trapping including the use of Lebanese loops to jam the victim’s card in the ATM card reader appeared to increase steadily during January, particularly in the UK.

False Deposit Fraud

Instances of false deposit fraud continued during January. Primarily in the US and Canada, funds were withdrawn against empty deposits envelopes.

The above digest is provided by DFR Risk Management, who provide consultancy services advising ATM and self-service terminal deployers, manufacturers as well as law enforcement agencies on how to manage ATM and self-service terminal fraud and security threats.
Contact us for a free initial consultation:





Copyright © 2024 All Rights Reserved.
Sponsored by DFR Risk Management, specialist consultancy services in ATM security. is focused on ATM Fraud and ATM Security related issues, providing insight, intelligence and information via ATM security news, the ATM security knowledge centre, and ATM security articles.