Digital Transactions Authoritative, insightful and timely information for payments professionals
ATM deployers reporting a “general increase” in physical and fraudulent attacks on their machines declined to 42% this year from 51% in 2015, according to new data from the ATM Industry Association.
While that overall finding was good news, skimming, PIN compromises, malware, and other types of fraud-related attacks on ATMs remain significant problems for deployers, as well as outright thefts or damage to the machines when crooks try to steal cash physically.
“The wide range of types of attack, as well as the technologies and tools used by fraudsters, remains a daunting challenge, which calls upon us to stay vigilant and cooperate with law enforcement in stamping out crimes targeting ATMs,” ATMIA chief executive Mike Lee, said in a statement. The ATMIA is a global trade association comprised mostly of retail ATM deployers that has dual headquarters in Sioux Falls, S.D., and London.
The association commissioned consultant Douglas Russell of DFR Risk Management Ltd. to do the study. Russell, a former security executive at ATM manufacturer NCR Corp., obtained responses from 51 deployers worldwide for this year’s study, including 18 in the U.S., 14 in Europe, and three in Canada.
Deployers that had experienced some type of fraud attack over the preceding 12 months identified skimming as the most common attack method of 13 discussed, with 24.2% of respondents naming it. Next were PIN observation, 19.2%, and deposit fraud, 12.4%, according to the ATMIA. Some 3.2% of respondents named “shimming,” the theft of data from EMV chip cards.
Half of respondents thought incidents of fraud from invisible “deep-insert” skimmers that capture card data were increasing. And 60% said skimming from partially visible “throat-inlay” skimmers was rising.
Nearly 75% of the deployers had no knowledge of or had not experienced malware fraud that compromised card data during the preceding year. But among the deployers that had, 69.2% believed malware incidents were increasing, according to the findings.
Malware can be involved in other types of ATM fraud, including “jackpotting” in which the malicious software tells the ATM to dispense cash without an approval from the legitimate authorization system. While 72.6% of the respondents had not experienced or had no knowledge of jackpotting of their machines during the past year, among the victims, 39.3% blamed malware while the rest ascribed the crime to “black box” equipment that induced the dispensing of cash. More than 90% of victims believe malware-induced jackpotting is increasing, according to the ATMIA.
In fact, computer-security firm Trend Micro Inc. reported Tuesday that it had detected a new family of ATM malware, dubbed Alice. Trend Micro said in a blog post that Alice “has been in the wild” since at least October 2014.
“Unlike other ATM malware families, Alice cannot be controlled via the numeric pad of ATMs; neither does it have information-stealing features,” the post says. “It is meant solely to empty the safe of ATMs.”
